📚 OpenRCE is preserved as a read-only archive. Launched at RECon Montreal in 2005. Registration and posting are disabled.





About Articles Book Store Distributed RCE Downloads Event Calendar Forums Live Discussion Reference Library RSS Feeds Search Users What's New


Customize Theme

Flag: Tornado! Hurricane!

 Forums >>  Debuggers  >>  Python PDB Parser

Topic created on: September 12, 2005 00:03 CDT by pedram .

Does anyone know of a Python lib for parsing .pdb files?

  anonymouse     September 12, 2005 06:22.00 CDT
well i dont know if a python lib exists or not
but there exists some pdbdumpers made by various people
notable among them are
andrew-de-quincyes pdbdump in sourceforge(has a c++ wrapper to the com interface of dia sdk )
matt-pietreks debughelpdemo in wheaty.net (comes with source as well as a precompiled binary)

apart from that there are other utilities like
w2k_pdbx (pdb exploder by sven b schreiber)
clive turveys (sourcer authour) toys.exe
and you can also take a took at oleg-starodumovs
debuginfo.com (has some utilities that deal with pdb files)

  asotirov     June 23, 2006 20:39.01 CDT
Do you want to actually parse the PDB files, or just wrap the DbgHelp API for loading them? The PDB file format is undocumented and I don't know of any tools that actaully use it directly. You should talk to Luis, he was doing some work on reverse engineering PDB files.

  pedram     June 24, 2006 00:10.48 CDT
Alex,

Good call. I did speak to Luis this past weekend and it looks like I'll be able to build on his work.

  AlexIonescu     June 24, 2006 03:03.31 CDT
I know Luis had his own reasons for reversing the actual format and making a DbgHelp-independent parser, but personally, I'd still recommend using DIA or DbgHelp and writing a wrapper around it. *Nothing* stops MS from releasing a completely different PDB format in Orcas, which you'd have to re-code for. Also, PDBs have slightly changed in each version, so you'll have to handle the logic manually. If you use DIA, you get documented and powerful routines, and a guarantee they'll keep working. Of course, the problem is DIA only comes with MSVC 2003/2005, which does kind of suck... And DbgHelp itself doesn't have all the features so neatly exposed.

  asotirov     June 25, 2006 22:23.18 CDT
I only have experience with DbgHelp. What is the benefit of using DIA instead? Does it offer access to more symbol information than DbgHelp? Is it updated more often?

Note: Registration is required to post to the forums.

There are 31,328 total registered users.


Recently Created Topics
[help] Unpacking VMP...
Mar/12
Reverse Engineering ...
Jul/06
let 'IDAPython' impo...
Sep/24
set 'IDAPython' as t...
Sep/24
GuessType return une...
Sep/20
About retrieving the...
Sep/07
How to find specific...
Aug/15
How to get data depe...
Jul/07
Identify RVA data in...
May/06
Question about memor...
Dec/12


Recent Forum Posts
Finding the procedur...
rolEYder
Question about debbu...
rolEYder
Identify RVA data in...
sohlow
let 'IDAPython' impo...
sohlow
How to find specific...
hackgreti
Problem with ollydbg
sh3dow
How can I write olly...
sh3dow
New LoadMAP plugin v...
mefisto...
Intel pin in loaded ...
djnemo
OOP_RE tool available?
Bl4ckm4n


Recent Blog Entries
halsten
Mar/14
Breaking IonCUBE VM
oleavr
Oct/24
Anatomy of a code tracer
hasherezade
Sep/24
IAT Patcher - new tool for ...
oleavr
Aug/27
CryptoShark: code tracer ba...
oleavr
Jun/25
Build a debugger in 5 minutes
More ...


Recent Blog Comments
nieo on:
Mar/22
IAT Patcher - new tool for ...
djnemo on:
Nov/17
Kernel debugger vs user mod...
acel on:
Nov/14
Kernel debugger vs user mod...
pedram on:
Dec/21
frida.github.io: scriptable...
capadleman on:
Jun/19
Using NtCreateThreadEx for ...
More ...


Imagery
SoySauce Blueprint
Jun 6, 2008

[+] expand

View Gallery (11) / Submit