HyperDbg Debugger
Loading...
Searching...
No Matches
HyperTrace.h File Reference

HyperDbg's SDK for hypertrace project. More...

Go to the source code of this file.

Classes

struct  _HYPERTRACE_CALLBACKS
 Prototype of each function needed by hypertrace module. More...

Typedefs

typedef BOOLEAN(* LOG_CALLBACK_PREPARE_AND_SEND_MESSAGE_TO_QUEUE) (UINT32 OperationCode, BOOLEAN IsImmediateMessage, BOOLEAN ShowCurrentSystemTime, BOOLEAN Priority, const CHAR *Fmt, va_list ArgList)
 A function from the message tracer that send the inputs to the queue of the messages.
typedef BOOLEAN(* LOG_CALLBACK_SEND_MESSAGE_TO_QUEUE) (UINT32 OperationCode, BOOLEAN IsImmediateMessage, CHAR *LogMessage, UINT32 BufferLen, BOOLEAN Priority)
 A function that sends the messages to message tracer buffers.
typedef BOOLEAN(* LOG_CALLBACK_SEND_BUFFER) (_In_ UINT32 OperationCode, _In_reads_bytes_(BufferLength) PVOID Buffer, _In_ UINT32 BufferLength, _In_ BOOLEAN Priority)
 A function that sends the messages to message tracer buffers.
typedef BOOLEAN(* LOG_CALLBACK_CHECK_IF_BUFFER_IS_FULL) (BOOLEAN Priority)
 A function that checks whether the priority or regular buffer is full or not.
typedef UINT64(* VM_FUNC_GET_DEBUGCTL) ()
 A function that gets the guest state of IA32_DEBUGCTL.
typedef UINT64(* VM_FUNC_GET_DEBUGCTL_VMCALL_ON_TARGET_CORE) ()
 A function that gets the guest state of IA32_DEBUGCTL on the target core using VMCALL.
typedef UINT64(* VM_FUNC_GET_GUEST_IA32_LBR_CTL) ()
 A function that gets the guest state of IA32_LBR_CTL.
typedef UINT64(* VM_FUNC_GET_GUEST_IA32_LBR_CTL_VMCALL_ON_TARGET_CORE) ()
 A function that gets the guest state of IA32_LBR_CTL on the target core using VMCALL.
typedef VOID(* VM_FUNC_SET_DEBUGCTL) (UINT64 Value)
 A function that gets the guest state of IA32_DEBUGCTL.
typedef VOID(* VM_FUNC_SET_DEBUGCTL_VMCALL_ON_TARGET_CORE) (UINT64 Value)
 A function that gets the guest state of IA32_DEBUGCTL on the target core using VMCALL.
typedef VOID(* VM_FUNC_SET_GUEST_IA32_LBR_CTL) (UINT64 Value)
 A function that sets guest IA32_LBR_CTL.
typedef VOID(* VM_FUNC_SET_GUEST_IA32_LBR_CTL_VMCALL_ON_TARGET_CORE) (UINT64 Value)
 A function that sets guest IA32_LBR_CTL on the target core using VMCALL.
typedef VOID(* VM_FUNC_SET_LBR_SELECT) (UINT64 FilterOptions)
 A function that set MSR_LEGACY_LBR_SELECT.
typedef VOID(* VM_FUNC_SET_LBR_SELECT_VMCALL_ON_TARGET_CORE) (UINT64 FilterOptions)
 A function that set MSR_LEGACY_LBR_SELECT on the target core using VMCALL.
typedef BOOLEAN(* VM_FUNC_CHECK_CPU_SUPPORT_FOR_SAVE_AND_LOAD_DEBUG_CONTROLS) ()
 A function that checks whether IA32_DEBUGCTL can be used in load and save of exit and entry controls.
typedef BOOLEAN(* VM_FUNC_CHECK_CPU_SUPPORT_FOR_LOAD_AND_CLEAR_GUEST_IA32_LBR_CTL_CONTROLS) ()
 A function that checks whether guest IA32_LBR_CTL can be used in load and clear of guest IA32_LBR_CTL controls.
typedef VOID(* VM_FUNC_SET_LOAD_DEBUG_CONTROLS) (UINT32 CoreId, BOOLEAN Set)
 A function that sets load debug controls on VM-entry controls.
typedef VOID(* VM_FUNC_SET_LOAD_DEBUG_CONTROLS_VMCALL_ON_TARGET_CORE) (BOOLEAN Set)
 A function that sets load debug controls on VM-entry controls on the target core from VMCS using VMCALL.
typedef VOID(* VM_FUNC_SET_LOAD_GUEST_IA32_LBR_CTL) (UINT32 CoreId, BOOLEAN Set)
 A function that sets load guest IA32_LBR_CTL on VM-entry controls.
typedef VOID(* VM_FUNC_SET_LOAD_GUEST_IA32_LBR_CTL_VMCALL_ON_TARGET_CORE) (BOOLEAN Set)
 A function that sets load guest IA32_LBR_CTL on VM-entry controls on the target core from VMCS using VMCALL.
typedef VOID(* VM_FUNC_SET_SAVE_DEBUG_CONTROLS) (UINT32 CoreId, BOOLEAN Set)
 A function that sets save debug controls on VM-exit controls.
typedef VOID(* VM_FUNC_SET_SAVE_DEBUG_CONTROLS_VMCALL_ON_TARGET_CORE) (BOOLEAN Set)
 A function that sets save debug controls on VM-exit controls on the target core from VMCS using VMCALL.
typedef VOID(* VM_FUNC_SET_CLEAR_GUEST_IA32_LBR_CTL) (UINT32 CoreId, BOOLEAN Set)
 A function that sets clear guest IA32_LBR_CTL on VM-exit controls.
typedef VOID(* VM_FUNC_SET_CLEAR_GUEST_IA32_LBR_CTL_VMCALL_ON_TARGET_CORE) (BOOLEAN Set)
 A function that sets clear guest IA32_LBR_CTL on VM-exit controls on the target core from VMCS using VMCALL.
typedef BOOLEAN(* VM_FUNC_VMX_GET_CURRENT_EXECUTION_MODE) ()
 A function that checks whether the current execution mode is VMX-root mode or not.
typedef BOOLEAN(* CHECK_ACCESS_VALIDITY_AND_SAFETY) (UINT64 TargetAddress, UINT32 Size)
 A function that checks the validity and safety of the target address.
typedef BOOLEAN(* MEMORY_MAPPER_READ_MEMORY_SAFE_ON_TARGET_PROCESS) (UINT64 VaAddressToRead, PVOID BufferToSaveMemory, SIZE_T SizeToRead)
 A function that reads memory safely on the target process.
typedef BOOLEAN(* MEMORY_MAPPER_WRITE_MEMORY_SAFE_ON_TARGET_PROCESS) (UINT64 Destination, PVOID Source, SIZE_T Size)
 A function that writes memory safely on the target process.
typedef PCHAR(* COMMON_GET_PROCESS_NAME_FROM_PROCESS_CONTROL_BLOCK) (PVOID Eprocess)
 A function that gets the process name from the process control block.
typedef struct _HYPERTRACE_CALLBACKS HYPERTRACE_CALLBACKS
 Prototype of each function needed by hypertrace module.
typedef struct _HYPERTRACE_CALLBACKSPHYPERTRACE_CALLBACKS

Detailed Description

HyperDbg's SDK for hypertrace project.

Author
Sina Karvandi (sina@.nosp@m.hype.nosp@m.rdbg..nosp@m.org)

This file contains definitions of HyperTrace routines

Version
0.14
Date
2025-06-07

Typedef Documentation

◆ CHECK_ACCESS_VALIDITY_AND_SAFETY

typedef BOOLEAN(* CHECK_ACCESS_VALIDITY_AND_SAFETY) (UINT64 TargetAddress, UINT32 Size)

A function that checks the validity and safety of the target address.

◆ COMMON_GET_PROCESS_NAME_FROM_PROCESS_CONTROL_BLOCK

typedef PCHAR(* COMMON_GET_PROCESS_NAME_FROM_PROCESS_CONTROL_BLOCK) (PVOID Eprocess)

A function that gets the process name from the process control block.

◆ HYPERTRACE_CALLBACKS

Prototype of each function needed by hypertrace module.

◆ LOG_CALLBACK_CHECK_IF_BUFFER_IS_FULL

typedef BOOLEAN(* LOG_CALLBACK_CHECK_IF_BUFFER_IS_FULL) (BOOLEAN Priority)

A function that checks whether the priority or regular buffer is full or not.

◆ LOG_CALLBACK_PREPARE_AND_SEND_MESSAGE_TO_QUEUE

typedef BOOLEAN(* LOG_CALLBACK_PREPARE_AND_SEND_MESSAGE_TO_QUEUE) (UINT32 OperationCode, BOOLEAN IsImmediateMessage, BOOLEAN ShowCurrentSystemTime, BOOLEAN Priority, const CHAR *Fmt, va_list ArgList)

A function from the message tracer that send the inputs to the queue of the messages.

◆ LOG_CALLBACK_SEND_BUFFER

typedef BOOLEAN(* LOG_CALLBACK_SEND_BUFFER) (_In_ UINT32 OperationCode, _In_reads_bytes_(BufferLength) PVOID Buffer, _In_ UINT32 BufferLength, _In_ BOOLEAN Priority)

A function that sends the messages to message tracer buffers.

◆ LOG_CALLBACK_SEND_MESSAGE_TO_QUEUE

typedef BOOLEAN(* LOG_CALLBACK_SEND_MESSAGE_TO_QUEUE) (UINT32 OperationCode, BOOLEAN IsImmediateMessage, CHAR *LogMessage, UINT32 BufferLen, BOOLEAN Priority)

A function that sends the messages to message tracer buffers.

◆ MEMORY_MAPPER_READ_MEMORY_SAFE_ON_TARGET_PROCESS

typedef BOOLEAN(* MEMORY_MAPPER_READ_MEMORY_SAFE_ON_TARGET_PROCESS) (UINT64 VaAddressToRead, PVOID BufferToSaveMemory, SIZE_T SizeToRead)

A function that reads memory safely on the target process.

◆ MEMORY_MAPPER_WRITE_MEMORY_SAFE_ON_TARGET_PROCESS

typedef BOOLEAN(* MEMORY_MAPPER_WRITE_MEMORY_SAFE_ON_TARGET_PROCESS) (UINT64 Destination, PVOID Source, SIZE_T Size)

A function that writes memory safely on the target process.

◆ PHYPERTRACE_CALLBACKS

◆ VM_FUNC_CHECK_CPU_SUPPORT_FOR_LOAD_AND_CLEAR_GUEST_IA32_LBR_CTL_CONTROLS

typedef BOOLEAN(* VM_FUNC_CHECK_CPU_SUPPORT_FOR_LOAD_AND_CLEAR_GUEST_IA32_LBR_CTL_CONTROLS) ()

A function that checks whether guest IA32_LBR_CTL can be used in load and clear of guest IA32_LBR_CTL controls.

◆ VM_FUNC_CHECK_CPU_SUPPORT_FOR_SAVE_AND_LOAD_DEBUG_CONTROLS

typedef BOOLEAN(* VM_FUNC_CHECK_CPU_SUPPORT_FOR_SAVE_AND_LOAD_DEBUG_CONTROLS) ()

A function that checks whether IA32_DEBUGCTL can be used in load and save of exit and entry controls.

◆ VM_FUNC_GET_DEBUGCTL

typedef UINT64(* VM_FUNC_GET_DEBUGCTL) ()

A function that gets the guest state of IA32_DEBUGCTL.

◆ VM_FUNC_GET_DEBUGCTL_VMCALL_ON_TARGET_CORE

typedef UINT64(* VM_FUNC_GET_DEBUGCTL_VMCALL_ON_TARGET_CORE) ()

A function that gets the guest state of IA32_DEBUGCTL on the target core using VMCALL.

◆ VM_FUNC_GET_GUEST_IA32_LBR_CTL

typedef UINT64(* VM_FUNC_GET_GUEST_IA32_LBR_CTL) ()

A function that gets the guest state of IA32_LBR_CTL.

◆ VM_FUNC_GET_GUEST_IA32_LBR_CTL_VMCALL_ON_TARGET_CORE

typedef UINT64(* VM_FUNC_GET_GUEST_IA32_LBR_CTL_VMCALL_ON_TARGET_CORE) ()

A function that gets the guest state of IA32_LBR_CTL on the target core using VMCALL.

◆ VM_FUNC_SET_CLEAR_GUEST_IA32_LBR_CTL

typedef VOID(* VM_FUNC_SET_CLEAR_GUEST_IA32_LBR_CTL) (UINT32 CoreId, BOOLEAN Set)

A function that sets clear guest IA32_LBR_CTL on VM-exit controls.

◆ VM_FUNC_SET_CLEAR_GUEST_IA32_LBR_CTL_VMCALL_ON_TARGET_CORE

typedef VOID(* VM_FUNC_SET_CLEAR_GUEST_IA32_LBR_CTL_VMCALL_ON_TARGET_CORE) (BOOLEAN Set)

A function that sets clear guest IA32_LBR_CTL on VM-exit controls on the target core from VMCS using VMCALL.

◆ VM_FUNC_SET_DEBUGCTL

typedef VOID(* VM_FUNC_SET_DEBUGCTL) (UINT64 Value)

A function that gets the guest state of IA32_DEBUGCTL.

◆ VM_FUNC_SET_DEBUGCTL_VMCALL_ON_TARGET_CORE

typedef VOID(* VM_FUNC_SET_DEBUGCTL_VMCALL_ON_TARGET_CORE) (UINT64 Value)

A function that gets the guest state of IA32_DEBUGCTL on the target core using VMCALL.

◆ VM_FUNC_SET_GUEST_IA32_LBR_CTL

typedef VOID(* VM_FUNC_SET_GUEST_IA32_LBR_CTL) (UINT64 Value)

A function that sets guest IA32_LBR_CTL.

◆ VM_FUNC_SET_GUEST_IA32_LBR_CTL_VMCALL_ON_TARGET_CORE

typedef VOID(* VM_FUNC_SET_GUEST_IA32_LBR_CTL_VMCALL_ON_TARGET_CORE) (UINT64 Value)

A function that sets guest IA32_LBR_CTL on the target core using VMCALL.

◆ VM_FUNC_SET_LBR_SELECT

typedef VOID(* VM_FUNC_SET_LBR_SELECT) (UINT64 FilterOptions)

A function that set MSR_LEGACY_LBR_SELECT.

◆ VM_FUNC_SET_LBR_SELECT_VMCALL_ON_TARGET_CORE

typedef VOID(* VM_FUNC_SET_LBR_SELECT_VMCALL_ON_TARGET_CORE) (UINT64 FilterOptions)

A function that set MSR_LEGACY_LBR_SELECT on the target core using VMCALL.

◆ VM_FUNC_SET_LOAD_DEBUG_CONTROLS

typedef VOID(* VM_FUNC_SET_LOAD_DEBUG_CONTROLS) (UINT32 CoreId, BOOLEAN Set)

A function that sets load debug controls on VM-entry controls.

◆ VM_FUNC_SET_LOAD_DEBUG_CONTROLS_VMCALL_ON_TARGET_CORE

typedef VOID(* VM_FUNC_SET_LOAD_DEBUG_CONTROLS_VMCALL_ON_TARGET_CORE) (BOOLEAN Set)

A function that sets load debug controls on VM-entry controls on the target core from VMCS using VMCALL.

◆ VM_FUNC_SET_LOAD_GUEST_IA32_LBR_CTL

typedef VOID(* VM_FUNC_SET_LOAD_GUEST_IA32_LBR_CTL) (UINT32 CoreId, BOOLEAN Set)

A function that sets load guest IA32_LBR_CTL on VM-entry controls.

◆ VM_FUNC_SET_LOAD_GUEST_IA32_LBR_CTL_VMCALL_ON_TARGET_CORE

typedef VOID(* VM_FUNC_SET_LOAD_GUEST_IA32_LBR_CTL_VMCALL_ON_TARGET_CORE) (BOOLEAN Set)

A function that sets load guest IA32_LBR_CTL on VM-entry controls on the target core from VMCS using VMCALL.

◆ VM_FUNC_SET_SAVE_DEBUG_CONTROLS

typedef VOID(* VM_FUNC_SET_SAVE_DEBUG_CONTROLS) (UINT32 CoreId, BOOLEAN Set)

A function that sets save debug controls on VM-exit controls.

◆ VM_FUNC_SET_SAVE_DEBUG_CONTROLS_VMCALL_ON_TARGET_CORE

typedef VOID(* VM_FUNC_SET_SAVE_DEBUG_CONTROLS_VMCALL_ON_TARGET_CORE) (BOOLEAN Set)

A function that sets save debug controls on VM-exit controls on the target core from VMCS using VMCALL.

◆ VM_FUNC_VMX_GET_CURRENT_EXECUTION_MODE

typedef BOOLEAN(* VM_FUNC_VMX_GET_CURRENT_EXECUTION_MODE) ()

A function that checks whether the current execution mode is VMX-root mode or not.