-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathchangelog
192 lines (152 loc) · 9.12 KB
/
changelog
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
version 0.0.20 05/10/2011
[+] added : routine getProcessorType ( return type of physical processor )
[+] added : routine breakin ( Break into debugger )
[+] added : cpuReg constructor with index parameter
[+] added : attachProcess routine ( attach debugger to the exsisting process )
[+] added : attachKernel routine ( attach debugger to a kernel target )
[+] added : TypedVar instantiation by symbol name
[+] added : Exception debug event
[+] added : assembly method for disasm class
[+] added : debuggerPath routine ( Return full path to the process image that uses pykd )
[!] fixed: issue 9219 ( the call of the go() routine results in a deadlock for multithreading app )
[!] fixed: issue 9518 ( Problem with dbgCommand('!analyze -v') )
[!] fixed: issue 9555 ( dbgModuleClass.name() corrupts output )
version 0.0.19 28/07/2011
[+] added : typedVar::data method ( Return raw string object with data stream )
[+] added : setMSR routine ( Change MSR value )
[+] added : intBase class
[+] added : cpuReg class ( representing "live" CPU register )
[+] added : printing traceback for !py and !pycmd
[+] added : class disasm
[!] fixed: issue 8657( !pycmd does not allow to define functions )
[!] fixed: issue 8655 ( Unnamed structure/unioin not added to fields of typedVarClass )
[!] fixed: issue 8927 ( typedVar does not convert enumeration type to int )
[!] fixed: issue 9202 ( module object return offset = 0 for non existing symbol )
version 0.0.18 25/05/2011
[+] added : rdmsr routine ( Return MSR value )
[+] added : typeException, memoryException classes and their translation into python
[+] added : typeInfo class
[+] added : loadWChars routine
[+] added : callback for load/unload modules
[~] removed : typeClass class
[!] fixed : issue 8669 ( typedVar() creates an object for a non-existent structure type )
[!] fixed : issue 8655 ( Unnamed structure/unioin not added to fields of typedVarClass )
version 0.0.17 15/04/2011
[+] added: isDumpAnalyzing function. Check if it is a dump analyzing or live debuggiv
[+] added : loadChars routine. Load raw buffer.
[+] added : docstrings for all functions and classes
[+] added : checksum() and timestamp() methods for dbgModuleClass
[+] added : callbacks for bp class ( breakpoint )
[~] removed : isSessionStart() function
[~] updated : typedVarList can parse lists with LIST_ENTRY and lists with links pointing to the head of the next element
[!] fixed : issue 8470 ( python.exe crashes after first pykd call )
[!] fixed : issue 8614 ( go() works incorrectly while process is terminating )
[!] fixed : issue 8499 ( !py command crashs with wrong script's path )
[!] fixed : issue 8578 ( findModule returns None for WOW64 process )
[!] fixed : issue 8493 ( loadPtrs returns dict instead list )
[!] fixed : issue 8469 ( dprintln does not work in console mode )
version 0.0.16 03/03/2011
[+] added : isValid() routine; it validates virtual address
[+] added : image() and pdb() method for dbgModuleClass class. They return paths to pdb and image files.
[+] added : function getTypeClass() - create instance of typeClass by module an type name
[+] added : addSynSymbol function adds a synthetic symbol to a module by virtual address
[+] added : dbgModuleClass::addSynSymbol method adds a synthetic symbol by offset related to module base
[+] added : dbgStackFrameClass::print()
[+] added : dbgBreakpointClass::print()
[+] added : dbgExtensionClass::print()
[+] added : dbgModuleClass::print()
[+] added : startProcess routine for live user-mode debugging
[~] updated : loadArray returns python list, not dict
[~] updated : typedVar routine will return None if varibales's address is invalid.
[~] updated : loadDump routine returns bool now ( not string )
[~] updated : createSession routine is depricated now
[!] fixed : issue #8336 ( typedVar returns value with wrong type of fields )
[!] fixed : infinity loop on x32, if passed into typedVarList() address is not cast to addr64-format. condition in for(): entryAddress != address
[!] fixed : issue 8458 ( doubled output in windbg )
version 0.0.15 04/02/2011
[+] added : locals() routine; it returns local var for current scope
[+] added : typedVarArray routine
[~] updated : dbgModuleClass constructor fills symbol cache for optimization
[!] fixed : issue #8236 ( dprint/dprintln/print doesn't work with unicode string )
[!] fixed : issue #8229 ( loadModuel("some_drv") - out message "IDebugSymbol::Reload failed" )
[!] fixed : issue #8239 ( ptrSignByte returns str value )
version 0.0.14 17/01/2011
[+] added : __getattribute__ method for dbgModuleClass class to simplify access to module symbols's offsets
[+] added : __str__ method for typedVar class, so it can be outputed by print operator
[!] bug fixed: issue #8103 ( !py windbg extension imports modules into the global space )
[~] changed: eval() renamed to expr()
version 0.0.13 27/12/2010
[+] added : go, step, trace routine for control execution
[+] added : bp class for control breakpoints
[+] added : ptrMWord, ptrSignMWord for reading target's machine word ( 32 or 64 bits ) from memory\
[+] added : eval routine for evaluation windbg expression
[!] fixed : issue #6782 ( typedVar works very slowly )
version 0.0.12 27/11/2010
[+] added : getCurrentPorcess, setCurrentProcess routines
[!] fixed: loadModule return None for non existin module with out outputing error message
[+] added : getProcessorMode, setProcessorMode routines;
[+] added : sample stacks.py
[+] added: getThreadList routine; returns thread object's ptr list
[!] fixed : loadTypedVar for unnamed union tag ::<unnamed-tag>
[!] fixed : loadMemory does not throw exception and return false
[!] bug fixed: issue #7727 ( loadUnicodeString returns empty string )
[+] added: isKernelDebugging routine
[+] added: windbg snippet displaying IAT for module
[!] bug fixed: findModule does not work for address < 4GB
version 0.0.11 22/11/2010
[!] bug fixed: issue #7717 ( !py command failed to find standart modules )
[!] bug fixed: issue #7718 ( sys.argv[0] does not contain script name )
[!] bug fixed: issue #7697 ( raw_input does not work )
[+] added: windbgIn windbgOut class for redirecting in/out from stdin/stdout
[!] bug fixed: issue #7688 ( dbgIsSessionStart returns false after dbgCreateSession call )
version 0.0.10 12/11/2010
[!] updated: loadUnicodeStr routine returns unicode string ( instead of ansi string )
[!] bug fixed: issue #7623 ( memory routines failed to work at wow64 application )
[+] added: windbg snippet displaying list of export for module
[+] added: loadCStr, loadWStr routine added ( loading c-style string )
[!] typedVar routine fixed: loading array of complex type
version 0.0.9 03/11/2010
[+] added: windbg snippet displaying GDT entries
[+] added: windbg snippet displaying VMCS structure ( Intel-VT virtualization context )
[!] bug fixed: issue #7528 ( loadBytes raises error "did not match C++ signature" )
[+] added: windbg snippet displaying CR0 register
[+] added: windbg snippet displaying CR4 register
[+] added: !py windbg command can work without python script file extension ".py"
version 0.0.8 27/10/2010
[+] added: physical memory read support ( for loadBytes, loadWords etc)
[+] added: !pythonpath windbg command - print enviroment var $pythonpath
[+] added: !py windbg command uses $pythonpath var for search scripts
[+] added: ptrSize routine ( returns pointer's size at the target platform )
[!] bug fixed: issue #7164 ( loadTypedVarList can fall in infinite loop )
[+] added: sizeof routine ( returns size of type )
[+] added: sizeof method for typedVarClass ( return size of var in memory )
version 0.0.7 20/08/2010
[+] added: getImplicitThread routine( get address of the current thread )
[+] added: setImplicitThread routine ( change current thread context )
[+] added: dbgStackFrameClass class ( information about stack frame )
[+] added: getCurrentStack routine ( get current stack as collections of dbgStackFrameClass object )
[+] added: loadLinkedList routine
[+] added: getPdbFile routine
[+] added: reloadSymbols
[!] bug fixed: issue #6862 ( loadUnicodeString for x64 target does not work )
version 0.0.6 09/08/2010
[+] added: dbgExtensionClass class for calling windbg extension command from python script
[!] bug fixed: issue #6812 ( windbg ext command !py does not work with full path )
[+] added: !pycmd command for windbg extension
version 0.0.5 03/08/2010
[!] fixed: issue #6769 ( Args parsing is not supporting quoting )
[+] added: proclist.py sample
[+] added: loadTypedVarList routine
[!] fixed: typedVar
version 0.0.4 29/07/2010
[+] added: loadUnicodeString routine
[+] added: loadAnsiStr routine
[+] added: drvobj.py sample
[+] fixed: issue #6747 ( windbg script's call parameters passing into python script added )
version 0.0.3 28/07/2010
[!] bugfix: typedVar
[+] routines for loading integer value by pointer ( PtrByte, PtrSignByte, PtrWord ... ) added
[+] routines for loading array with sign extending( loadSignBytes, loadSignWords ... ) added
[+] routines for loading array ( loadBytes, loadWords ... ) added
[+] ssdt.py sample added
[+] idt.py sample added