Below are the steps to debug the kernel of a Windows XP
guest running through a VitualBox hypervisor.
 |
| Windbg configuration(File->Kernel Debug...) |
 |
| VirtualBox VM settings |
In order to get the guest kernel to listen for a debugger connecting to it, C:\boot.ini on the guest Windows XP VM has to be edited. The boot.ini file now looks like this:
[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /debugport=COM1 /baudrate=115200
In order to debug the guest, start windbg and select "File->Kernel Debug...", hit OK, and then start the VM in Virtual Box. The output in windbg shows that that there is a kernel attached.
I was looking for exactly the same..you made my day..thanks man
ReplyDeleteHello neil,
ReplyDeleteActually I have Ubuntu as my Host/Base OS. I want to debug Windows kernel (Running on a virtual box)remotely from another windows system installed in virtual box system both running on same host Ubuntu.Can you please tell me if its possible or not.If yes then can please tell how how can i achieve that.
Thanks in Advance
Debasish
Thanks for reading. I have not tried that setup with VirtualBox.
DeleteMy guess would be that in VirtualBox, you check "Create Pipe" as shown above in the settings of the target VM(the one whose kernel you want to debug) and you leave that box unchecked on the VM running WinDbg. Make sure the "Port/File Path" has the same value for both the VMs. Thats how you make both VMs communicate via the smae pipe.
I know how to remotely debug userland via TCP/IP too. Let me know if you need help with that.
Hello Neil,
DeleteThanks for your reply.Actually I followed this post http://stackoverflow.com/questions/12696825/debugging-windows-kernel-from-linux. And It worked for me.
Thanks