From Collaborative RCE Tool Library

Jump to: navigation, search

WinDbg Struct Converter

Tool name: WinDbg Struct Converter
Rating: 0.0 (0 votes)
Author: ZaiRoN                        
Website: http://www.woodmann.com/forum/showthread.php?t=11120
Current version: 1.0
Last updated: January 1, 2008
Direct D/L link: Locally archived copy
License type: Free
Description: How many times did you create a structure starting from Windbg's dt command output? It sometimes happens especially if you use Ida or if you need to code something. It’s something that makes me feel unhappy. It’s a boring job for sure, particularly when you have to deal with big structures (i.e. ethread). There are some ready made definitions online, but there’s not a standard definition for a single structure. Most of the time it depends on the OS you are running on.

All I want to do is to convert dt’s output into a struct definition. The output to convert is something like (obtained by Windbg using "dt _list_entry" command):

ntdll!_LIST_ENTRY
+0×000 Flink : Ptr32 _LIST_ENTRY
+0×004 Blink : Ptr32 _LIST_ENTRY


And this is what I want to generate:

typedef struct _LIST_ENTRY
{
struct _LIST_ENTRY* Flink; // 0×000
struct _LIST_ENTRY* Blink; // 0×004
} LIST_ENTRY, *PLIST_ENTRY;


I’m not a Windbg guru and I don’t know if there is a quickest way, so the idea is to write something able to perform (almost all) the convertion.

The gui is pretty simple, it contains two edit boxes and two buttons, nothing more. The conversion process starts by pressing the “Convert” button, the program converts the data stored inside the clipboard. The left box will be filled with the clipboard’s contents while the other box will contain the converted structure.
Related URLs: No related URLs have been submitted for this tool yet


Screenshot:
Screenshot of WinDbg Struct Converter


RSS feed Feed containing all updates for this tool.

You are welcome to add your own useful notes about this tool, for others to see!



If you find that any information for the tool above is missing, outdated or incorrect, please edit it!
(please also edit it if you think it fits well in some additional category, since this can also be controlled)


Views
Category Navigation Tree
   Code Coverage Tools  (13)
   Code Ripping Tools  (2)
   Helper Tools  (3)
   Hex Editors  (13)
   Memory Patchers  (7)
   Packers  (20)
   Profiler Tools  (11)
   String Finders  (10)
   Tool Hiding Tools  (7)
   Tracers  (22)
   Needs New Category  (3)