#1
|
|||
|
|||
Use IDA in kernel mode ??
hello
how i can use ida on kernel mode? |
#2
|
|||
|
|||
I remember with windbg debug and config it to kernel mode but i forgot how to do that exactly
|
#3
|
||||
|
||||
IDA won't do kernel debugging, although Bochs that comes with it may (I don't know). Best is probably windbg. Make sure you keep a map/pdb of your driver and have a read here :
http://msdn.microsoft.com/en-us/library/windows/hardware/ff553382%28v=vs.85%29.aspx Git |
The Following User Gave Reputation+1 to Git For This Useful Post: | ||
chessgod101 (09-21-2012) |
The Following User Says Thank You to Git For This Useful Post: | ||
nimaarek (09-20-2017) |
#4
|
|||
|
|||
afaik, ida can debug kernel mode. Check the hexrays blog, seems I saw article about kernel debugging there.
|
#5
|
||||
|
||||
You're right, it's an IDA plugin to link IDA with Windbg. Nice one.
http://www.hexblog.com/?p=92 Git |
#6
|
|||
|
|||
#7
|
|||
|
|||
VirtualKD works nice. Is there a similar solution for VirtualBox?
|
#8
|
|||
|
|||
VKD works in VBox as well.
|
#9
|
|||
|
|||
I would personally listen to the other guys and use Windbg with VKD or without (depending on your configuration), however, in case you choose to pursue this you can find a tutorial here: http://www.hexblog.com/?p=123
|
#10
|
|||
|
|||
Request for IDA
Hi guys,
Sorry if I'm a little bit off the topic but can anyone help me out with a copy of IDA. I've searched the forum but each time, I reach a dead-end as far as the search is concerned. cheers |
#11
|
|||
|
|||
You can find it on the official web-site or in Google.
|
#12
|
|||
|
|||
Can you please provide me the link?
|
#13
|
||||
|
||||
www.google.com
|
#14
|
|||
|
|||
http://google.com/search?q=IDA+Pro+6.1+download
|
#15
|
|||
|
|||
with VMware , and start remote.exe.
|
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Hades:Windows kernel driver lets reverse engineers monitor user and kernel mode code | sh3dow | Source Code | 0 | 05-12-2016 03:15 |
How to pass the large data in kernel mode to user mode? | benina | General Discussion | 3 | 03-06-2010 04:50 |
Kernel-Mode GUI!? (like SoftIce) | Cobi | General Discussion | 1 | 01-21-2005 02:24 |
Kernel Mode Driver for NT | SPeY | General Discussion | 12 | 04-22-2004 15:34 |