#windows #kernel #api #dbg-help

moon-windows-symbols

Get windows kernel using windows DbgHelp API

1 unstable release

new 0.1.0 Nov 14, 2024

#104 in #kernel

Download history 105/week @ 2024-11-11

105 downloads per month

MIT license

7KB
132 lines

Get windows kernel using windows DbgHelp API

Start

cargo add moon-windows-symbol

Simple exampel

pub fn main(){
    let loader = SymbolLoader::new(None).unwrap();
    let address = loader
        .get_kernel_symbol_address("KeUserModeCallback")
        .unwrap();

    println!("0x{:X}", address);
}

Assign pdb download path

pub fn main(){
    let loader = SymbolLoader::new(Some("C:\\Symbols")).unwrap();
    let address = loader
        .get_kernel_symbol_address("KeUserModeCallback")
        .unwrap();

    println!("0x{:X}", address);
}

Dependencies

~127MB
~2M SLoC