.hii guys ..
i m new to heap debugging with windbg ... so during this i using book "advance debugging technique ..." . So i work out like this ..
step 1 -> get the handler of default heap .. say it is 0x00040000
step 2 -> dt _heap 00040000
then at offset 0x0c4 .. i found offset of freelist .. bt in book they said freelist offset is always at "0x178"
step 3 -> dt _LIST_ENTRY 00040000+0x0c4
then i found
+0x000 Flink : 0x00424268 _LIST_ENTRY
+0x004 Blink : 0x004252a8 _LIST_ENTRY
step 4-> dt _heap_entry 0x00424268-0x8 ... then dump struc is this ..
0:000> dt _heap_entry 0x0042460
ntdll!_HEAP_ENTRY
+0x000 Size : 0xfeee
+0x002 Flags : 0xee ''
+0x003 SmallTagIndex : 0xfe ''
+0x000 SubSegmentCode : 0xfeeefeee
THIS STRUCTURE ITSELF IS WEIRD , SIZE IS 0xfeee.. i m really tired of trying myself .. I dun know where i m doing wrong ...
can anybody help me out .. thanks ...
![[+] expand](/imagery/files/soysauce_blueprint.gif){kind=link}