The host can be any machine on the same subnet running WinDbg. This can be a physical machine, UTM, VMware, etc. If you're running a VM as the KDNET host, make sure to use a bridged network connection.
- Get the host IP address with
ipconfig. In our example, we will use10.0.1.11 - Launch WinDbg, Start debugging -> Attach to kernel -> Net
- Enter port number "50000", key "1.1.1.1", and press OK
Note if you want multiple concurrent debugging sessions with different targets, choose a new port number for each one.
- Create and install Windows VM in UTM
- Open the VM settings and create a new Network device
- For this new device, set the Network Mode to "Bridged (Advanced)" and the Bridged Interface to either "Automatic" or the interface which can see the host.
- Change the Emulated Network Card to "Intel Gigagit Ethernet (e1000)
- Save the settings
- Start the VM
- When the UTM logo comes up press Esc and enter the UEFI menu
- Select Device Manager -> Secure Boot Configuration -> Attempt Secure Boot (press Spacebar)
- Go back, save and restart the VM
Follow this guide: https://learn.microsoft.com/en-us/windows-hardware/drivers/debugger/setting-up-a-network-debugging-connection
- Open a terminal as Administrator
bcdedit /debug onbcdedit /dbgsettings net hostip:10.0.1.11 port:50000 key:1.1.1.1(change hostip and port to match the host)bcdedit /set "{dbgsettings}" busparams b.d.fwhere b.d.f is the bus number, device number, and function number of the adapter. You can find this in Device Manager. Note that on ARM64 builds, there is no driver for E1000 so you will just see a generic "Ethernet Controller".- (Optional)
bcdedit /set testsigning onif you want to load test signed drivers - Reboot and it will attempt to connect to the host
You can also debug Windows PE. Follow this guide: https://learn.microsoft.com/en-us/windows-hardware/manufacture/desktop/winpe-debug-apps?view=windows-11
For the bcdedit steps, remember to set the busparams which is missing from Microsoft's guide.