Tag: kernel

Debugging

Connect two Windows virtual machines over a virtual serial port on a Linux host

Software Linux Debian 8.x Windows 8 64 bit (Debugger) Windows 10 64 bit (Debuggee) WinDbg (Windows SDK) Setting up the Debugger WinDbg installation https://developer.microsoft.com/en-us/windows/downloads/windows-10-sdk Symbols add an environment variable, _NT_SYMBOL_PATH, value, SRVC:\Symbolshttps://msdl.microsoft.com/download/symbols. Shutdown VM Edit virtual machine settings -> Add… -> Serial Port -> -> Use socket (/tmp/com1) -> From: Client -> To: A Virtual …

Antivirus, Debugging, Kernel

Debug user-mode processes using a kernel debugger

When a user-mode process deploys various userland anti-debugging tricks, you can use kernel debugging to attach to the process and debug it easier. > Create a Windows 8.1 Vmware machine. > Follow this guide to enable kernel debugging through pipes. > Run Windbg as administrator on your host machine. > Open File->Kernel Debug… (Ctrl+K) > …

Kernel, Rootkits

Load – Unload drivers during development

The easiest way to load your driver into the kernel, for testing, during kernel development is by creating a system service to load the driver for you. This method, of course, is not suggested for release due to forensics issues.   Windows API functions used in service installer: > OpenSCManager establishes a connection to the …

Kernel, Rootkits

Bad file name for catalogfile from [Version] section

Inf2Cat, signability test failed. Bad file name for catalogfile from [Version] section in \mydriver.inf The above errors occur while you are trying to build a Windows 7/Windows 8 or Windows 8.1 driver in Visual Studio 2013 with WDK 8 and you haven’t specify any Catalog filename in project’s settings. > Goto project properties page. > …

Fedora

Install development tools and kernel headers for Fedora

Development Tools Installation yum groupinstall ‘Development Tools’yum groupinstall ‘Development Tools’ Kernel headers Installation yum install kernel-devel kernel-headersyum install kernel-devel kernel-headers or yum install kernel-devel-$(uname -r) kernel-headers-$(uname -r)yum install kernel-devel-$(uname -r) kernel-headers-$(uname -r)