Windbg – Getting environment information from the target machine

This is a brief explanation about how to get information from the target machine with some examples.

Let’s suppose you already have opened the memory dump in your windbg. Let’s also suppose that you already setup the symbols path properly.
Ok, then.

If you want to find out the name of the target’s machine execute:
!envvar COMPUTERNAME

In case you want to know the user logged in the machine :
!envvar USERNAME

Now, you want to know the architecture of the current process:
!envvar PROCESSOR_ARCHITECTURE

and more…

Here you have for example a list of Standard Environment Variables you can experiment on:

http://ss64.com/nt/syntax-variables.html

==============================================

Enjoy debugging!