Exetools  

Go Back   Exetools > General > General Discussion

Notices

Reply
 
Thread Tools Display Modes
  #1  
Old 06-19-2020, 04:07
danrevella danrevella is offline
Friend
 
Join Date: Dec 2019
Location: Italy
Posts: 13
Rept. Given: 0
Rept. Rcvd 0 Times in 0 Posts
Thanks Given: 15
Thanks Rcvd at 2 Times in 2 Posts
danrevella Reputation: 0
Debugging window 10 while boot

Hi there
I have to debug MBR of win 10 64byte to try to understand an utility who load before Windows.
Sincerelly I even don't know were to start.
I have try many example for debug with Virtualbox, but not for boot process.
May you help me f.e. linking some adeguate tutorials?
I do like x64dbg, so a solution x64dbg+Virtualbox for me may be my dream....
Thanks

Dan

p.s. Mr. Moderator, may I reveal of what prog I am speaking about?
Reply With Quote
  #2  
Old 06-19-2020, 09:03
chants chants is offline
Family
 
Join Date: Jul 2016
Posts: 559
Rept. Given: 6
Rept. Rcvd 35 Times in 21 Posts
Thanks Given: 472
Thanks Rcvd at 835 Times in 392 Posts
chants Reputation: 35
Practically speaking, setting up a BOCHS emulator and using IDA Pro debugger is a pretty good way to go about this. Not sure but likely x64dbg can do this as well. The only way to debug this early in the boot process is with some sort of emulation unless your BIOS had some really special remote debugging features. Though in a VM it would seem possible I've never seen a good way to go about this. Even remote kernel debugging is of course too late for studying the MBR.
Reply With Quote
The Following User Says Thank You to chants For This Useful Post:
danrevella (06-19-2020)
  #3  
Old 06-19-2020, 09:51
fqjp fqjp is offline
Friend
 
Join Date: Apr 2011
Posts: 26
Rept. Given: 1
Rept. Rcvd 2 Times in 1 Post
Thanks Given: 0
Thanks Rcvd at 17 Times in 9 Posts
fqjp Reputation: 2
https://www.codeproject.com/Articles/36907/How-to-develop-your-own-Boot-Loader#_Toc231383186

https://cyberview.wordpress.com/2010/09/16/debugging-bios-under-vmware-using-idas-gdb-debugger/

These articles should be useful.
Reply With Quote
The Following 2 Users Say Thank You to fqjp For This Useful Post:
danrevella (06-19-2020), DavidXanatos (06-19-2020)
  #4  
Old 06-19-2020, 17:31
matt matt is offline
Friend
 
Join Date: Jan 2002
Posts: 37
Rept. Given: 0
Rept. Rcvd 0 Times in 0 Posts
Thanks Given: 3
Thanks Rcvd at 10 Times in 8 Posts
matt Reputation: 0
Another choice: VisualKernel or VisualGDB with Vmware GDB Stub or QEMU
Reply With Quote
The Following User Says Thank You to matt For This Useful Post:
danrevella (06-20-2020)
  #5  
Old 06-21-2020, 02:55
danrevella danrevella is offline
Friend
 
Join Date: Dec 2019
Location: Italy
Posts: 13
Rept. Given: 0
Rept. Rcvd 0 Times in 0 Posts
Thanks Given: 15
Thanks Rcvd at 2 Times in 2 Posts
danrevella Reputation: 0
Many thanks to all for your effort, I have read all, and even other threads, but for me is un "impossible mission" ;-)
As last resource I have also try with "windebug essential"+Virtualbox, but debugging kernel mode is different from debugging from bios-post......
Reply With Quote
  #6  
Old 06-22-2020, 05:07
niculaita's Avatar
niculaita niculaita is online now
Family
 
Join Date: Jun 2011
Location: here
Posts: 1,169
Rept. Given: 873
Rept. Rcvd 85 Times in 57 Posts
Thanks Given: 2,854
Thanks Rcvd at 436 Times in 313 Posts
niculaita Reputation: 85
just concentrate on utility
__________________
Decode and Conquer
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



All times are GMT +8. The time now is 22:37.


Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX
( 1998 - 2020 )