Skip to content

Instantly share code, notes, and snippets.

@mvankuipers

mvankuipers/tf-article2-windbg-19.txt Secret

Created August 13, 2017 22:26
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save mvankuipers/5855443f86f15b7597e624ccde3eb58d to your computer and use it in GitHub Desktop.
Save mvankuipers/5855443f86f15b7597e624ccde3eb58d to your computer and use it in GitHub Desktop.
Download ZIP
Raw
tf-article2-windbg-19.txt
kd> !process 0 0
**** NT ACTIVE PROCESS DUMP ****
PROCESS ffffa50dcea99040
SessionId: none Cid: 0004 Peb: 00000000 ParentCid: 0000
DirBase: 001aa000 ObjectTable: ffffd385360012c0 HandleCount: 2376.
Image: System
PROCESS ffffa50dcee27140
SessionId: none Cid: 01f4 Peb: dbfb731000 ParentCid: 0004
DirBase: 138ab8000 ObjectTable: ffffd38536339d40 HandleCount: 52.
Image: smss.exe
PROCESS ffffa50dcfb467c0
SessionId: 0 Cid: 0248 Peb: 5faaf3c000 ParentCid: 0240
DirBase: 138f83000 ObjectTable: ffffd385363d0f00 HandleCount: 531.
Image: csrss.exe
...
PROCESS ffffa50dd1070380
SessionId: 1 Cid: 097c Peb: 6f29798000 ParentCid: 02b4
DirBase: 1500d000 ObjectTable: ffffd3853d7ed380 HandleCount: 37.
Image: memdemo.exe
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment