.load pykd.pyd is wrong

[letitbezh]

0:001> .load pykd.pyd
The call to LoadLibrary(pykd.pyd) failed, Win32 error 0n126
"找不到指定的模块。"
Please check your debugger configuration and/or network access.

but i am in internet and set the symbol path

[corelanc0d3r]

if pykd.pyd fails to load, then please check the following items:

1. make sure pykd.pyd is stored in the winext folder
2. check the properties of pykd.pyd and make sure it is "unlocked" (by default, the file is considered "locked" because it was downloaded from the internet
3. launch windbg with admin permissions
4. try .load pykd.pyd again

thanks

[bparadisayuda]

0:009> .load pykd.pyd
The call to LoadLibrary(pykd.pyd) failed, Win32 error 0n126
"The specified module could not be found."
Please check your debugger configuration and/or network access.

Same issue. I tried all the things listed above.

windbg:10.0.14321.1024 X86

[corelanc0d3r]

I'm trying to help, but this is not really a windbglib or mona.py issue. pykd.pyd must be placed in the winext folder. On my machine (Windows 10, Windbg 10), the file is in

C:\Program Files (x86)\Windows Kits\10\Debuggers\x86\winext

The file is about 1387008 bytes large
`C:\Program Files (x86)\Windows Kits\10\Debuggers\x86\winext>dir pykd*
Volume in drive C has no label.
Volume Serial Number is 3468-B6FF

Directory of C:\Program Files (x86)\Windows Kits\10\Debuggers\x86\winext

03/03/2014 10:58 1 387 008 pykd.pyd
1 File(s) 1 387 008 bytes
0 Dir(s) 37 641 756 672 bytes free`

When I right click on the file, and check the "properties", it does not indicate (anymore) that the file was locked because it was downloaded from the internet.

Next, I run windbg.exe from within C:\Program Files (x86)\Windows Kits\10\Debuggers\x86. Loading pykd works every time.

0:003> .chain Extension DLL search Path: C:\Program Files (x86)\Windows Kits\10\Debuggers\x86\WINXP;C:\Program Files (x86)\Windows Kits\10\Debuggers\x86\winext;C:\Program Files (x86)\Windows Kits\10\Debuggers\x86\winext\arcade;C:\Program Files (x86)\Windows Kits\10\Debuggers\x86\pri;C:\Program Files (x86)\Windows Kits\10\Debuggers\x86;C:\Users\peter\AppData\Local\Dbg\EngineExtensions32;C:\Program Files (x86)\Windows Kits\10\Debuggers\x86;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft SQL Server\130\Tools\Binn\;C:\Program Files (x86)\Windows Kits\10\Windows Performance Toolkit\;c:\python27;C:\Users\peter\AppData\Local\Microsoft\WindowsApps Extension DLL chain: pykd.pyd: image 0, 2, 0, 29, API 1.0.0, built Mon Mar 3 07:57:59 2014 [path: C:\Program Files (x86)\Windows Kits\10\Debuggers\x86\winext\pykd.pyd]

If you continue to have issues loading pykd.pyd, please feel free to also contact the pykd developers for advise.

[bparadisayuda]

Something had gone wonky with my Python. I cleaned everything out again and setup. Not sure what the issue was but it was probably a cross architecture problem.

Thanks for the help!

[corelanc0d3r]

cool, thanks for confirming

[trylab]

One probable reason is that you're running Python 64-bit version. Make sure the versions of Windbg, pykd.pyd, and Python are all the same.

[KulaGGin]

One probable reason is that you're running Python 64-bit version. Make sure the versions of Windbg, pykd.pyd, and Python are all the same.

Yes! Fuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu
Took like 3 hours to fix that. Parsing google, reading not working suggestions on how to fix it: "install 32-bit Python and it'll work", but it doesn't! Just installing 32-bit Python isn't enough.

After 3 hours, I ended up on the official pykd repo: https://githomelab.ru/pykd/pykd , where they suggest to use bootstrapper: pykd.dll - the additional bootstrapper on top of the pykd.pyd, which chooses appropriate python version to load the pykd.pyd.

So instead of .load pykd.pyd, you do .load pykd, which loads the pykd.dll instead of pykd.pyd, and the pykd.dll bootsrapper then chooses Python appropriate Python version for you(and allows you to set some specific version of Python like 3.7.7 if you want that specific version, and not some other), and then loads that pykd.pyd using that specific Python interpreter.

If I'm not mistaken, as I understand, the error The call to loadlibrary(pykd.pyd) failed, win32 error 0n193 %1 is not a valid win32 application. happens is because when you run WinDbg-X86, it uses 64-bit Python(for god knows what reason, why?????), and 64-bit Python using 64-bit version of LoadLibrary for 64-bit libraries, and the 32-bit library is not a valid win32(64-bit) application. This is criiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiinge.

Basically, everyone on the Internet got the installation process for pykd wrong(they tell you to run .load pykd.pyd), follow the installation process on the official pykd git repository, and it will work on both: 32-bit WinDbg and 64-bit WinDbg.

I used Python 3.7 32 bit, and mona didn't work with that.
I installed last version of pykd.pyd, and mona didn't work with that.

The only way mona finally worked is when I installed Python 2.7 32-bit, specific pykd.pyd version mentioned on this repo, and not the last version, and then manually selected Python 2.7 interpreter for pykd.pyd using command !select -2.7 after loading pykd with !load pykd(remember, not !load pykd.pyd!).

Took like ~4.5 hours total to finally make mona work:

Had to work through 8 errors total or something.

[mrever]

@KulaGGin -- I'm having a similar issue. Are you saying that the 32-bit pykd.dll works with python 2.7 but not 3.x?

[KulaGGin]

@mrever

@KulaGGin -- I'm having a similar issue. Are you saying that the 32-bit pykd.dll works with python 2.7 but not 3.x?

iirc, pykd works with versions they claim on their repo: 2.7, 3.5-3.9.

But I additionally needed mona, and mona only works on 2.7.

Just go to official repo: https://githomelab.ru/pykd/pykd

Install pykd.
Then go to bootstrapper's official repo: https://githomelab.ru/pykd/pykd-ext

Install and run bootstrapper, and choose respective installed Python on your machine depending on what IDA and WinDBG you're using, and depending on either you're additionally using mona with it.

So, for me, I had to choose Python 2.7 32 bit, because that's the only version that will work for the 32-bit chain of IDA7, WinDBG, Pykd and mona.

If you don't need mona, I think Python 3.5-3.9 32-bit should work for the 32-bit chain of IDA7, WinDBG and Pykd.

[mrever]

Thanks @KulaGGin . I'm still having problems though. Using 32-bit everything: 32-bit windbg, 32-bit python (3.9), 32-bit pykd, 32-bit pykd bootstrapper, debugging at 32-bit application... I've even tried building pykd and the bootstrapper from source just in case, as well as checking everything in my registry in case something points to my 64-bit python. Still getting "failed to load module". It works fine for 64-bit.

I'm trying out Windbg Preview right now. It has javascript scripting available. I would certainly prefer python scripting, but it might do for my purposes.

[tristan-white]

For anyone else finding this thread and still having problems: make sure you have python 2.7.16. That was my issue. I had Python 2.7.0 which did not work, but when I switched to version 2.7.16 it I was then able to do .load pykd.pyd

[lionheartys]

For anyone else finding this thread and still having problems: make sure you have python 2.7.16. That was my issue. I had Python 2.7.0 which did not work, but when I switched to version 2.7.16 it I was then able to do .load pykd.pyd

Awesome, thanks so much for the helpful info!