IDA5.5双机调试驱动

首先用IDA打开要调试的驱动

打开VMWARE中的虚拟机,设置好VMware中系统的联机调试的相关设置.

启动虚拟机,进入debug模式,然后开始设置IDA:

1.Debugger->Switch Debugger,选择Windbg Debugger,确定(这里ida是要先载入要调试的驱动才会出现选项);

2.Debugger->Debugger Options,在弹出的对话框中点击Set specific Options,在弹出的对话框Configuration的Debugging tools folder后的编辑框中,选择Windbg.exe的安装路径,并把下面的Kernel mode debugging前的对钩选上,连续点击OK,返回主界面;

3.Debugger->Process options,然后再弹出的对话框中的Connection string后的对话框中设置Com:port=\\.\pipe\com_1,baud=115200,pipe,点OK;

4.Debugger->Attach to process,在弹出的对话框中选择 0 <Kernel>,点OK;

等待IDA搜索完成符号文件,

然后在我们需要断下来的地方,按F2下断点,

然后F9运行,之后再VMware的系统中加载驱动,

IDA中会断到下断点的问题。

refer: http://hi.baidu.com/52hmily/blog/item/f119c7ca9584fe8dc917683a.html

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s