Windbg, the cdb.exe to attach to process

This technique address the need to launch windbg with high privilege to debug processes running with system account privilege.

You can run windbg as normal user because we are running via cdb and cdb is running as system privilege.

Create a service for the process you want to debug,

sc.exe create AppServiceDebug binpath= "C:\Program Files\Windows Kits\10\Debuggers\x86\cdb.exe -server tcp:port=50000 C:\Program Files\APP\Debug\app.exe" 

Go to windows services, you can run services.msc to open the windows services. Make sure process will run as System Account.

After starting the service, you can open windbg and choose attach to remote process and enter the information below.

Connection string

tcp:port=50000 

Tips #

You have to quickly let windbg to continue with “g” for the service not to die. To start the service again after crash you need to kill the cdb.exe process and windbg.exe so you don’t need to do it manually.

Example of command

taskkill /F /IM cdb.exe && taskkill /F /IM windbg.exe