Under Windows 7 x64, when I try to profile an x86 executable with the latest version of Dependency Walker (2.2.6000) the profiling process always hangs at a certain point. Most of the time the last DLL that is loaded is c:\windows\syswow64\URLMON.DLL, so it seems that something inside that DLL is causing a problem. Profiling the same executable on Windows 7 x86 works flawlessly.
I have googled quite extensively, but couldn't come up with a solution to the problem. One suggestion that I found was to uninstall IE 8 or IE 9 and replace it with IE 7, but this doesn't really help. The only effect that I can observe is that with IE 7 the profiling process hangs at a different DLL (iertutil.dll, if I remember correctly, also from the system's syswow64 folder).
So my question is: How can I get Dependency Walker to profile x86 applications on x64 Windows 7? Of course, it would also be nice to know why the problem exists in the first place :-)
Some final notes:
I am using the x86 version of Dependency Walker because I want to profile an x86 executable
Running Dependency Walker as administrator does not help
All profiling options marked as "may fail on WOW64" are disabled
The executable I am currently using as a test case to reproduce the problem is the Sumatra PDF viewer (download link) because it is a simple .exe that does not need installation
Updated instruction based on #Stone Free's comments
The download link you need has changed to:
https://www.microsoft.com/en-us/download/details.aspx?id=42273
Go down to the 2. Install WDK 10 section and select the download:
Locate and run the Wdk setup (wdksetup.exe) from stage 2, then choose the download option rather than install.
Once completed locate and run DownloadLocation\Windows Kits\10\WDK\Installers>"Windows Driver Kit-x86_en-us.msi"
Then you will find Dependency Walker at:
C:\Program Files (x86)\Windows Kits\10\Tools\x64\depends.exe for the 64 bit version
C:\Program Files (x86)\Windows Kits\10\Tools\x86\depends.exe for the 32 bit version
Which is Dependency Walker version 2.2.10011 built 2015-10-29
A handy tool is to use https://github.com/juntalis/depends-launcher which is a simple launcher for Dependency Walker that determines the platform (x86|x64|ia64) of an windows image (dll, exe, etc) and launches the appropriate version of depends.exe to view its dependencies. It's main purpose is for use in a context menu entry to easily view an image's dependencies.
The latest currently known version of Dependency Walker seems to be the 2.2.10011 from 2015-10-29 (links below).
It was deployed with some Windows Development Kit for Windows 10 but the version that it contained is not available anymore from the Microsoft Pages and all the newer Versions does not contain it anymore for unknown reason.
Maybe because also the latest versions have some Problems with the Dynamic-Link Library Redirection or other performance issues. (Using dependency walker under windows 10 seems to be a lot more slow and cumbersome than at previous windows versions - but still great tool for the job)
Following Versions are available:
2.2.10011 (2015-10-29)
unofficial available from this development blog - download at own risk
https://zzz.buzz/2017/05/18/download-dependency-walker/
2.2.9600 (2013-08-22)
available through the WDK 8.1
https://www.microsoft.com/en-us/download/details.aspx?id=42273
after installation present in C:\Program Files (x86)\Windows Kits\10\Tools\[Arch]\depends.exe
2.2.6000 (2006-10-28)
available from official authors website
http://www.dependencywalker.com/
Potential replacement:
For simple tasks the Github project lucasg/Dependencies may be worth to be checked out. But it currently does not support profiling a running app to debug broken runtime dependencies as depends.exe can do.
I've had to switch to using a GitHub project: Dependencies.
As of Windows 10 1809 (10.0.17763) I'm unable to run even depends.exe version 2.2.10011 included in 10.0.10586.0 WDK.
I ran into the same problem and I discovered it is fixed in the latest version of Dependency Walker. I compared 2.2.6000 versus 2.2.8288 and the problem exists in the former but not the latter. However, you will probably have to wait for the Windows 8 WDK to be released to the public in order to get the latest version.
Related
I'm currently trying to learn Assembly for x64 Windows. I tried the example code from this Intel website,
but whenever I try to compile it with the command given in the document:
ml64 hello.asm /link /subsystem:windows /defaultlib:kernel32.lib /defaultlib:user32.lib /entry:Start
I always get an
LNK1104 error
I know that it means the compiler can't find the library file, I googled the problem and quickly found that I need Visual Studio with Windows SDK, which I downloaded and installed. But still can't find a kernel32.lib or user32.lib in any files other than the Windows system files.
I tried everything and I simply can't fix it. I hope someone could help figure this out.
There is a well-known MASM32 SDK available created by hutch--. This package contains the requested libraries in a (legacy) 32-bit version.
But there is also a 64-bit update of that famous package by hutch--:
Current build of the 64 bit MASM SDK.
It should contain the .inc and .lib files you need and more...
This is the current build of the 64 bit MASM SDK. This one is a lot closer to complete and with the correct Microsoft binaries added to it, it is capable of building a wide array of application types. It can be use in 2 different ways, it should be unzipped from the root directory of the partition that it is being installed on. You can either manually add it to an installation of the MASM32 SDK OR you can install it on a partition that does not have MASM32 on it and simply rename the buildx64 directory to MASM32. Installing it on another partition is the preferred technique as QE has its menus and accessories set up for building 64 bit code.
You still need to add the Microsoft binaries which would typically be from an installation of vs2017 or from an earlier version for Win7 64. In the bin64 directory there is a file called "Microsoft_File_List.txt" which shows the files you need. The list is from the current version of Visual Studio 2017 version and if this is the version you have, use the ML64 from the "x86_amd64" directory that is 402,584 bytes in size.
In the "buildx64" directory is a batch file called "makeall.bat". This must be run to build all of the libraries and include files.
They are the gold standard of Windows assembly developing.
SAP NWDS (Netweaver Developer Studio) is only supported on Windows 10 and only on a SAP jvm -- see also SAP Note 2546316
as NWDS is actually eclipse neon with some additional SAP plugins, I wondered why.
My requirement is to run it on a Windows Server 2008 R2, and soon I may need to run NWDS on a recent Mac Book Pro.
Current Behaviour
If I run it on a Windows 10 laptop, everything is fine.
If I run it on WinServer, the thing runs like if it is a plain eclipse (not loading any SAP Plugins)
Apparently the NWDS is checking somewhere for the OS flavor and the JVM manufacturer.
What I achieved so far
I run it on a SAP jvm using -vm Parameter in eclipse.ini
I added -Dos.name=Windows 10 and -Dos.version=10.0 params, and some of the SAP plugins loaded -- but not all!
In the JCo plugin folder, I tried replacing the binary files (DLL and one other file) by corresponding OS versions I got from the SAP market place)
Questions
Well, how to get NWDS 7.5 to run on Win Server (and later, on a Mac)
Partial achievment would be to get ecpipse to spit out more infos on WHY/WHICH plugins didn't get loaded --- found no information (maybe I'm too dumb for that)
UPDATE 20.08.2018
Answering question 2: Eclipse Runtime Options => options eclipse.log.*
and found the logs in the configuration subfolder of installation folder.
=> error is definitely not being able to load the native part of the JCo Plugin
org.osgi.framework.BundleException: Could not resolve module: com.sap.jco3 [463]
Unresolved requirement: Require-Capability: osgi.native; native.paths:List<String>="sapjco3.dll"; filter:="(&(osgi.native.osname~=win32)(osgi.native.processor~=x86_64))"
Well,
the answer (at least in resp. to Win Server 2008 R2) is
run on a SAP jvm (Download) using -vm parameter in your eclipse.ini
very important: use the -clean option in your eclipse.ini after switching to SAP jvm, as this will rebuild the plugin list.
The answer to the partial (logging) question is already in an update in the original question, but nevertheless:
Eclipse Runtime Options => Use options eclipse.log.*
and find the logs in the configuration subfolder of installation folder.
I want to load MSEC.dll in windbg Version 6.12.0002.633 X86.
when I use the command !load MSEC.dll
it says:
The call to LoadLibrary(MSEC.dll) failed, Win32 error 0n127
"The specified procedure could not be found."
Please check your debugger configuration and/or network access.
I changed the version to 6.11 and I also installed visual studio 12 run time with version 12 but it doesn't work!
Is there any way to handle this issue?
When we extract Bang Exploitable (!Exploitable) it creates 2 Folders:
x64
x86
Open the folder as per your Project Bit Size. Now inside that folder, you will get 2 another folders:
Release
Debug
Copy the files from release folder to the folder that contains the executable of windbg.
Sometimes you may also need to change the version of windbg for making it compatible with bang exploitable.
Download
http://download.microsoft.com/download/A/6/A/A6AC035D-DA3F-4F0C-ADA4-37C8E5D34E3D/setup/WinSDKDebuggingTools/dbg_x86.msi
I had the same issue (winxp sp3, windbg 6.12..., !exploitable 1.6). Installing CRT 11 runtime did not work for me. So, the only solution I've found is to use the older version of !exploitable (1.0.6), you can download it here: https://msecdbg.codeplex.com/releases/view/28935
I spent all morning trying to figure this out.
Codeplex was retired in 2021 and this assembly appears to be abandoned by MS so it's difficult to find information.
The site I'm linking to below indicates that you need the Visual C++ 2012 redistributable installed on the target machine to remove this issue.
The same site also statically linked the required files in the source code and rebuilt with VS2017. I downloaded the altered DLL and am now able to load msec.dll with the full path to the assembly in the command.
https://blog.didierstevens.com/2018/07/17/exploitable-crash-analyzer-statically-linked-crt/
usually I deploy my Java apps as a bundle which contains the JVM, so there's no need to install a JVM on the system.
Btw: This is no jnlp applet, this is a normal Swing Application.
I did this using ant's fx:deploy. This already works for 64bit systems.
My problem is, that I want to deploy this application to a 32bit system and don't get it to work.
Here's what I did:
I've set up a clean Windows 7 (32bit) instance and installed a 32bit JVM. Now i ran my ant script to build a bundled Java app and it built a App.exe.
But when I tried to start this exe by double clicking, I get the following message box
If I click OK, I get another message box
After this the app is terminated.
I did not find anything searching the web relating to bundling for 32/64 bit systems.
So I would be very glad if someone can point me in the right direction.
Many thanks in advance!
Greetings, -chris-
Looks like a known bug fixed for an upcoming JavaFX version (currently known as 2.2.40):
RT-25715 The Windows launcher generated by the packager fails to load msvcr100.dll on 32-bit OS
RT-22610 .exe created by fx:deploy can't be executed due to missing msvcr100.dll
On the bug case, the user mentions a work-around:
If I give a try to the workaround documented in RT-22610, which is to copy runtime\jre\bin\msvcr100.dll side to my application's launcher binary, it fixes it.
I think the bug is fixed in JDK 8, so another possible work-around is to download a JDK 8 early access release and use the packaging tools from there to package a Java 7 application (though I have never tried that and am not sure if it would work).
Just a small modification to #jewelsea's Fix:
copying msvcr100.dll into the app/ folder instead putting it right next to the exe also works, and at least it is somewhat hidden away then.
If you're generating an MSI you can hack the WXS file used by WIX to automatically copy msvcr100.dll into the app folder. Making FX Deploy verbose will tell you where it's putting the temporary WXS file you can copy and modify and use to override the WXS like you would the program icon for example.
I just installed wdk 7600.16385.1(from here) ,
and find windbg is missing even though I've chosen to install all components.
Is it officially removed from wdk now?
If that's the case,why?
WinDbg is shipped as a part of the Windows SDK. Please, check this link: http://msdn.microsoft.com/en-us/windows/hardware/gg463016.aspx. Install latest Windows SDK, and WinDbg can be found in C:\Program Files\Microsoft SDKs\Windows\v7.1\Redist\Debugging Tools for Windows.
Mine was somehow installed in the directory C:\Program Files\Debugging Tools for Windows (x64)
It's contained in my (installed) copy of this exact WDK build (C:\WINDDK\7600.16385.1\Debuggers\windbg.exe). So no idea why it wouldn't be in yours.
Also, to my knowledge WinDbg was moved into the WDKs (and SDKs), with newer versions not being available through other channels, rather than out of them.