icebox
icebox copied to clipboard
thalium
error while downloading symbols
After downloading ntkrnlmp.pdb the program stucked while running symbols.py @ line 200 and no error was reported.
try this one
python3 $icebox_dir/src/icebox/icebox_py/symbols.py check win10
and report back its output
errorlog.txt It seems there isn't any errors. all the errors following is just because the download command failed to download all the pdb symbols. It just downloaded the first symbol file(ntkrnlmpa.pdb) in 5 second and then get stuck.
It looks like it's just missing ntdll symbols which you can download with the following command
python $icebox_dir\src\icebox\icebox_py\symbols.py pdb B54F3499813EBCF139AEFDD664E98FDD1 ntdll.dll
I've tried it and got 404 which mean the pdb symbols have not been made available by Microsoft. May I ask which windows version are you trying to analyze ?
It's Windows 10 1903 inner version 10.0.18362.30. So the problem is just because this version of pdb file cannot be correctly downloaded? lol
I reinstalled my guest windows and tried again, but sadly it still doesn't work.
The command line was wrong, try this:
python $icebox_dir\src\icebox\icebox_py\symbols.py pdb B54F3499813EBCF139AEFDD664E98FDD1 ntdll.pdb
Which work correctly for me
Yes, I manully downloaded all pdb file from windows and now it just report few pdb errors.