Awesome-Windows-Debug
Awesome-Windows-Debug copied to clipboard
Published
20 hours ago •
nixawk
nixawk
Windows Kernel - Lab Env
Debug Windows Kernel on Mac OS X
Server
serial0.present = "TRUE"
serial0.fileType = "pipe"
serial0.fileName = "/private/tmp/com1"
serial0.tryNoRxLoss = "FALSE"
serial0.pipe.endPoint = "server"
[Windows XP SP3]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional Kernel Debugging" /noexecute=optin /fastdetect /debug /debugport=com1 /baudrate=115200
[Windows 7]
bcdedit /enum OSLOADER
bcdedit /enum ACTIVE
bcdedit /dbgsettings serial baudrate:115200 debugport:1
bcdedit /copy {current} /d "Windows Debug Entry"
bcdedit /displayorder {current} {995296e0-793b-11e7-9ce1-b6eb54ee5b23}
bcdedit /debug {995296e0-793b-11e7-9ce1-b6eb54ee5b23} ON
bcdedit -set TESTSIGNING on
bcdedit /dbgsetting
Client
[Windows 7 X64]
serial0.present = "TRUE"
serial0.fileType = "pipe"
serial0.fileName = "/private/tmp/com1"
serial0.tryNoRxLoss = "FALSE"
serial0.pipe.endPoint = "client"
References
- https://samsclass.info/126/proj/p12-WinDbg
- https://www.dcl.hpi.uni-potsdam.de/research/WRK/2009/06/running-the-wrk-on-mac-os/
- https://blog.ephrain.net/windbg-%E5%9C%A8-mac-virtualbox%E4%B8%8A%E8%A8%AD%E5%AE%9A-windows-kernel-debugging-%E7%92%B0%E5%A2%83/
