andigandhi
PXE boot : windows failed to start same as #13
Hello, I have the same issue as #13
Dell Latitude 5450 Windows 11 Enterprise 10.0.26100 Build 26100 I checked my bootmgrfw.efi CA and I'm on 2011, so it should works.
I don't understand why I get this issue. I tried my setup on a HP laptop and it works, so my setup is correct. How can we debug it further ?
Hi! As far as I understand, you were able to modify and extract the BCD file. One thing that helped me debugging the Boot process was to replace the boot .efi file in the dnsmasq command of the start-server script to directly point to the shim:
sudo dnsmasq --no-daemon --interface=$interface --dhcp-range=10.13.37.100,10.13.37.101,255.255.255.0,1h --dhcp-boot=shimx64.efi --enable-tftp --tftp-root=$SCRIPTPATH/pxe-server
May you try out this option and share your results? This way we might be able to nail down the error source.
I tried, and I get an error: Operating System Loader has no signature. Incompatible with Secure Boot. All bootable device failed. It seems that the linux shim is no longer signed for this secure boot implementation ?
I assume that booting fails for the same reason as in #13 that the computer does not trust third party CAs. It would probably still be possible to exploit the bitpixie bug using a WindowsPE with a memory scanner, however I was not yet success in implementing this due to a lack of free time...
ok I see, I will try to implement the same as this one: https://github.com/martanne/bitpixie/tree/main
Oh wow, I did not notice that Martanne already implemented the WindowsPE method 😮
I tried it, I was able to boot winpe, take a dump of the entire memory, but the vmk script to carve the VMK is not working on Windows 24H2, need to carve manually the memory dump to be sure. I tested with booted version and logedin, and I can successfully find the VMK in memory. It means that something is wrong in the PXE boot with windows version, otherwise I don't see why VMK is not in memory after the 2nd boot.