Could not set a breakpoint at nt!KeBugCheck2. #19
Comments
|
Hi,
Does your VM have internet access? `wtf` relies on symbols to be able to
set breakpoints; it feels like you might not have an NTOS pdb?
Cheers
Le jeu. 19 août 2021 à 10:28, GH0st3rs ***@***.***> a écrit :
… Hi I tried to run HEVD inside my QEMU/KVM Windows 10 x64 and got an error:
..\..\src\build\wtf.exe fuzz --backend=bochscpu --name hevd --max_len 1028 --limit 10000000
Initializing the debugger instance.. (this takes a bit of time)
Setting debug register status to zero.
Setting debug register status to zero.
Could not set a breakpoint at nt!KeBugCheck2.
Failed to initialize the target
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
<#19>, or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AALIOROXMHXKHLQRMRFYBKTT5U5K7ANCNFSM5COVUVQQ>
.
Triage notifications on the go with GitHub Mobile for iOS
<https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675>
or Android
<https://play.google.com/store/apps/details?id=com.github.android&utm_campaign=notification-email>
.
|
|
Yes it have internet access. |
|
Are you sure your symbols are configured correctly? A good test is to
install Windbg in your VM and open the kernel dump with it.
According to your output and the code (wtf/backend.cc
<https://github.com/0vercl0k/wtf/blob/main/src/wtf/backend.cc#L177-L186>):
```C
bool Backend_t::SetBreakpoint(const char *Symbol,
const BreakpointHandler_t Handler) {
const Gva_t Gva = Gva_t(g_Dbg.GetSymbol(Symbol));
if (Gva == Gva_t(0)) {
fmt::print("Could not set a breakpoint at {}.\n", Symbol);
return false;
}
return SetBreakpoint(Gva, Handler);
}
```
It's all pointing at symbols resolution.
Cheers
Le ven. 20 août 2021 à 03:05, GH0st3rs ***@***.***> a écrit :
… Yes it have internet access.
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
<#19 (comment)>, or
unsubscribe
<https://github.com/notifications/unsubscribe-auth/AALIORJJQD5TUXIL2NOP3WDT5YSIPANCNFSM5COVUVQQ>
.
Triage notifications on the go with GitHub Mobile for iOS
<https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675>
or Android
<https://play.google.com/store/apps/details?id=com.github.android&utm_campaign=notification-email>
.
|
|
Yeah, you were right, I download symbols through WinDbg and it works inside VM, that's not important, cause I run it on my Linux host machine. Thanks. This issue need to close. But now I have another problem, can you give me an advice (or link to instruction) how to I can make memory dump with my user-space windows application in next case: |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi I tried to run HEVD inside my QEMU/KVM Windows 10 x64 and got an error:
The text was updated successfully, but these errors were encountered: