windbg : how to find driverentry in live debugging?

Asked May 19 '23 at 04:34

Active May 19 '23 at 04:37

Viewed 12 times

Ex) if 'nt' the target...

kd> lmvm nt
Browse full module list
start             end                 module name
fffff802`1bc00000 fffff802`1cc47000   nt         (pdb symbols)  
...

kd> !dh fffff802`1bc00000
...
A71010 address of entry point
...

// not driverentry 
kd> u fffff802`1bc00000+0xA71010 L1 
nt!KiSystemStartup:
fffff802`1c671010 4883ec38        sub     rsp,38h

edited May 19 '23 at 04:37

asked May 19 '23 at 04:34

jimmy

target driver is no symbols – jimmy May 19 '23 at 04:38
See answer here: https://stackoverflow.com/a/76485893/179634 – Luke Jun 16 '23 at 16:55

windbg : how to find driverentry in live debugging?

0 Answers0