Exetools  

Go Back   Exetools > General > General Discussion

Notices

Reply
 
Thread Tools Display Modes
  #1  
Old 06-19-2020, 04:07
danrevella danrevella is offline
Friend
 
Join Date: Dec 2019
Location: Italy
Posts: 14
Rept. Given: 0
Rept. Rcvd 0 Times in 0 Posts
Thanks Given: 18
Thanks Rcvd at 2 Times in 2 Posts
danrevella Reputation: 0
Debugging window 10 while boot

Hi there
I have to debug MBR of win 10 64byte to try to understand an utility who load before Windows.
Sincerelly I even don't know were to start.
I have try many example for debug with Virtualbox, but not for boot process.
May you help me f.e. linking some adeguate tutorials?
I do like x64dbg, so a solution x64dbg+Virtualbox for me may be my dream....
Thanks

Dan

p.s. Mr. Moderator, may I reveal of what prog I am speaking about?
Reply With Quote
  #2  
Old 06-19-2020, 09:03
chants chants is offline
VIP
 
Join Date: Jul 2016
Posts: 602
Rept. Given: 13
Rept. Rcvd 35 Times in 21 Posts
Thanks Given: 547
Thanks Rcvd at 873 Times in 410 Posts
chants Reputation: 35
Practically speaking, setting up a BOCHS emulator and using IDA Pro debugger is a pretty good way to go about this. Not sure but likely x64dbg can do this as well. The only way to debug this early in the boot process is with some sort of emulation unless your BIOS had some really special remote debugging features. Though in a VM it would seem possible I've never seen a good way to go about this. Even remote kernel debugging is of course too late for studying the MBR.
Reply With Quote
The Following User Says Thank You to chants For This Useful Post:
danrevella (06-19-2020)
  #3  
Old 06-19-2020, 09:51
fqjp fqjp is offline
Friend
 
Join Date: Apr 2011
Posts: 28
Rept. Given: 1
Rept. Rcvd 2 Times in 1 Post
Thanks Given: 0
Thanks Rcvd at 21 Times in 11 Posts
fqjp Reputation: 2
https://www.codeproject.com/Articles/36907/How-to-develop-your-own-Boot-Loader#_Toc231383186

https://cyberview.wordpress.com/2010/09/16/debugging-bios-under-vmware-using-idas-gdb-debugger/

These articles should be useful.
Reply With Quote
The Following 2 Users Say Thank You to fqjp For This Useful Post:
danrevella (06-19-2020), DavidXanatos (06-19-2020)
  #4  
Old 06-19-2020, 17:31
matt matt is offline
Friend
 
Join Date: Jan 2002
Posts: 37
Rept. Given: 0
Rept. Rcvd 0 Times in 0 Posts
Thanks Given: 3
Thanks Rcvd at 10 Times in 8 Posts
matt Reputation: 0
Another choice: VisualKernel or VisualGDB with Vmware GDB Stub or QEMU
Reply With Quote
The Following User Says Thank You to matt For This Useful Post:
danrevella (06-20-2020)
  #5  
Old 06-21-2020, 02:55
danrevella danrevella is offline
Friend
 
Join Date: Dec 2019
Location: Italy
Posts: 14
Rept. Given: 0
Rept. Rcvd 0 Times in 0 Posts
Thanks Given: 18
Thanks Rcvd at 2 Times in 2 Posts
danrevella Reputation: 0
Many thanks to all for your effort, I have read all, and even other threads, but for me is un "impossible mission" ;-)
As last resource I have also try with "windebug essential"+Virtualbox, but debugging kernel mode is different from debugging from bios-post......
Reply With Quote
  #6  
Old 06-22-2020, 05:07
niculaita's Avatar
niculaita niculaita is offline
Family
 
Join Date: Jun 2011
Location: here
Posts: 1,226
Rept. Given: 899
Rept. Rcvd 86 Times in 58 Posts
Thanks Given: 3,198
Thanks Rcvd at 459 Times in 324 Posts
niculaita Reputation: 86
just concentrate on utility
__________________
Decode and Conquer
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Bypassign secure boot and so on.... DavidXanatos General Discussion 4 09-01-2019 23:07
Quad boot guide ntwizard General Discussion 6 01-28-2005 00:44


All times are GMT +8. The time now is 07:01.


Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX
( 1998 - 2021 )