If you want to debug the Windows kernel running on a generation 2 VM in Hyper-V, attaching windbg is a pain in the ass. This fast guide will show you how to set up remote kernel debugging without any hassle in such scenarios.
Stage 1: Configuring Hyper-V machine for remote connection through Serial COM
To troubleshoot the kernel, the first step is to disable secure boot. And if you're running a Generation 2 virtual machine, it's likely that it's turned on. To disable secure boot, first navigate to the appropriate virtual machine settings. Security -> Enable Secure Boot
(unchecking) provides the option to disable secure boot. Remember to turn off virtual machine before attempting to disable secure boot.
![](http://nixhacker.com/content/images/2024/04/imageedit_2_4140693707.gif)
This can also be done using powershell:
Set-VMFirmware –Vmname VmName –EnableSecureBoot Off
The next step is to create a virtual serial COM port for the virtual machine (which is not present by default for Gen 2 machines)
If you look at the VM settings, you will note that there is no option for COM port setup in the Network Adapter option.
![](http://nixhacker.com/content/images/2024/04/Gen-1-VM-Setting.png)
You have to manually set the COM port for Gen 2 VM using powershell. Before that, first verify if there is actually any virtual COM port present for the VM:
PS C:\Windows\system32> Get-VMComPort -VMName "my win 11"
VMName Name Path
------ ---- ----
my win 11 COM 1
my win 11 COM 2
You can config the COM port using following powershell command:
Set-VMComPort -VMName "my win 11" -Path \\.\pipe\testcom -Number 2
Here -Number 2
is for COM 2. -Path
contained the named pipe that this virtual COM port will use in host machine. Once done, you can reverify the setting using above Get-VMComPort
command.
You can now turn on the windows guest and verify that the COM ports are present inside Device manager:
![](http://nixhacker.com/content/images/2024/04/imageedit_1_6582270641.gif)
Stage 2: Configuring the Virtual machine guest.
The first step with the Windows virtual machine is to enable debugging. This can be done in one of two ways: graphically with msconfig
or command line with bcdedit.exe
.
Graphical way:
Open run, type msconfig
and press enter. Now goto Boot-> Advance Options
and turn on Debug
check. Then select the Debug port to COM1/COM2 and set Baud rate to 115200
.
![](http://nixhacker.com/content/images/2024/04/Screenshot-2024-04-27-003428.png)
Command line through bcdedit:
bcdedit /debug on
bcdedit /dbgsettings serial debugport:2 baudrate:115200
Here debugport 2 represent COM 2 serial port.
Stage 3: Attaching windbg to remote VM for kernel debugging
Start windbg as administrator. Goto File-> Start Debugging -> Attach to kernel
Here, select COM tab and put the named pipe created earlier on Port field and press enter.
![](http://nixhacker.com/content/images/2024/04/Screenshot-2024-04-27-010009.png)
You you would be promt with debugging session for that particular guest machine.