Is there anyway to debug a windows kernel with secure boot on?
Is there any way/trick that i can debug a windows kernel that has secure boot on? when i try to turn on debug mode when secure boot on windows says that i need to turn it off.
The target machine is a win 10 x64.
EDIT: I am using VMware and this is a guest machine that i want to debug.
Here's an alternative to thtse's answer (which did not work for me). I'm going to assume you are on vmware. First, ensure you have secure boot ON, view this in system information
Shutdown your system. Add a COM port to vmware, use these settings exactly:
Boot your system. Open an administrator CMD.exe (not powershell), and execute the following:
bcdedit /dbgsettings serial debugport:2 baudrate:115200
bcdedit /set {bootmgr} displaybootmenu 1
bcdedit /bootems 1
bcdedit /ems 1
Reboot your system. Once the EMS boot menu shows up, start windbg on your host via an ADMIN CMD.exe:
windbg.exe -k com:pipe,port=\\.\pipe\com_port,resets=0,reconnect
Press F8 on the EMS boot menu option, and select 'Debugging Mode'. Windbg should attach. This uses the information from
https://twitter.com/jonasLyk/status/1424581181794889732 and kernel debug with a vmware machine
- How to Enumerate Threads using CreateToolhelp32Snapshot and Python ctypes?
- Problem when adding dependencies to pyinstaller using poetry to manage dependencies
- Is there any way to run a Flutter app through background on macOS or Windows desktop?
- How do I allocate space to call GetInterfaceInfo using the windows crate?
- Are there issues with DTN_DATETIMECHANGE breakpoints and the date time picker control?
- Rust Windows Crate CreateWindowExW
- Docker compose V2: unknown shorthand flag 'f' (windows)
- Unicode (utf-8) with git-bash
- Cannot locate tkinter icon file when using pyinstaller with poetry on Windows10
- Why my ActiveMQ doesn't start
- How do I determine a mapped drive's actual path?
- How to find version of an application installed using c#
- How to detect Windows 8 Operating system using C# 4.0?
- "Run with PowerShell" gives execution policy error but running directly in PowerShell window does not
- Which comment style should I use in batch files?
- What is the closest thing Windows has to fork()?
- NPM: npm-cli.js not found when running npm
- Can PyTorch GPU Use Shared GPU Memory (from RAM, shows in Windows Task Manage)?
- Pipe dot graphviz with echo windows from command line gives corrupted output
- How to modify ~/.ssh folder & files in windows?
- How to save python script output in GitHub Actions running on windows-latest?
- Why is my VS Code always opened with the default profile?
- Where is MySQL's my.ini located on Windows?
- nmake: using environment variables and falling back to default values
- Build shared library with static library
- many missing .lib files in the installed OpenCV3.2.0 for Windows 10 64bit
- Why does a module from the WinApi crate not exist when its in the docs?
- "continue" equivalent command in nested loop in Windows Batch
- How to Intentionally cause Windows Heap Corruption?
- Flutter sqflite database location on desktop