Menu
Is there any way/trick that i can debug a windows kernel that has secure boot on? when i try to turn on debug mode when secure boot on windows says that i need to turn it off.
The target machine is a win 10 x64.
EDIT: I am using VMware and this is a guest machine that i want to debug.
829
Here's an alternative to thtse's answer (which did not work for me). I'm going to assume you are on vmware. First, ensure you have secure boot ON, view this in system information
Shutdown your system. Add a COM port to vmware, use these settings exactly:
Boot your system. Open an administrator CMD.exe (not powershell), and execute the following:
bcdedit /dbgsettings serial debugport:2 baudrate:115200
bcdedit /set {bootmgr} displaybootmenu 1
bcdedit /bootems 1
bcdedit /ems 1
Reboot your system. Once the EMS boot menu shows up, start windbg on your host via an ADMIN CMD.exe:
windbg.exe -k com:pipe,port=\\.\pipe\com_port,resets=0,reconnect
Press F8 on the EMS boot menu option, and select 'Debugging Mode'. Windbg should attach. This uses the information from
https://twitter.com/jonasLyk/status/1424581181794889732 and kernel debug with a vmware machine
57
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
