Menu
In user mode debugging, I usually break with the following command:
sxe ld Something.dll
I tried the same in kernel mode, but it is not working. Is there a different command?
536
To disable kernel debugging on the target computer, open a Command Prompt window as Administrator and enter the command bcdedit /debug off. Reboot the target computer.
If a user-mode debugger is attached, the program will break into the debugger. This means that the program will pause and the debugger will become active.
You will want to run:
!gflag +ksl
sxe ld Something.dll
g
You may also want to refer to [1], which discussing breaking into a process near boot-time using the above approach.
[1] How do I debug a process that starts at boot time?
163
While doing kernel mode debugging : using sxe you will be able to break ONLY for kernel mode binaries like *.sys file.
Not for user mode binaries like *.dll
If you share what you are trying achieve may be we can find some other way to achieve that !
28
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
