Symbol Finder
SymbolFinder
(c) 2008 deroko of ARTeam
This small program is designed to locate structs, enums, and symbols from ntoskrnl.exe, and
guess what, it's OPEN SOURCE!!!
Googling for some samples of symbol listers is kinda hard, as there is no any open source
symbol lister availalbe (or I couldn't find it), so here is source code which might help
ppl to figure how to deal with symbols...
Program only tries to locate ntosknrl.exe/ntkrnlpa.exe/ntkrnlmp.exe and loads proper symbols
for running kernel, this is required as when you specify -a option, it will give you symbols
name and it's address in used(running) kernel.
Usage:
SymbolFinder.exe <name_of_struct or enum_type>
SymbolFinder.exe -s - list all structures from ntos pdb file
SymbolFinder.exe -e - list all enums from ntos pdb file
SymbolFinder.exe -a - list all symbols with addresses in running ntos
[复制链接]
发表于 2008-7-20 16:12
|
发表于 2008-7-20 16:12
发表于 2008-7-20 17:24
