Home

Awesome

windows-kernel-debugging-guide

Setting up virtual machine

  1. Enable kernel debugging
bcdedit /debug on

  1. Set COM port
bcdedit /dbgsettings serial debugport:2 baudrate:115200
  1. Turn off Firewall

  2. Install WDK Test Target. Can be copied from the following path on the host machine

C:\Program Files (x86)\Windows Kits\10\Remote\x64\WDK Test Target Setup x64-x64_en-us.msi
  1. Set COM port for virtual machine

COM port for virtual machine

Setting up visual studio debugger

Config kernel debug device

COM port for virtual machine

COM port for virtual machine

COM port for virtual machine

Set new device as remote debugged machine

COM port for virtual machine

Start debugger session

  1. Attach to remote kernel

COM port for virtual machine

  1. Copy sys file of drivre to the virtual machine

  2. Place break points in driver code

  3. Start driver

sc create Zero type= kernel binPath= C:\Users\debuggee\Desktop\drivers\Zero.sys
  1. Use additional service control commands to manage driver
sc start Zero
sc stop Zero
sc delete Zero