B.3 Windows Kernel Debugging

In order to analyze the vulnerability described in Chapter 6, I needed a way to debug the Windows kernel. I set up a debugging environment with VMware[92] and WinDbg[93] by following these steps:

Note

Throughout this section, I used the following software versions: VMware Workstation 6.5.2 and WinDbg 6.10.3.233.

  • Step 1: Configure the VMware guest system for remote kernel debugging.

  • Step 2: Adjust the boot.ini of the guest system.

  • Step 3: Configure WinDbg on the VMware host for Windows kernel debugging.

Step 1: Configure the VMware Guest System for Remote Kernel Debugging

After I installed a Windows XP SP3 VMware guest system, I powered it off and chose Edit Virtual Machine Settings from the Commands section of VMware. I then ...

Get A Bug Hunter's Diary now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.