Skip to content

Latest commit

 

History

History

fast

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
guest
guest
 
 
README.md
README.md
 
 
Vagrantfile
Vagrantfile
 
 
open-rdp.bat
open-rdp.bat
 
 
start-debugger.bat
start-debugger.bat
 
 
start-vm.bat
start-vm.bat
 
 

README.md

kdbg-driver-vagrant

Based off of this article.

Setup

  1. Install the VMware Vagrant Utility. Reboot your machine afterwards.
  2. Set up a Windows 10 VM as you normally would (ideally licensing the VM as well). Keep the hardware requirements (CPU, RAM and disk space) to a minimum.
  3. In the VM:
    1. Install the VMware guest tools
    2. Disable Shutdown Tracker
    3. Disable complex passwords
    4. Set network adapter to "Private"
    5. Enable RDP
    6. Disable integrity checks and enable test signing 
      bcdedit /set testsigning on
bcdedit /set nointegritychecks on
    7. Completely disable UAC 
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System > EnabledLUA = 0
    8. Enable WinRM 
      winrm quickconfig -q
winrm set winrm/config/winrs @{MaxMemoryPerShellMB="512"}
winrm set winrm/config @{MaxTimeoutms="1800000"}
winrm set winrm/config/service @{AllowUnencrypted="true"}
winrm set winrm/config/service/auth @{Basic="true"}
sc config WinRM start= auto
    9. Enable kernel debugging. Make sure to replace the host IP with the IP of your host (must be reachable from within the VM) 
      bcdedit /debug on
bcdedit /dbgsettings net hostip:192.168.229.1 port:53390 key:1.1.1.1
    10. Install all pending updates (optional)
    11. To redirect debug messages to WinDbg (optional) 
      HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Debug Print Filter > DEFAULT = 0xFFFFFFFF
      Create the key Debug Print Filter if it doesn't exist
  4. Shutdown the VM
  5. Open the "Virtual Network Editor" and hit "Change Settings". Select NAT in the list and then "NAT Settings". Set UDP timeout to 32767 or WinDbg may get disconnected (this setting persists across all VMs)
  6. Go to the folder containing the .vmx file
  7. Create a file called metadata.json 
    {
  "provider": "vmware_desktop"
}
  8. Execute tar cvzf Win10ProKdbgDriverBase.box ./*. This is the equivalent of running vagrant package for VBox.
  9. Execute vagrant box add layle/win10pro-kdbg-driver .\Win10ProKdbgDriverBase.box

You are now all set to spin up boxes. To get started use start-vm.bat and as soon as you want to attach a debugger execute start-debugger.bat. Note that the VM will automatically shutdown as soon as you close WinDbg.
In this example the driver is always called layle.sys. Make sure that file exists in this projects root folder (where Vagrantfile is located). Vagrant automatically mounts the Vagrant project folder to C:\vagrant which is required to copy the driver to C:\Windows\System32\drivers.