'Is there anyway to debug a windows kernel with secure boot on?
Is there anyway that i can debug a windows kernel that has secure boot on? when i try to turn on debug mode when secure boot on windows says that i need to turn it off.
Is there ANY way/trick to debug while secure boot is on?
The target machine is a win 10 x64.
EDIT: I am using VMware and this is a guest machine that i want to debug.
Solution 1:[1]
Is there ANY way/trick to debug while secure boot is on?
Windows kernel debugging does not require secure boot to be disabled.
Having Secure Boot disabled is necessary only before attempting to enable Kernel Debug (bcdedit /debug on). After the operation to enable Kernel Debug is done, Secure boot can be re-enabled and it will not affect the just-enabled Kernel Debug setting.
Solution 2:[2]
Here's an alternative to thtse's answer (which did not work for me). I'm going to assume you are on vmware. First, ensure you have secure boot ON, view this in system information
Shutdown your system. Add a COM port to vmware, use these settings exactly:
Boot your system. Open an administrator CMD.exe (not powershell), and execute the following:
bcdedit /dbgsettings serial debugport:2 baudrate:115200
bcdedit /set {bootmgr} displaybootmenu 1
bcdedit /bootems 1
bcdedit /ems 1
Reboot your system. Once the EMS boot menu shows up, start windbg on your host via an ADMIN CMD.exe:
windbg.exe -k com:pipe,port=\\.\pipe\com_port,resets=0,reconnect
Press F8 on the EMS boot menu option, and select 'Debugging Mode'. Windbg should attach. This uses the information from
https://twitter.com/jonasLyk/status/1424581181794889732 and kernel debug with a vmware machine
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|---|
| Solution 1 | |
| Solution 2 | Stephen Eckels |