How to make a memory dump in .net?

Question

How do you obtain a memory dump from a given memory address in the format:

  Address   |           Hexadecimal representation              | ASCII representation
---------------------------------------------------------------------------------------
0x637132687 | 00 00 00 00 00 00 00 00   45 21 65 78 32 F5 12 6C |  ....... ahsnfdas
0x637132703 | 00 00 00 00 00 00 00 00   45 21 65 78 32 F5 12 6C |  ....... ahsnfdas
0x637132719 | 00 00 00 00 00 00 00 00   45 21 65 78 32 F5 12 6C |  ....... ahsnfdas
0x637132735 | 00 00 00 00 00 00 00 00   45 21 65 78 32 F5 12 6C |  ....... ahsnfdas

Do you know any API/framework/tool for the work?

Answer 1

It can certainly be done using WinDbg. Honestly, I'm not a wizard using it but Tess Ferrandez from Microsoft is and has an excellent blog about using WinDbg to debug .NET applications.

It seems you just want to browse a normal memory dump, that should be pretty straightforward. If you want to examine anything further (with regards to .net) you should use the SOS extensions for WinDbg.

Answer 2

You'll need Marshal.CopyMemory() and this code. P/Invoking VirtualQueryEx() to ensure the memory addresses are valid would be a good idea to avoid exceptions.