Hakman Posted February 14, 2016 Posted February 14, 2016 (edited) Some kernel debuggers are capable of working on the same machine where target OS is being debugged. There is no need to set up a virtual machine or connect two computers via a cable in such case, everything is done locally. For instance, I've used Syser debugger and noticed that it adds message during Windows XP booting screen. During kernel debugging everything is unresponsive, except debugger window. And if you install it on Windows 7 it makes system unbootable. So it definitely has something to do with the way everything boots. How do they achieve that? Do they alter the way computer boots? Do they supply their own boot loader which loads their code, then OS? If that's true, how do they prevent OS from accidentally overwriting that code in memory? Edited February 14, 2016 by Hakman
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now