SymbolFinder
Symbol FinderSymbolFinder
(c) 2008 deroko of ARTeam
This small program is designed to locate structs, enums, and symbols from ntoskrnl.exe, and
guess what, it's OPEN SOURCE!!!
Googling for some samples of symbol listers is kinda hard, as there is no any open source
symbol lister availalbe (or I couldn't find it), so here is source code which might help
ppl to figure how to deal with symbols...
Program only tries to locate ntosknrl.exe/ntkrnlpa.exe/ntkrnlmp.exe and loads proper symbols
for running kernel, this is required as when you specify -a option, it will give you symbols
name and it's address in used(running) kernel.
Usage:
SymbolFinder.exe <name_of_struct or enum_type>
SymbolFinder.exe -s - list all structures from ntos pdb file
SymbolFinder.exe -e - list all enums from ntos pdb file
SymbolFinder.exe -a - list all symbols with addresses in running ntos
Well that's it...
deroko of ARTeam
Download:
http://deroko.phearless.org/SymbolFinder.rar 这个好象是个插件,米图可抓啦! 小生又搞了个新东东来了啊,可惜我不会用。 确实不知道干什么的?可惜 全英文,英文帝
页:
[1]