I debug the application in the place where it uses the dialog box to get some information from the user, and then does some processing of this information. By setting a breakpoint on USER32! CreateDialogParamW I found the address of my dialog procedure.
At first, I just wanted to break when the procedure receives the WM_COMMAND message, so I used the following command: bp 00cfa1c0 "j (dwo (esp + 8) == 0x111) ''; 'gc'"
This, unfortunately, is not enough, because the dialog procedure for some reason receives WM_COMMAND messages, even when ALT-TABbing between WinDbg and the application. So now I want it to crash when it receives WM_COMMAND with notification code BN_CLICKED from the OK button in the dialog box. The control identifier in the dialog template is 1, and BN_CLICKED is defined as 0 in winuser.h. This means that the argument of the WPARAM dialog procedure must be 1 when you click OK.
I tried the following command: bp 00cfa1c0 "j (dwo (esp + 8) == 0x111 & dwo (esp + 12) == 0x1) ''; 'gc'". This is initially accepted, but when a breakpoint is evaluated, it complains: the numeric expression is missing from '& dwo (esp + 12) == 0x1)' '; 'Ds''
Surrounding 2 expressions with () did not help. I looked at the help file, but to be honest, that bothers me even more. I am new to WinDbg, and English is not my native language. Can someone point me in the right direction?
Thanks in advance.
PS: This is a 32-bit application for which I do not have source code.
source
share