Jan 23, 2008

WinDbg Settings

This is my WinDbg notes. WinDbg is a debugger which is used for Windows kernel mode program debugging.

Remote Debugging Settings On Guest OS:

1.Boot XP in debug mode:
Add this to c:\boot.ini

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional-DEBUG" /fastdetect /debug /debugport=COM1 /baudrate=115200

It would make your XP boot in Debug mode.
I am not sure if "/debug" is necessary or not.

2.Always boot in "Last Known Good Configuration":
Add this:
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional-Good" /lastknowngood


WinDbg Startup Settings: windbg -k com:port=com1,baud=115200

Symbol path settings: SRV*c:\Symbols*http://msdl.microsoft.com/download/symbols

Useful Commands:
Set a breakpoint on the entry of FunctionName
bp DriverName ! FunctionName
list all breakpoints
bl
disable the #3 breakpoint
bd 3

3.Boot Vista in debug mode:
In Vista, Microsoft introduce a very hard-to-use boot loader setting tool called "bcdedit". You can use "easybcd" instead, but here I will show how to do it without third party tool.

3.1 Change serial port setting:
bcdedit /dbgsettings serial baudrate:115200 debugport:1

3.2 Create new debug entry:
bcdedit /copy {current} /d DebugEntry

3.3 List all entry:
bcdedit /enum osloader

3.4 Set debug option on:bcdedit /debug {ID} on

ID is the DebugEntry ID found at step 3.

3.5 Set DebugEntry as default choice:bcdedit /default {ID}

3.6 Turn LastKnownGood option onbcdedit /set {ID} lastknowngood on

3.7 Set Timeout value to 5 secondsbcdedit /timeout 5

3.8 No signing checks ( driver without sign can be installed)bcdedit –set nointegritychecks ON

3.9 Set driver test mode ( accept test sign)bcdedit /set testsigning Yes

0 comments:

 
TEMPLATE HACKS AND TWEAKS BY [ METAMUSE ] BLACKCAT 1.1
/scripts/shBrushJScript.js'/>