|
Security Basics
mailing list archives
Re: Memory dump
From: "Jon Wallace" <jon () b69ca com>
Date: Thu, 30 Nov 2006 10:57:30 -0500
Hi Ankur,
In replying to your email, I'm assuming your using Windows. You can set a
registry value to allow you to press CTRL and Scroll Lock twice which will
force a blue screen, and therefore a crash dump.
The Microsoft Windows Debugging site tells you how to do this along with
giving you a load of information about analyzing the dumps:
http://www.microsoft.com/whdc/devtools/debugging/default.mspx
I also found this link which tells you exactly how to do it:
http://www.hackwire.com/comments.php?id=51&catid=9
To look at your dumps, just use tools like STRINGS from SysInternals -
you'll be amazed at the information you can see, passwords, usernames,
private data etc...
Have Fun,
Jon Wallace
AppSense - http://www.appsense.com
----- Original Message -----
From: <divinepresence () gmail com>
To: <security-basics () securityfocus com>
Sent: Wednesday, November 29, 2006 1:27 AM
Subject: Memory dump
Hello all,
I wish to know how I can make a memory dump (to my HDD) to analyze the
memory contents. I tried googling but couldn't find anything.
Any help/pointers appreciated.
Thanks
Ankur
 By Date 
By Thread
Current thread:
- RE: Memory dump, (continued)
|
Intro
