english,

[EN] WDK Tips - Some errors and solutions

Yavuz Han Yavuz Han Follow Jul 18, 2020 · 5 mins read
[EN] WDK Tips - Some errors and solutions
Share this

Hello everybody,

In this article, I will give some solutions when writing code for Windows Kernel driver or C++. Especially these are solutions when try to set up VS Studio on VM and start to write codes. So let’s start!!

Solution of VcRuntimeDebug and Code 8007000E error

If I talk about this error, I would like to state that I did not meet for the first time. For several reasons, I had to delete my virtual machines on the computer. But before this action, it was working well. So I did the same steps to create my lab again. I thought it will take not so much time when I do this. But I have to say that it was not what I expected.

As you can see in picture above, the first error I received was vc runtime debug x86.msi error. I should also mention that I did my research on many platforms such as StackOverflow, MSDN pages, google groups. But I could not obtain any tangible solution. Besides, when I said to skip this section during the installation phase, I encountered a separate error called VScore. Since I could not solve the first error, I did not investigate this error in detail.

While dealing with these, I came across the idea of updating the virtual machine. Because I solved with some of the problems I encountered before by updating. When I wanted to check for updates, I encountered the code 8007000E error you see in the picture. When I looked at the description of this error, it was stated that Windows tried to check for updates but could not try. Here is the solution:

  • Download IE11

  • Install IE11 then restart to computer.

  • Download KB3102810 update

  • Do not install this update then restart to computer. After restart, you can install then you will restart to computer again.

  • Go to RUN command with W+R, write services.msc and go to relevant part. We will find Windows Update here then we will stop the service. Then we go to C:\Windows directory and delete the folder named SoftwareDistribution.

  • After reboot process, we are going to check the Windows Update service and make sure it works.

After all these steps, there will be no trouble.

Choosing the right WDK and SDK for KMDF on Windows7x86

In the past time, I was trying set up lab for Windows kernel exploit. Actually, I did and it’s still works well. Main problem was not to install VS Studio, main problem was to install right WDK and SKD. It was hard to find right solution because everybody said just install Windows 10 SDK and WDK after VS Studio. The correct steps are in the following guidelines:

1- Install Visual Studio Community 2015 with updates

2- After VS Studio, install Windows SDK Version 1607

3- Lastly, install Windows WDK 1607 and Windows WDK 1703

So after these are steps, you can write code for Windows Driver.

Test Certificate error and solution

When I try to write code for Windows Kernel Driver, especially after build process, I received an error named “invalid argument “certificatename.crt” for property test certificate”. I can say that the best solution I have found in this regard is to create a new certificate. Here is the solution:

  • Project-> Properties-> Driver Signing

  • Test Certificate -> Create Test Certificate*

Than you can build again without any problem.

Selecting Target Platform

This problem generally occurs when the open source project is compiled. Because some projects have compiled versions but unfortunately not everyone has the same result on their machine. That’s why the compilation process to be done by ourselves may be more beneficial. Here is the solution:

  • Project -> Properties -> Driver Settings -> Target OS

  • We will choose OS what you are using. We will choose also Target Platform.

Than you can build again without any problem.

Fixing ‘Windows.h’ Error

This is one of the interesting mistakes which I have encountered. When I create new project on VS Studio, I was adding #include to the project file. So when I tried to build, I got some error related with this. I also did my research about this. Then I found some solution and it works. Here is the solution:

Project–>Project Properties–>VC++ Directories–>Include Directories

  • Edit

  • Find path way (for SDK) for Windows.h

After everything, we solved our problem.

“cannot find or open the file” Error Solution

Actually it was not related with Windows Kernel driver programing, it was about normal C++ project. When I tried to compiling, I’have got several errors. Here is the errors:

  • Cannot find or open the PDB file

  • Cannot find or open the kernel32.dll file

  • Cannot find or open the kernalbase.dll FILE

The above is only a certain part and there was a more. In fact, there was an easy solution to this problem. We will install Symbol files that’s why we have to install Windows 10 SDK. Then we will add Symbols path way.

Computer-->>Properties-->>Advanced System Settings-->>Environment Variables-->>New User Variable
Variable Name: _NT_SYMBOL_PATH
Variable Value: SRV*C:\Symbols*https://msdl.microsoft.com/download/symbols

After this step, we will need to specify this Symbol path way on Visual Studio. After opening Visual Studio:

Debug-->Options-->Debugging-->Symbols
  • Go to “Catche Symbols in this directory” tab to add Symbol Path way

  • Then we are going to “Symbol File locations” part to select everything.

So after everything, it should be better to restart Visual Studio. If there is not exist any dll and pdb file when try to compile, VS will detect automatically.

References

1- Repairwin

2- https://docs.microsoft.com/en-us/windows-hardware/drivers/develop/signing-a-driver-during-development-and-testing

3- https://social.msdn.microsoft.com/Forums/sqlserver/en-US/7fc3b878-f6c0-4465-812c-3d671d67762d/issue-signing-wdk-driver-with-tfs-automated-build-works-fine-with-manual-build?forum=wdk

Yavuz Han
Yavuz Han Follow
Security Researcher | Low Level