WinDbg - Configure Kernel Debugging

In this episode of Defrag Tools, Andrew Richards, Chad Beeder and Larry Larsen continue looking at the Debugging Tools for Windows (in particular WinDbg). WinDbg is a debugger that supports user mode debugging of a process, or kernel mode debugging of a computer. This installment goes over the cables and configuration steps required to set up kernel mode debugging. We use these BCDEdit commands: bcdedit bcdedit /dbgsettings bcdedit /dbgsettings 1394 channel:42 bcdedit /dbgsettings net hostip:192.168.0.10 port:50000 key:a.b.c.d bcdedit /debug on bcdedit /debug off In the debug session, we use these commands: .crash .dump /f lm !lmi .reload /f !drvobj !drvobj <module> 2 bl bc * be <N> bd <N> bp <function> bm <wildcard> x <wildcard> g Make sure you watch Defrag Tools Episode #1 and Defrag Tools Episode #23 for instructions on how to get the Debugging Tools for Windows and how to set the required environment variables for symbol and source code resolution.