Setting up a Windows machine for drivers and minifilters testing and debugging using KDNET

Also see Setting up a Windows machine for drivers and minifilters, testing and debugging using VirtualKD-Redux.

There is already a OCI image in ‣. It is based on Win10. It can be used as a virtual machine for testing driver. The account email is [email protected] and password is shared on Zoho Vault. See the entry Win10 OCI for testing minifilter and drivers in ‣. PIN is 1443.
This machine already has the following executed.

bcdedit /debug on
bcdedit -set testsigning on

Install your driver or minifilter

https://learn.microsoft.com/en-us/windows-hardware/drivers/ifs/development-and-testing-tools
Install the minifilter. ‣
Run verifier.exe and adds your filter to the list that are to be tested by verifier.

debugging

BCDEdit /dbgsettings - Windows drivers

More specifically, we want to debug over the network. https://learn.microsoft.com/en-us/windows-hardware/drivers/debugger/setting-up-a-network-debugging-connection
We will use the following tutorial

Setting Up KDNET Network Kernel Debugging Automatically - Windows drivers

PS C:\\Program Files\\SubconsciousShield> ipconfig

Windows IP Configuration

Ethernet adapter Ethernet:

   Connection-specific DNS Suffix  . :
   Link-local IPv6 Address . . . . . : fe80::a417:7361:13b4:cac3%3
   IPv4 Address. . . . . . . . . . . : 10.0.2.15
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 10.0.2.2
PS C:\\Program Files\\SubconsciousShield>

Locate the kdnet.exe and VerifiedNICList.xml files and copy them over to virtual machine. I am sharing a folder between Host and the guest. I am going to drop these two files into the shared folder. I am in a msys2 shell. I located these files and copied the appropriate one to the shared folder.

[dilaw@Dilawar-SUBCOM shield (main)]$ find /c/Program\\ Files\\ \\(x86\\)/Windows\\ Kits/10/ -name "kdnet.exe"
/c/Program Files (x86)/Windows Kits/10/Debuggers/arm/kdnet.exe
/c/Program Files (x86)/Windows Kits/10/Debuggers/arm64/kdnet.exe
/c/Program Files (x86)/Windows Kits/10/Debuggers/x64/kdnet.exe
/c/Program Files (x86)/Windows Kits/10/Debuggers/x86/kdnet.exe
[dilaw@Dilawar-SUBCOM shield (main)]$ find /c/Program\\ Files\\ \\(x86\\)/Windows\\ Kits/10/ -name "VerifiedNICList.xml"
/c/Program Files (x86)/Windows Kits/10/Debuggers/arm/VerifiedNICList.xml
/c/Program Files (x86)/Windows Kits/10/Debuggers/arm64/VerifiedNICList.xml
/c/Program Files (x86)/Windows Kits/10/Debuggers/x64/VerifiedNICList.xml
/c/Program Files (x86)/Windows Kits/10/Debuggers/x86/VerifiedNICList.xml
[dilaw@Dilawar-SUBCOM shield (main)]$

Now I access the shared folder in the guest machine.

Untitled

Copy these two files into C:\\KDNET folder (create one if you don’t have it). Run the following command.

😎 One of the network interface supports network debugging.
Get the IP of the host machine. In my case it is 192.168.0.108. Run the following in the guest and generate the key. Copy the key.

PS C:\\KDNET> .\\kdnet.exe 192.168.0.108 50000

Enabling network debugging on Intel(R) PRO/1000 MT Desktop Adapter.

To debug this machine, run the following command on your debugger host machine.
windbg -k net:port=50000,key=2yz7e58xrty3w.1wh7w03muu3yo.oq5oyf4u0i0w.30k1j4srb8gdu

Then reboot this machine by running shutdown -r -t 0 from this command prompt.
PS C:\\KDNET>