|
HyperDbg Debugger
|
HyperDbg general functions for reading and converting and etc. More...
#include "pch.h"Functions | |
| BOOLEAN | ConvertTokenToUInt64 (CommandToken TargetToken, PUINT64 Result) |
| add ` between 64 bit values and convert them to string | |
| std::string | GetCaseSensitiveStringFromCommandToken (CommandToken TargetToken) |
| Get case sensitive string from command token. | |
| std::string | GetLowerStringFromCommandToken (CommandToken TargetToken) |
| Get lower case string from command token. | |
| BOOLEAN | CompareLowerCaseStrings (CommandToken TargetToken, const CHAR *StringToCompare) |
| Compare lower case strings. | |
| BOOLEAN | IsTokenBracketString (CommandToken TargetToken) |
| Is token bracket string. | |
| BOOLEAN | ConvertTokenToUInt32 (CommandToken TargetToken, PUINT32 Result) |
| check and convert command token to a 32 bit unsigned integer | |
| BOOLEAN | HasEnding (string const &fullString, string const &ending) |
| checks whether the string ends with a special string or not | |
| BOOLEAN | ValidateIP (const string &ip) |
| Function to validate an IP address. | |
| BOOLEAN | VmxSupportDetection () |
| Detect whether the VMX is supported or not. | |
| BOOL | SetPrivilege (HANDLE Token, LPCTSTR Privilege, BOOL EnablePrivilege) |
| SetPrivilege enables/disables process token privilege. | |
| VOID | Trim (std::string &s) |
| trim from both ends and start of a string (in place) | |
| std::string | RemoveSpaces (std::string str) |
| Remove all the spaces in a string. | |
| BOOLEAN | IsFileExistA (const CHAR *FileName) |
| check if a file exist or not (ASCII) | |
| BOOLEAN | IsFileExistW (const WCHAR *FileName) |
| check if a file exist or not (wide-char) | |
| BOOLEAN | IsEmptyString (CHAR *Text) |
| Is empty character. | |
| VOID | GetConfigFilePath (PWCHAR ConfigPath) |
| Get config path. | |
| std::vector< std::string > | ListDirectory (const std::string &Directory, const std::string &Extension) |
| Create a list of special files in a directory. | |
| VOID | StringToWString (std::wstring &ws, const std::string &s) |
| convert std::string to std::wstring | |
| SIZE_T | FindCaseInsensitive (std::string Input, std::string ToSearch, SIZE_T Pos) |
| Find case insensitive sub string in a given substring. | |
| SIZE_T | FindCaseInsensitiveW (std::wstring Input, std::wstring ToSearch, SIZE_T Pos) |
| Find case insensitive sub string in a given substring (unicode). | |
| CHAR * | ConvertStringVectorToCharPointerArray (const std::string &s) |
| Convert vector<string> to char*. | |
| VOID | CommonCpuidInstruction (UINT32 Func, UINT32 SubFunc, INT *CpuInfo) |
| Get cpuid results. | |
| UINT32 | Getx86VirtualAddressWidth () |
| Get virtual address width for x86 processors. | |
| BOOLEAN | CheckCpuSupportRtm () |
| Check whether the processor supports RTM or not. | |
| BOOLEAN | CheckAddressCanonicality (UINT64 VAddr, PBOOLEAN IsKernelAddress) |
| Checks if the address is canonical based on x86 processor's virtual address width or not. | |
| BOOLEAN | CheckAddressValidityUsingTsx (UINT64 Address) |
| This function checks whether the address is valid or not using Intel TSX. | |
| BOOLEAN | CheckAccessValidityAndSafety (UINT64 TargetAddress, UINT32 Size) |
| Check the safety to access the memory. | |
| UINT32 | Log2Ceil (UINT32 n) |
| Function to compute log2Ceil. | |
Variables | |
| BOOLEAN | g_RtmSupport |
| check for RTM support | |
| UINT32 | g_VirtualAddressWidth |
| Virtual address width for x86 processors. | |
HyperDbg general functions for reading and converting and etc.
Check the safety to access the memory.
| TargetAddress | |
| Size |
Checks if the address is canonical based on x86 processor's virtual address width or not.
| VAddr | virtual address to check |
| IsKernelAddress | Filled to show whether the address is a kernel address or user-address |
IsKernelAddress wouldn't check for page attributes, it just checks the address convention in Windows
| BOOLEAN CheckAddressValidityUsingTsx | ( | UINT64 | Address | ) |
This function checks whether the address is valid or not using Intel TSX.
| Address | Address to check |
| UINT32 | ProcId |
| BOOLEAN CheckCpuSupportRtm | ( | ) |
Check whether the processor supports RTM or not.
Get cpuid results.
| Func | |
| SubFunc | |
| CpuInfo |
| BOOLEAN CompareLowerCaseStrings | ( | CommandToken | TargetToken, |
| const CHAR * | StringToCompare ) |
Compare lower case strings.
| TargetToken | the target command token |
| StringToCompare | the string to compare |
| CHAR * ConvertStringVectorToCharPointerArray | ( | const std::string & | s | ) |
Convert vector<string> to char*.
use it like : std::transform(vs.begin(), vs.end(), std::back_inserter(vc), ConvertStringVectorToCharPointerArray); from: https://stackoverflow.com/questions/7048888/stdvectorstdstring-to-char-array
| s |
| BOOLEAN ConvertTokenToUInt32 | ( | CommandToken | TargetToken, |
| PUINT32 | Result ) |
check and convert command token to a 32 bit unsigned integer
| TargetToken | the target command token |
| Result | result will be save to the pointer |
| BOOLEAN ConvertTokenToUInt64 | ( | CommandToken | TargetToken, |
| PUINT64 | Result ) |
add ` between 64 bit values and convert them to string
| Value |
OstringStream << setw(16) << setfill('0') << hex << Value; Temp = OstringStream.str();
Temp.insert(8, 1, '`'); return Temp; }
/**
print bits and bytes for d* commands
| Size | |
| Ptr |
for (i = Size - 1; i >= 0; i–) { for (j = 7; j >= 0; j–) { Byte = (Buf[i] >> j) & 1; ShowMessages("%u", Byte); } ShowMessages(" ", Byte); } }
/**
general replace all function
| str | |
| from | |
| to |
/**
general replace all function
| str | |
| from | |
| to |
if (from.empty()) return;
while ((SartPos = str.find(from, SartPos)) != std::string::npos) { str.replace(SartPos, from.length(), to); // // In case 'to' contains 'from', like replacing // 'x' with 'yx' // SartPos += to.length(); } }
/**
general split command
| s | target string |
| c | splitter (delimiter) |
for (auto n : s) { if (n != c) buff += n; else if (n == c && !buff.empty()) { v.push_back(buff); buff.clear(); } } if (!buff.empty()) v.push_back(buff);
return v; }
/**
check if given string is a numeric string or not
| str |
/**
check whether the string is hex or not
| s |
for (auto & CptrChar : s) { IsAnyThing = TRUE;
if (!isxdigit(CptrChar)) { return FALSE; } } if (IsAnyThing) { return TRUE; } return FALSE; }
/**
check whether the string is decimal or not
| s |
for (auto & CptrChar : s) { IsAnyThing = TRUE;
if (!isdigit(CptrChar)) { return FALSE; } } if (IsAnyThing) { return TRUE; } return FALSE; }
/**
converts hex to bytes
| hex |
for (UINT32 i = 0; i < hex.length(); i += 2) { std::string byteString = hex.substr(i, 2); CHAR Byte = (CHAR)strtol(byteString.c_str(), NULL, 16); Bytes.push_back(Byte); }
return Bytes; }
/**
check and convert string to a 64 bit unsigned integer and also check for special notations like 0x, 0n, etc.
| TextToConvert | the target string |
| Result | result will be save to the pointer |
if (TextToConvert.rfind("0x", 0) == 0 || TextToConvert.rfind("0X", 0) == 0 || TextToConvert.rfind("\\x", 0) == 0 || TextToConvert.rfind("\\X", 0) == 0) { TextToConvert = TextToConvert.erase(0, 2); } else if (TextToConvert.rfind('x', 0) == 0 || TextToConvert.rfind('X', 0) == 0) { TextToConvert = TextToConvert.erase(0, 1); } else if (TextToConvert.rfind("0n", 0) == 0 || TextToConvert.rfind("0N", 0) == 0 || TextToConvert.rfind("\\n", 0) == 0 || TextToConvert.rfind("\\N", 0) == 0) { TextToConvert = TextToConvert.erase(0, 2); IsDecimal = TRUE; } else if (TextToConvert.rfind('n', 0) == 0 || TextToConvert.rfind('N', 0) == 0) { TextToConvert = TextToConvert.erase(0, 1); IsDecimal = TRUE; }
// // Remove '`' (if any)
TextToConvert.erase(remove(TextToConvert.begin(), TextToConvert.end(), '`'), TextToConvert.end());
if (IsDecimal) { if (!IsDecimalNotation(TextToConvert)) { // // Not decimal // return FALSE; } else { errno = 0; CHAR * Unparsed = NULL; const CHAR * S = TextToConvert.c_str(); const UINT64 N = strtoull(S, &Unparsed, 10);
if (errno || (!N && S == Unparsed)) { // fflush(stdout); // perror(s); return FALSE; }
*Result = N; return TRUE; } } else { // // It's not decimal // if (!IsHexNotation(TextToConvert)) { // // Not decimal and not hex! // return FALSE; } else { // // It's a hex number // const CHAR * Text = TextToConvert.c_str(); errno = 0; UINT64 ResultValue = strtoull(Text, NULL, 16);
*Result = ResultValue;
if (errno == EINVAL) { return FALSE; } else if (errno == ERANGE) { return TRUE; }
return TRUE; } } }
/**
check and convert string to a 32 bit unsigned it and also check for special notations like 0x etc.
| TextToConvert | the target string |
| Result | result will be save to the pointer |
if (TextToConvert.rfind("0x", 0) == 0 || TextToConvert.rfind("0X", 0) == 0 || TextToConvert.rfind("\\x", 0) == 0 || TextToConvert.rfind("\\X", 0) == 0) { TextToConvert = TextToConvert.erase(0, 2); } else if (TextToConvert.rfind('x', 0) == 0 || TextToConvert.rfind('X', 0) == 0) { TextToConvert = TextToConvert.erase(0, 1); } else if (TextToConvert.rfind("0n", 0) == 0 || TextToConvert.rfind("0N", 0) == 0 || TextToConvert.rfind("\\n", 0) == 0 || TextToConvert.rfind("\\N", 0) == 0) { TextToConvert = TextToConvert.erase(0, 2); IsDecimal = TRUE; } else if (TextToConvert.rfind('n', 0) == 0 || TextToConvert.rfind('N', 0) == 0) { TextToConvert = TextToConvert.erase(0, 1); IsDecimal = TRUE; }
TextToConvert.erase(remove(TextToConvert.begin(), TextToConvert.end(), '`'), TextToConvert.end());
if (IsDecimal) { if (!IsDecimalNotation(TextToConvert)) { return FALSE; } else { try { INT I = std::stoi(TextToConvert); Result = I; return TRUE; } catch (std::invalid_argument const &) {
Bad input: std::invalid_argument thrown
return FALSE;
}
catch (std::out_of_range const &)
{
Integer overflow: std::out_of_range thrown
return FALSE;
}
return FALSE;
}
}
else
{
It's not decimal
if (!IsHexNotation(TextToConvert))
{
return FALSE;
}
else
{
It's hex number
UINT32 TempResult;
TempResult = stoi(TextToConvert, nullptr, 16);
Apply the results
Result = TempResult;
return TRUE;
}
}
}
/**
check and convert command token to a 64 bit unsigned integer
| TargetToken | the target command token |
| Result | result will be save to the pointer |
| SIZE_T FindCaseInsensitive | ( | std::string | Input, |
| std::string | ToSearch, | ||
| SIZE_T | Pos ) |
Find case insensitive sub string in a given substring.
| Input | |
| ToSearch | |
| Pos |
| SIZE_T FindCaseInsensitiveW | ( | std::wstring | Input, |
| std::wstring | ToSearch, | ||
| SIZE_T | Pos ) |
Find case insensitive sub string in a given substring (unicode).
| Input | |
| ToSearch | |
| Pos |
| std::string GetCaseSensitiveStringFromCommandToken | ( | CommandToken | TargetToken | ) |
Get case sensitive string from command token.
| TargetToken | the target command token |
| VOID GetConfigFilePath | ( | PWCHAR | ConfigPath | ) |
Get config path.
| ConfigPath |
| std::string GetLowerStringFromCommandToken | ( | CommandToken | TargetToken | ) |
Get lower case string from command token.
| TargetToken | the target command token |
| UINT32 Getx86VirtualAddressWidth | ( | ) |
| BOOLEAN HasEnding | ( | string const & | fullString, |
| string const & | ending ) |
checks whether the string ends with a special string or not
| fullString | |
| ending |
Is empty character.
| Text |
check if a file exist or not (ASCII)
| FileName | path of file |
| BOOLEAN IsFileExistW | ( | const WCHAR * | FileName | ) |
check if a file exist or not (wide-char)
| FileName | path of file |
| BOOLEAN IsTokenBracketString | ( | CommandToken | TargetToken | ) |
Is token bracket string.
| TargetToken | the target command token |
| std::vector< std::string > ListDirectory | ( | const std::string & | Directory, |
| const std::string & | Extension ) |
Create a list of special files in a directory.
| Directory | |
| Extension |
Function to compute log2Ceil.
| n |
| std::string RemoveSpaces | ( | std::string | str | ) |
Remove all the spaces in a string.
| str |
SetPrivilege enables/disables process token privilege.
| Token | |
| Privilege | |
| EnablePrivilege |
| VOID StringToWString | ( | std::wstring & | ws, |
| const std::string & | s ) |
convert std::string to std::wstring
| ws | |
| s |
| VOID Trim | ( | std::string & | s | ) |
trim from both ends and start of a string (in place)
| s |
| BOOLEAN ValidateIP | ( | const string & | ip | ) |
Function to validate an IP address.
| ip |
| BOOLEAN VmxSupportDetection | ( | ) |
Detect whether the VMX is supported or not.
|
extern |
check for RTM support
|
extern |
Virtual address width for x86 processors.