Posts

Showing posts from September, 2009

Use cdb to see what files your application is opening.

In this post I'll show you how to use CDB to intercept CreateFile and see what files your application is opening. For this problem, Process Monitor is often a better tool, but the techniques I demonstrate work for any API you should learn them. This won't take much time, so if you've never done this before I recommend you follow along. First Load CDB against cmd: C:\Program Files\Debugging Tools for Windows (x64)>cdb.exe cmd.exe Microsoft (R) Windows Debugger Version 6.12.0000.526 AMD64 Copyright (c) Microsoft Corporation. All rights reserved. CommandLine: cmd.exe Symbol search path is: *** Invalid *** **************************************************************************** * Symbol loading may be unreliable without a symbol search path. * * Use .symfix to have the debugger choose a symbol path. * * After setting your symbol path, use .reload to refresh symbol locations. * ******************