-
-
[讨论]设置内核调试环境
-
发表于:
2020-1-17 17:37
2480
-
bcdedit.exe 用于间接修改启动配置文件
1:启动一个管理权限的命令行窗口。
2:执行命名将当前的启动入口复制一份。引号中的字符串为新启动入口的名称。执行成功会返回新启动入口的GUID,用来唯一标识这个启动入口。新启动入口的GUID {xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx}
bcdedit /copy {current} /d "kernel Debug"
3:执行命令对启动入口启用内核调试。
bcdedit /debug {xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx} on
4:设置目标机与主机之间的通信参数,根据实际情况开选择。如果使用1号串行口,波特率为115200。需要使用其他参数或者通信类型,WinDbg的帮助文件或者《软件调试》第18章。
bcdedit /set {xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx} debugtype serial
bcdedit /set {xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx} debugport 1
bcdedit /set {xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx} baudrate 115200
5:命令行执行bcdedit列出刚刚创建的启动项和参数,确认以上设置都已经被记录下来。
Windows 启动管理器
--------------------
标识符 {bootmgr}
device partition=C:
path \EFI\MICROSOFT\BOOT\BOOTMGFW.EFI
description Windows Boot Manager
locale zh-CN
inherit {globalsettings}
flightsigning Yes
default {current}
resumeobject {4ef5cc3d-789c-11e9-a952-2cfda1be5fc6}
displayorder {current}
{860d4d92-789c-11e9-a0e2-2cfda1be5fc6}
toolsdisplayorder {memdiag}
timeout 0
Windows 启动加载器
-------------------
标识符 {current}
device partition=C:
path \Windows\system32\winload.efi
description Windows 10 Enterprise LTSC 2019
locale zh-CN
inherit {bootloadersettings}
recoverysequence {860d4d90-789c-11e9-a0e2-2cfda1be5fc6}
displaymessageoverride Recovery
recoveryenabled Yes
isolatedcontext Yes
flightsigning Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \Windows
resumeobject {4ef5cc3d-789c-11e9-a952-2cfda1be5fc6}
nx OptIn
bootmenupolicy Standard
hypervisorlaunchtype Off
Windows 启动加载器
-------------------
标识符 {860d4d92-789c-11e9-a0e2-2cfda1be5fc6}
device partition=C:
path \Windows\system32\winload.efi
description kernel Debug
locale zh-CN
inherit {bootloadersettings}
recoverysequence {860d4d90-789c-11e9-a0e2-2cfda1be5fc6}
debugtype Serial
debugport 1
baudrate 115200
displaymessageoverride Recovery
recoveryenabled Yes
isolatedcontext Yes
flightsigning Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \Windows
resumeobject {4ef5cc3d-789c-11e9-a952-2cfda1be5fc6}
nx OptIn
bootmenupolicy Standard
hypervisorlaunchtype Off
debug Yes
[招生]科锐逆向工程师培训(2024年11月15日实地,远程教学同时开班, 第51期)
