Tag: debugging

Debugging

Connect two Windows virtual machines over a virtual serial port on a Linux host

Software Linux Debian 8.x Windows 8 64 bit (Debugger) Windows 10 64 bit (Debuggee) WinDbg (Windows SDK) Setting up the Debugger WinDbg installation https://developer.microsoft.com/en-us/windows/downloads/windows-10-sdk Symbols add an environment variable, _NT_SYMBOL_PATH, value, SRVC:\Symbolshttps://msdl.microsoft.com/download/symbols. Shutdown VM Edit virtual machine settings -> Add… -> Serial Port -> -> Use socket (/tmp/com1) -> From: Client -> To: A Virtual …

Penetration Testing

Debugging Telegram

Debug Mode To enable debug mode, type debugmode in the settings page of Telegram desktop and confirm it. Log files * /home/username/.TelegramDesktop/log.txt * /home/user/.TelegramDesktop/DebugLogs/tcp_xx_xx.txt * /home/user/.TelegramDesktop/DebugLogs/mtp_xx_xx.txt * /home/user/.TelegramDesktop/DebugLogs/log_xx_xx.txt To disable the debug mode, type in debugmode again. Burp Proxy Intercept * Open Telegram settings -> Advanced settings -> Connection type -> HTTP with custom http-proxy. …

Debugging, Disassembler, Disassembling, Reverse Engineering

Radare – a portable reversing framework

Radare is a portable reversing framework that can… Disassemble (and assemble for) many different architectures Debug with local native and remote debuggers (gdb, rap, webui, r2pipe, winedbg, windbg) Run on Linux, *BSD, Windows, OSX, Android, iOS, Solaris and Haiku Perform forensics on filesystems and data carving Be scripted in Python, Javascript, Go and more Support …

Kernel, Rootkits

Bad file name for catalogfile from [Version] section

Inf2Cat, signability test failed. Bad file name for catalogfile from [Version] section in \mydriver.inf The above errors occur while you are trying to build a Windows 7/Windows 8 or Windows 8.1 driver in Visual Studio 2013 with WDK 8 and you haven’t specify any Catalog filename in project’s settings. > Goto project properties page. > …

Debugging, Kernel, Rootkits

Faster Windows Kernel debugging with Virtual Machines

VirtualKD is a tool that improves your kernel debugging performance with VMWare and VirtualBox. It seamlessly integrates with WinDbg and dramatically reduces debugging latency. Compatible with Windows 10 and VirtualBox 5.x. Features Significantly improves kernel debugging performance with VMWare and VirtualBox. Supports Windows XP to Windows 10, 32-bit and 64-bit. Fixes truncated Driver Verifier load …

Debugging, Disassembling, Reverse Engineering

Reversing with DumpBin

The Microsoft COFF Binary File Dumper (DUMPBIN) displays information about Common Object File Format (COFF) binary files. You can use DUMPBIN to examine COFF object files, standard libraries of COFF objects, executable files, and dynamic-link libraries (DLLs). For more… DumpBin syntax DUMPBIN [options] files…DUMPBIN [options] files… Display Section Headers dumpbin.exe /HEADERS x:\path\to\object\filedumpbin.exe /HEADERS x:\path\to\object\file Disassembling …

Debugging, Disassembling, Reverse Engineering

Reversing with OBJDUMP

objdump – display plenty of information from object files. It is available in most Linux and Unix systems. It is also available in Windows through cygwin. Display Section Headers: objdump -h /path/to/my/object/fileobjdump -h /path/to/my/object/file Disassembling Executable Sections: objdump -dl /path/to/my/object/fileobjdump -dl /path/to/my/object/file Full Disassembling: objdump -Dslx /path/to/my/object/fileobjdump -Dslx /path/to/my/object/file Display Debugging Info: objdump -g /path/to/my/object/fileobjdump …

Proxy, Sniffing, WEB

Fiddler – web debugging proxy

I discovered recently this tool. I’d like to share with you.   Fiddler is a Web Debugging Proxy which logs all HTTP(S) traffic between your computer and the Internet. Fiddler allows you to inspect traffic, set breakpoints, and “fiddle” with incoming or outgoing data.   Fiddler is freeware and can debug traffic from virtually any …