Through IDA+VMWare for debugging any kernel function
Introduction : A most of time we used Windbg+ VMW are for kernel debugging. But there is a problem that we can not use it for debug ging a Interrupt Service Routine (ISR) . In such case system will be hang and occur a infinite loop within a interruption. Such as INT 3 breakpoint interruption. This is because the interrupt cannot be handled normally, the breakpoint exception is never been dispatched normally. Because of this reason, we actually can able to use a VMWare ’ debugging interfaces for debugging ISR. VMWare exported a interfaces with GDB, we can enable it through this configuration in .vmx file For 64-Bit system should debugStub.listen.guest64 = "TRUE" For x64 system we can connect to localhost: 8864 , the port of 32 bit system is 8 832 Select process ID is 0 Although we are attached into kernel, but we may not able to view the code since the memory region is not created, we can use IDA function - debugger-&g