HyperDbg Debugger
Loading...
Searching...
No Matches
hyperdbg-ipt.cpp File Reference
#include "pch.h"
#include <string.h>
#include <stdlib.h>
#include <dbghelp.h>
#include "../dependencies/libipt/intel-pt.h"
#include <Zydis/Zydis.h>

Classes

struct  _PROC_BASIC_INFO

Typedefs

typedef struct _PROC_BASIC_INFO PROC_BASIC_INFO
typedef LONG(NTAPI * PFN_NT_QIP) (HANDLE, ULONG, PVOID, ULONG, PULONG)

Functions

int main2 (int argc, char **argv)

Typedef Documentation

◆ PFN_NT_QIP

typedef LONG(NTAPI * PFN_NT_QIP) (HANDLE, ULONG, PVOID, ULONG, PULONG)

◆ PROC_BASIC_INFO

Function Documentation

◆ main2()

int main2 ( int argc,
char ** argv )
536{
537 const char * function = "main";
538 BOOLEAN packets = FALSE;
539 int pinCore = 0;
540
541 if (argc < 2)
542 {
543 printf("HyperDbg Intel PT tracer\n");
544 printf("usage: %s <path-to-exe-that-exits> [function] [-p] [-c core]\n", argv[0]);
545 printf(" [function] symbol to IP-filter (default 'main'; pass '*' for whole .text)\n");
546 printf(" -p dump raw PT packets (TNT/TIP/FUP/PSB/...) instead of instructions\n");
547 printf(" -c core pin the target to this logical core (default 0; -1 = unpinned)\n");
548 return 1;
549 }
550
551 for (int i = 2; i < argc; i++)
552 {
553 if (strcmp(argv[i], "-p") == 0 || strcmp(argv[i], "--packets") == 0)
554 packets = TRUE;
555 else if (strcmp(argv[i], "-c") == 0 && i + 1 < argc)
556 pinCore = atoi(argv[++i]);
557 else if (strcmp(argv[i], "*") == 0)
558 function = NULL;
559 else
560 function = argv[i];
561 }
562
563 if (LoadVmmAndTrace() != 0)
564 {
565 return 1;
566 }
567
568 RunAndTrace(argv[1], function, packets, pinCore);
569
570 printf("[*] unloading HyperDbg VMM...\n");
571
572 //
573 // Unload the driver
574 //
579
580 printf("[+] done\n");
581
582 return 0;
583}
#define function
Definition Grammar.txt:125
UCHAR BOOLEAN
Definition BasicTypes.h:35
#define TRUE
Definition BasicTypes.h:114
#define FALSE
Definition BasicTypes.h:113
IMPORT_EXPORT_LIBHYPERDBG INT hyperdbg_u_unload_vmm()
Unload the VMM module.
Definition export.cpp:84
IMPORT_EXPORT_LIBHYPERDBG INT hyperdbg_u_uninstall_kd_driver()
Uninstall the KD (Kernel Debugger) driver.
Definition export.cpp:128
IMPORT_EXPORT_LIBHYPERDBG INT hyperdbg_u_unload_kd()
Unload the KD module.
Definition export.cpp:106
IMPORT_EXPORT_LIBHYPERDBG INT hyperdbg_u_stop_kd_driver()
Stop the KD driver.
Definition export.cpp:150
printf("ho")
NULL()
Definition test-case-generator.py:530
char ** argv
Definition symbol-parser.h:47