Remote debugging on Windows

I sometimes find myself needing to develop Windows components, like services, credential providers, Lsa extensions. Development of these types of components is much less painful if one has the ability to use a remote debugger.

Ryan Levick pointed out that the Visual Studio (not Code) debugger can debug Rust code (some rough edges, but mostly ok), so I tried doing it remotely (using msvsmon), and was pleasantly surprised to discover that it Just Works(tm).

That said, when one develops "early startup" components (pre login) one wants to start msvsmon as a service, which I have always found a little flaky (using srvany, for instance).

To make a long story short, here are two crates to make life a little easier when debugging services on Windows:

  • verboten - A simple msvsmon service wrapper
  • dbgtools-win - Utility functions which can help to wait a debugger to attach, output strings to the debugger using Windows debugger output facility.

As of recent updates to the built-in malware protection in Windows 10 it will think that verboten is malware, and put it in quarantine. (.. guess where the name "verboten" comes from..). :neutral_face: One needs to unquarantine it (or sign it, obviously). On that note -- a word of caution: To maximize ease-of-use, it starts msvsmon in a mode which disables all authentication -- do NOT run it on a system that is exposed to untrusted parties.

If none of this is interesting to you, but you're wondering if there are useful parts to use as a reference, here's the gist of it:

verboten

  • Implements a Windows Service using windows-service
    • Includes a built-in service install/uninstall feature, including registering/deregistering event log source
    • Worker thread is used to launch msvsmon as a child process, and channels are used both kill msvsmon on request, as well as report back application state to the service subsystem.
  • Logs to the Windows event log using eventlog
  • Registry read/write using winreg

dbgtools

  • Uses Microsoft's windows crate.
  • Supports a panic hook which dumps panic info and backtrace to the Windows debug output