HyperDbg Debugger
Loading...
Searching...
No Matches
Functions | Variables
hwdbg-interpreter.cpp File Reference

Interpreter of hwdbg packets and requests. More...

#include "pch.h"

Functions

BOOLEAN HwdbgInterpretPacket (PVOID BufferReceived, UINT32 LengthReceived)
 Interpret packets of hwdbg.
 
std::vector< UINT32ParseLine (const std::string &Line)
 Function to parse a single line of the memory content.
 
VOID HwdbgInterpreterShowScriptCapabilities (HWDBG_INSTANCE_INFORMATION *InstanceInfo)
 Shows the script capablities of the target debuggee.
 
BOOLEAN HwdbgInterpreterCheckScriptBufferWithScriptCapabilities (HWDBG_INSTANCE_INFORMATION *InstanceInfo, PVOID ScriptBuffer, UINT32 CountOfScriptSymbolChunks, UINT32 *NumberOfStages, UINT32 *NumberOfOperands)
 Check the script capablities with the target script buffer.
 
BOOLEAN HwdbgInterpreterFillMemoryFromFile (const TCHAR *FileName, UINT32 *MemoryBuffer, size_t BufferSize)
 Function to read the file and fill the memory buffer.
 
BOOLEAN HwdbgInterpreterFillFileFromMemory (HWDBG_INSTANCE_INFORMATION *InstanceInfo, const TCHAR *FileName, UINT32 *MemoryBuffer, size_t BufferSize, HWDBG_ACTION_ENUMS RequestedAction)
 Function to write the memory buffer to a file in the specified format.
 
BOOLEAN HwdbgInterpreterCompressBuffer (UINT64 *Buffer, size_t BufferLength, UINT32 ScriptVariableLength, UINT32 BramDataWidth, size_t *NewBufferSize, size_t *NumberOfBytesPerChunk)
 Function to compress the buffer.
 
BOOLEAN HwdbgInterpreterConvertSymbolToHwdbgShortSymbolBuffer (HWDBG_INSTANCE_INFORMATION *InstanceInfo, SYMBOL *SymbolBuffer, size_t SymbolBufferLength, UINT32 NumberOfStages, HWDBG_SHORT_SYMBOL **NewShortSymbolBuffer, size_t *NewBufferSize)
 Function to compress the buffer.
 
BOOLEAN HwdbgInterpreterSendPacketAndBufferToHwdbg (HWDBG_INSTANCE_INFORMATION *InstanceInfo, const TCHAR *FileName, DEBUGGER_REMOTE_PACKET_TYPE PacketType, HWDBG_ACTION_ENUMS RequestedAction, CHAR *Buffer, UINT32 BufferLength)
 Sends a HyperDbg packet + a buffer to the hwdbg.
 
BOOLEAN HwdbgInterpreterSendScriptPacket (HWDBG_INSTANCE_INFORMATION *InstanceInfo, const TCHAR *FileName, UINT32 NumberOfSymbols, HWDBG_SHORT_SYMBOL *Buffer, UINT32 BufferLength)
 Sends a HyperDbg script packet to the hwdbg.
 

Variables

HWDBG_INSTANCE_INFORMATION g_HwdbgInstanceInfo
 Instance information of the current hwdbg debuggee.
 
BOOLEAN g_HwdbgInstanceInfoIsValid
 Shows whether the instance info is valid (received) or not.
 
std::vector< UINT32g_HwdbgPortConfiguration
 Ports configuration of hwdbg.
 

Detailed Description

Interpreter of hwdbg packets and requests.

Author
Sina Karvandi (sina@.nosp@m.hype.nosp@m.rdbg..nosp@m.org)
Version
1.0
Date
2024-06-11
Copyright
This project is released under the GNU Public License v3.

Function Documentation

◆ HwdbgInterpreterCheckScriptBufferWithScriptCapabilities()

BOOLEAN HwdbgInterpreterCheckScriptBufferWithScriptCapabilities ( HWDBG_INSTANCE_INFORMATION * InstanceInfo,
PVOID ScriptBuffer,
UINT32 CountOfScriptSymbolChunks,
UINT32 * NumberOfStages,
UINT32 * NumberOfOperands )

Check the script capablities with the target script buffer.

Parameters
InstanceInfo
ScriptBuffer
CountOfScriptSymbolChunks
NumberOfStages
NumberOfOperands
Returns
BOOLEAN TRUE if the script capablities support the script, otherwise FALSE
243{
244 BOOLEAN NotSupported = FALSE;
245 SYMBOL * SymbolArray = (SYMBOL *)ScriptBuffer;
246
247 UINT32 Stages = 0;
248 UINT32 Operands = 0;
249 UINT32 NumberOfGetOperands = 0;
250 UINT32 NumberOfSetOperands = 0;
251
252 for (size_t i = 0; i < CountOfScriptSymbolChunks; i++)
253 {
254 if (SymbolArray[i].Type != SYMBOL_SEMANTIC_RULE_TYPE)
255 {
256 //
257 // *** For operands ***
258 //
259 Operands++;
260 ShowMessages(" \t%d. found a non-semnatic rule (operand) | type: 0x%x, value: 0x%x\n", i, SymbolArray[i].Type, SymbolArray[i].Value);
261
262 //
263 // Validate the operand
264 //
265 switch (SymbolArray[i].Type)
266 {
267 case SYMBOL_GLOBAL_ID_TYPE:
268 case SYMBOL_LOCAL_ID_TYPE:
269
270 if (!InstanceInfo->scriptCapabilities.assign_local_global_var)
271 {
272 NotSupported = TRUE;
273 ShowMessages("err, global/local variable assignment is not supported\n");
274 }
275
276 if (SymbolArray[i].Value >= InstanceInfo->numberOfSupportedLocalAndGlobalVariables)
277 {
278 NotSupported = TRUE;
279 ShowMessages("err, global/local variable index is out of range of supported by this instance of hwdbg\n");
280 }
281
282 break;
283
284 case SYMBOL_UNDEFINED:
285 case SYMBOL_NUM_TYPE:
286
287 //
288 // No need to check
289 //
290 break;
291
292 case SYMBOL_REGISTER_TYPE:
293
294 if (!InstanceInfo->scriptCapabilities.assign_registers)
295 {
296 NotSupported = TRUE;
297 ShowMessages("err, register assignment is not supported\n");
298 }
299 break;
300
301 case SYMBOL_PSEUDO_REG_TYPE:
302
303 if (!InstanceInfo->scriptCapabilities.assign_pseudo_registers)
304 {
305 NotSupported = TRUE;
306 ShowMessages("err, pseudo register index is not supported\n");
307 }
308 break;
309
310 case SYMBOL_TEMP_TYPE:
311
312 if (!InstanceInfo->scriptCapabilities.conditional_statements_and_comparison_operators)
313 {
314 NotSupported = TRUE;
315 ShowMessages("err, temporary variables (for conditional statement) is not supported\n");
316 }
317
318 if (SymbolArray[i].Value >= InstanceInfo->numberOfSupportedTemporaryVariables)
319 {
320 NotSupported = TRUE;
321 ShowMessages("err, temp variable index (number of operands for conditional statements) is out of range of supported by this instance of hwdbg\n");
322 }
323
324 break;
325
326 default:
327
328 NotSupported = TRUE;
329 ShowMessages("err, unknown operand type: %d (0x%x)\n", SymbolArray[i].Type, SymbolArray[i].Type);
330 break;
331 }
332 }
333 else
334 {
335 //
336 // *** For operators ***
337 //
338 Stages++;
339 ShowMessages("- %d. found a semnatic rule (operator) | type: 0x%x, value: 0x%x\n", i, SymbolArray[i].Type, SymbolArray[i].Value);
340
341 if (ScriptEngineFuncNumberOfOperands(SymbolArray[i].Type, &NumberOfGetOperands, &NumberOfSetOperands) == FALSE)
342 {
343 NotSupported = TRUE;
344 ShowMessages("err, unknown operand type for the operator (0x%x)\n",
345 SymbolArray[i].Type);
346
347 return FALSE;
348 }
349
350 //
351 // Validate the operator
352 //
353 switch (SymbolArray[i].Value)
354 {
355 case FUNC_OR:
356 if (!InstanceInfo->scriptCapabilities.func_or)
357 {
358 NotSupported = TRUE;
359 ShowMessages("err, OR is not supported by the debuggee\n");
360 }
361 break;
362
363 case FUNC_XOR:
364 if (!InstanceInfo->scriptCapabilities.func_xor)
365 {
366 NotSupported = TRUE;
367 ShowMessages("err, XOR is not supported by the debuggee\n");
368 }
369 break;
370
371 case FUNC_AND:
372 if (!InstanceInfo->scriptCapabilities.func_and)
373 {
374 NotSupported = TRUE;
375 ShowMessages("err, AND is not supported by the debuggee\n");
376 }
377 break;
378
379 case FUNC_ASR:
380 if (!InstanceInfo->scriptCapabilities.func_asr)
381 {
382 NotSupported = TRUE;
383 ShowMessages("err, arithmetic shift right is not supported by the debuggee\n");
384 }
385 break;
386
387 case FUNC_ASL:
388 if (!InstanceInfo->scriptCapabilities.func_asl)
389 {
390 NotSupported = TRUE;
391 ShowMessages("err, arithmetic shift left is not supported by the debuggee\n");
392 }
393 break;
394
395 case FUNC_ADD:
396 if (!InstanceInfo->scriptCapabilities.func_add)
397 {
398 NotSupported = TRUE;
399 ShowMessages("err, addition is not supported by the debuggee\n");
400 }
401 break;
402
403 case FUNC_SUB:
404 if (!InstanceInfo->scriptCapabilities.func_sub)
405 {
406 NotSupported = TRUE;
407 ShowMessages("err, subtraction is not supported by the debuggee\n");
408 }
409 break;
410
411 case FUNC_MUL:
412 if (!InstanceInfo->scriptCapabilities.func_mul)
413 {
414 NotSupported = TRUE;
415 ShowMessages("err, multiplication is not supported by the debuggee\n");
416 }
417 break;
418
419 case FUNC_DIV:
420 if (!InstanceInfo->scriptCapabilities.func_div)
421 {
422 NotSupported = TRUE;
423 ShowMessages("err, division is not supported by the debuggee\n");
424 }
425 break;
426
427 case FUNC_MOD:
428 if (!InstanceInfo->scriptCapabilities.func_mod)
429 {
430 NotSupported = TRUE;
431 ShowMessages("err, modulus is not supported by the debuggee\n");
432 }
433 break;
434
435 case FUNC_GT:
436
437 if (!InstanceInfo->scriptCapabilities.func_gt ||
438 !InstanceInfo->scriptCapabilities.conditional_statements_and_comparison_operators)
439 {
440 NotSupported = TRUE;
441 ShowMessages("err, greater than is not supported by the debuggee\n");
442 }
443 break;
444
445 case FUNC_LT:
446 if (!InstanceInfo->scriptCapabilities.func_lt ||
447 !InstanceInfo->scriptCapabilities.conditional_statements_and_comparison_operators)
448 {
449 NotSupported = TRUE;
450 ShowMessages("err, less than is not supported by the debuggee\n");
451 }
452 break;
453
454 case FUNC_EGT:
455 if (!InstanceInfo->scriptCapabilities.func_egt ||
456 !InstanceInfo->scriptCapabilities.conditional_statements_and_comparison_operators)
457 {
458 NotSupported = TRUE;
459 ShowMessages("err, greater than or equal to is not supported by the debuggee\n");
460 }
461 break;
462
463 case FUNC_ELT:
464 if (!InstanceInfo->scriptCapabilities.func_elt ||
465 !InstanceInfo->scriptCapabilities.conditional_statements_and_comparison_operators)
466 {
467 NotSupported = TRUE;
468 ShowMessages("err, less than or equal to is not supported by the debuggee\n");
469 }
470 break;
471
472 case FUNC_EQUAL:
473 if (!InstanceInfo->scriptCapabilities.func_equal ||
474 !InstanceInfo->scriptCapabilities.conditional_statements_and_comparison_operators)
475 {
476 NotSupported = TRUE;
477 ShowMessages("err, equal is not supported by the debuggee\n");
478 }
479 break;
480
481 case FUNC_NEQ:
482 if (!InstanceInfo->scriptCapabilities.func_neq ||
483 !InstanceInfo->scriptCapabilities.conditional_statements_and_comparison_operators)
484 {
485 NotSupported = TRUE;
486 ShowMessages("err, not equal is not supported by the debuggee\n");
487 }
488 break;
489
490 case FUNC_JMP:
491 if (!InstanceInfo->scriptCapabilities.func_jmp ||
492 !InstanceInfo->scriptCapabilities.conditional_statements_and_comparison_operators)
493 {
494 NotSupported = TRUE;
495 ShowMessages("err, jump is not supported by the debuggee\n");
496 }
497 break;
498
499 case FUNC_JZ:
500 if (!InstanceInfo->scriptCapabilities.func_jz ||
501 !InstanceInfo->scriptCapabilities.conditional_statements_and_comparison_operators)
502 {
503 NotSupported = TRUE;
504 ShowMessages("err, jump if zero is not supported by the debuggee\n");
505 }
506 break;
507
508 case FUNC_JNZ:
509 if (!InstanceInfo->scriptCapabilities.func_jnz ||
510 !InstanceInfo->scriptCapabilities.conditional_statements_and_comparison_operators)
511 {
512 NotSupported = TRUE;
513 ShowMessages("err, jump if not zero is not supported by the debuggee\n");
514 }
515 break;
516
517 case FUNC_MOV:
518 if (!InstanceInfo->scriptCapabilities.func_mov)
519 {
520 NotSupported = TRUE;
521 ShowMessages("err, move is not supported by the debuggee\n");
522 }
523 break;
524
525 case FUNC_PRINTF:
526 if (!InstanceInfo->scriptCapabilities.func_printf)
527 {
528 NotSupported = TRUE;
529 ShowMessages("err, printf is not supported by the debuggee\n");
530 }
531 break;
532
533 default:
534
535 NotSupported = TRUE;
536 ShowMessages("err, undefined operator for hwdbg: %d (0x%x)\n",
537 SymbolArray[i].Type,
538 SymbolArray[i].Type);
539
540 break;
541 }
542 }
543 }
544
545 //
546 // Set the number of stages
547 //
548 *NumberOfStages = Stages;
549
550 //
551 // Set the number of operands
552 //
553 *NumberOfOperands = Operands;
554
555 //
556 // Script capabilities support this buffer
557 //
558 if (NotSupported)
559 {
560 return FALSE;
561 }
562 else
563 {
564 return TRUE;
565 }
566}
BOOLEAN
UCHAR BOOLEAN
Definition BasicTypes.h:39
TRUE
#define TRUE
Definition BasicTypes.h:55
FALSE
#define FALSE
Definition BasicTypes.h:54
UINT32
unsigned int UINT32
Definition BasicTypes.h:48
NumberOfGetOperands
UINT32 * NumberOfGetOperands
Definition HyperDbgScriptImports.h:33
NumberOfSetOperands
UINT32 UINT32 * NumberOfSetOperands
Definition HyperDbgScriptImports.h:33
SYMBOL_REGISTER_TYPE
#define SYMBOL_REGISTER_TYPE
Definition ScriptEngineCommonDefinitions.h:57
FUNC_MUL
#define FUNC_MUL
Definition ScriptEngineCommonDefinitions.h:113
SYMBOL_TEMP_TYPE
#define SYMBOL_TEMP_TYPE
Definition ScriptEngineCommonDefinitions.h:60
SYMBOL_GLOBAL_ID_TYPE
#define SYMBOL_GLOBAL_ID_TYPE
Definition ScriptEngineCommonDefinitions.h:54
SYMBOL_LOCAL_ID_TYPE
#define SYMBOL_LOCAL_ID_TYPE
Definition ScriptEngineCommonDefinitions.h:55
FUNC_JMP
#define FUNC_JMP
Definition ScriptEngineCommonDefinitions.h:123
FUNC_GT
#define FUNC_GT
Definition ScriptEngineCommonDefinitions.h:116
FUNC_MOV
#define FUNC_MOV
Definition ScriptEngineCommonDefinitions.h:131
FUNC_EGT
#define FUNC_EGT
Definition ScriptEngineCommonDefinitions.h:118
FUNC_SUB
#define FUNC_SUB
Definition ScriptEngineCommonDefinitions.h:112
FUNC_PRINTF
#define FUNC_PRINTF
Definition ScriptEngineCommonDefinitions.h:163
FUNC_ASR
#define FUNC_ASR
Definition ScriptEngineCommonDefinitions.h:109
FUNC_ASL
#define FUNC_ASL
Definition ScriptEngineCommonDefinitions.h:110
FUNC_ELT
#define FUNC_ELT
Definition ScriptEngineCommonDefinitions.h:119
FUNC_OR
#define FUNC_OR
Definition ScriptEngineCommonDefinitions.h:106
FUNC_XOR
#define FUNC_XOR
Definition ScriptEngineCommonDefinitions.h:107
SYMBOL_UNDEFINED
#define SYMBOL_UNDEFINED
Definition ScriptEngineCommonDefinitions.h:53
FUNC_ADD
#define FUNC_ADD
Definition ScriptEngineCommonDefinitions.h:111
FUNC_NEQ
#define FUNC_NEQ
Definition ScriptEngineCommonDefinitions.h:121
FUNC_JZ
#define FUNC_JZ
Definition ScriptEngineCommonDefinitions.h:124
FUNC_EQUAL
#define FUNC_EQUAL
Definition ScriptEngineCommonDefinitions.h:120
FUNC_LT
#define FUNC_LT
Definition ScriptEngineCommonDefinitions.h:117
SYMBOL_SEMANTIC_RULE_TYPE
#define SYMBOL_SEMANTIC_RULE_TYPE
Definition ScriptEngineCommonDefinitions.h:59
FUNC_DIV
#define FUNC_DIV
Definition ScriptEngineCommonDefinitions.h:114
SYMBOL_PSEUDO_REG_TYPE
#define SYMBOL_PSEUDO_REG_TYPE
Definition ScriptEngineCommonDefinitions.h:58
FUNC_AND
#define FUNC_AND
Definition ScriptEngineCommonDefinitions.h:108
SYMBOL_NUM_TYPE
#define SYMBOL_NUM_TYPE
Definition ScriptEngineCommonDefinitions.h:56
FUNC_MOD
#define FUNC_MOD
Definition ScriptEngineCommonDefinitions.h:115
FUNC_JNZ
#define FUNC_JNZ
Definition ScriptEngineCommonDefinitions.h:125
Value
RequestedActionOfThePacket Value(0x1) 00000000
ShowMessages
VOID ShowMessages(const char *Fmt,...)
Show messages.
Definition libhyperdbg.cpp:96
ScriptEngineFuncNumberOfOperands
BOOLEAN ScriptEngineFuncNumberOfOperands(UINT64 FuncType, UINT32 *NumberOfGetOperands, UINT32 *NumberOfSetOperands)
wrapper for getting operand count
Definition script-engine-wrapper.cpp:874
_HWDBG_INSTANCE_INFORMATION::_HWDBG_SCRIPT_CAPABILITIES::func_or
UINT64 func_or
Definition HardwareDebugger.h:123
_HWDBG_INSTANCE_INFORMATION::_HWDBG_SCRIPT_CAPABILITIES::func_mov
UINT64 func_mov
Definition HardwareDebugger.h:142
_HWDBG_INSTANCE_INFORMATION::_HWDBG_SCRIPT_CAPABILITIES::func_div
UINT64 func_div
Definition HardwareDebugger.h:131
_HWDBG_INSTANCE_INFORMATION::_HWDBG_SCRIPT_CAPABILITIES::assign_registers
UINT64 assign_registers
Definition HardwareDebugger.h:119
_HWDBG_INSTANCE_INFORMATION::_HWDBG_SCRIPT_CAPABILITIES::assign_local_global_var
UINT64 assign_local_global_var
Definition HardwareDebugger.h:118
_HWDBG_INSTANCE_INFORMATION::_HWDBG_SCRIPT_CAPABILITIES::func_printf
UINT64 func_printf
Definition HardwareDebugger.h:143
_HWDBG_INSTANCE_INFORMATION::_HWDBG_SCRIPT_CAPABILITIES::func_sub
UINT64 func_sub
Definition HardwareDebugger.h:129
_HWDBG_INSTANCE_INFORMATION::_HWDBG_SCRIPT_CAPABILITIES::assign_pseudo_registers
UINT64 assign_pseudo_registers
Definition HardwareDebugger.h:120
_HWDBG_INSTANCE_INFORMATION::_HWDBG_SCRIPT_CAPABILITIES::func_mul
UINT64 func_mul
Definition HardwareDebugger.h:130
_HWDBG_INSTANCE_INFORMATION::_HWDBG_SCRIPT_CAPABILITIES::func_elt
UINT64 func_elt
Definition HardwareDebugger.h:136
_HWDBG_INSTANCE_INFORMATION::_HWDBG_SCRIPT_CAPABILITIES::func_and
UINT64 func_and
Definition HardwareDebugger.h:125
_HWDBG_INSTANCE_INFORMATION::_HWDBG_SCRIPT_CAPABILITIES::func_gt
UINT64 func_gt
Definition HardwareDebugger.h:133
_HWDBG_INSTANCE_INFORMATION::_HWDBG_SCRIPT_CAPABILITIES::func_jnz
UINT64 func_jnz
Definition HardwareDebugger.h:141
_HWDBG_INSTANCE_INFORMATION::_HWDBG_SCRIPT_CAPABILITIES::func_equal
UINT64 func_equal
Definition HardwareDebugger.h:137
_HWDBG_INSTANCE_INFORMATION::_HWDBG_SCRIPT_CAPABILITIES::func_neq
UINT64 func_neq
Definition HardwareDebugger.h:138
_HWDBG_INSTANCE_INFORMATION::_HWDBG_SCRIPT_CAPABILITIES::conditional_statements_and_comparison_operators
UINT64 conditional_statements_and_comparison_operators
Definition HardwareDebugger.h:121
_HWDBG_INSTANCE_INFORMATION::_HWDBG_SCRIPT_CAPABILITIES::func_jmp
UINT64 func_jmp
Definition HardwareDebugger.h:139
_HWDBG_INSTANCE_INFORMATION::_HWDBG_SCRIPT_CAPABILITIES::func_lt
UINT64 func_lt
Definition HardwareDebugger.h:134
_HWDBG_INSTANCE_INFORMATION::_HWDBG_SCRIPT_CAPABILITIES::func_xor
UINT64 func_xor
Definition HardwareDebugger.h:124
_HWDBG_INSTANCE_INFORMATION::_HWDBG_SCRIPT_CAPABILITIES::func_add
UINT64 func_add
Definition HardwareDebugger.h:128
_HWDBG_INSTANCE_INFORMATION::_HWDBG_SCRIPT_CAPABILITIES::func_asl
UINT64 func_asl
Definition HardwareDebugger.h:127
_HWDBG_INSTANCE_INFORMATION::_HWDBG_SCRIPT_CAPABILITIES::func_egt
UINT64 func_egt
Definition HardwareDebugger.h:135
_HWDBG_INSTANCE_INFORMATION::_HWDBG_SCRIPT_CAPABILITIES::func_mod
UINT64 func_mod
Definition HardwareDebugger.h:132
_HWDBG_INSTANCE_INFORMATION::_HWDBG_SCRIPT_CAPABILITIES::func_jz
UINT64 func_jz
Definition HardwareDebugger.h:140
_HWDBG_INSTANCE_INFORMATION::_HWDBG_SCRIPT_CAPABILITIES::func_asr
UINT64 func_asr
Definition HardwareDebugger.h:126
_HWDBG_INSTANCE_INFORMATION::numberOfSupportedLocalAndGlobalVariables
UINT32 numberOfSupportedLocalAndGlobalVariables
Definition HardwareDebugger.h:98
_HWDBG_INSTANCE_INFORMATION::scriptCapabilities
struct _HWDBG_INSTANCE_INFORMATION::_HWDBG_SCRIPT_CAPABILITIES scriptCapabilities
_HWDBG_INSTANCE_INFORMATION::numberOfSupportedTemporaryVariables
UINT32 numberOfSupportedTemporaryVariables
Definition HardwareDebugger.h:99
SYMBOL
Definition ScriptEngineCommonDefinitions.h:6

◆ HwdbgInterpreterCompressBuffer()

BOOLEAN HwdbgInterpreterCompressBuffer ( UINT64 * Buffer,
size_t BufferLength,
UINT32 ScriptVariableLength,
UINT32 BramDataWidth,
size_t * NewBufferSize,
size_t * NumberOfBytesPerChunk )

Function to compress the buffer.

Parameters
Buffer
BufferLength
ScriptVariableLength
BramDataWidth
NewBufferSize
NumberOfBytesPerChunk
Returns
BOOLEAN
730{
731 if (ScriptVariableLength <= 7 || ScriptVariableLength > 64)
732 {
733 ShowMessages("err, invalid bit size, it should be between 7 and 64\n");
734 return FALSE;
735 }
736
737 if (ScriptVariableLength > BramDataWidth)
738 {
739 ShowMessages("err, script variable length cannot be more than the BRAM data width\n");
740 return FALSE;
741 }
742
743 //
744 // Calculate the number of 64-bit chunks
745 //
746 size_t NumberOfChunks = BufferLength / sizeof(UINT64);
747
748 //
749 // Calculate the number of bytes needed for the new compressed buffer
750 //
751 size_t NewBytesPerChunk = (BramDataWidth + 7) / 8; // ceil(BramDataWidth / 8)
752 *NumberOfBytesPerChunk = NewBytesPerChunk;
753
754 *NewBufferSize = NumberOfChunks * NewBytesPerChunk;
755
756 //
757 // Create a temporary buffer to hold the compressed data
758 //
759 UINT8 * TempBuffer = (UINT8 *)malloc(*NewBufferSize);
760
761 if (TempBuffer == NULL)
762 {
763 ShowMessages("err, memory allocation failed\n");
764 return FALSE;
765 }
766
767 //
768 // Compress each chunk and store it in the temporary buffer
769 //
770 for (size_t i = 0; i < NumberOfChunks; ++i)
771 {
772 uint64_t Chunk = Buffer[i];
773 for (size_t j = 0; j < NewBytesPerChunk; ++j)
774 {
775 TempBuffer[i * NewBytesPerChunk + j] = (uint8_t)((Chunk >> (j * 8)) & 0xFF);
776 }
777 }
778
779 //
780 // Copy the compressed data back to the original buffer
781 //
782 RtlZeroMemory(Buffer, BufferLength);
783 memcpy(Buffer, TempBuffer, *NewBufferSize);
784
785 //
786 // Free the temporary buffer
787 //
788 free(TempBuffer);
789
790 return TRUE;
791}
UINT64
unsigned __int64 UINT64
Definition BasicTypes.h:21
UINT8
unsigned char UINT8
Definition BasicTypes.h:46

◆ HwdbgInterpreterConvertSymbolToHwdbgShortSymbolBuffer()

BOOLEAN HwdbgInterpreterConvertSymbolToHwdbgShortSymbolBuffer ( HWDBG_INSTANCE_INFORMATION * InstanceInfo,
SYMBOL * SymbolBuffer,
size_t SymbolBufferLength,
UINT32 NumberOfStages,
HWDBG_SHORT_SYMBOL ** NewShortSymbolBuffer,
size_t * NewBufferSize )

Function to compress the buffer.

Parameters
InstanceInfo
SymbolBuffer
SymbolBufferLength
NumberOfStages
NewShortSymbolBuffer
NewBufferSize
Returns
BOOLEAN
814{
815 //
816 // Check if the instance info is valid
817 //
818 if (!g_HwdbgInstanceInfoIsValid)
819 {
820 ShowMessages("err, instance info is not valid\n");
821 return FALSE;
822 }
823
824 //
825 // Compute the number of symbol operators
826 //
827 UINT32 NumberOfOperands = InstanceInfo->maximumNumberOfSupportedGetScriptOperators + InstanceInfo->maximumNumberOfSupportedSetScriptOperators;
828
829 SIZE_T NumberOfSymbols = SymbolBufferLength / sizeof(SymbolBuffer[0]);
830
831 *NewBufferSize = NumberOfStages * (NumberOfOperands + 1) * sizeof(HWDBG_SHORT_SYMBOL); // number of stage + maximum number of operands
832
833 //
834 // Create a temporary buffer to hold the compressed data
835 //
836 HWDBG_SHORT_SYMBOL * HwdbgShortSymbolBuffer = (HWDBG_SHORT_SYMBOL *)malloc(*NewBufferSize);
837
838 if (!HwdbgShortSymbolBuffer)
839 {
840 ShowMessages("err, could not allocate compression buffer\n");
841 return FALSE;
842 }
843
844 //
845 // Zeroing the short symbol buffer
846 //
847 RtlZeroMemory(HwdbgShortSymbolBuffer, *NewBufferSize);
848
849 //
850 // Filling the short symbol buffer from original buffer
851 //
852 UINT32 IndexOfShortSymbolBuffer = 0;
853
854 for (UINT32 i = 0; i < NumberOfSymbols; i++)
855 {
856 if (SymbolBuffer[i].Type == SYMBOL_SEMANTIC_RULE_TYPE)
857 {
858 //
859 // *** This is an operator ***
860 //
861
862 //
863 // Move the symbol buffer into a short symbol buffer
864 //
865 HwdbgShortSymbolBuffer[IndexOfShortSymbolBuffer].Type = SymbolBuffer[i].Type;
866 HwdbgShortSymbolBuffer[IndexOfShortSymbolBuffer].Value = SymbolBuffer[i].Value;
867
868 //
869 // Now we read the number of operands (SET and GET)
870 //
871 UINT32 NumberOfGetOperands = 0;
872 UINT32 NumberOfSetOperands = 0;
873
874 if (!FuncGetNumberOfOperands(SymbolBuffer[i].Value, &NumberOfGetOperands, &NumberOfSetOperands))
875 {
876 ShowMessages("err, unknown operand type for the operator (0x%x)\n",
877 SymbolBuffer[i].Value);
878
879 free(HwdbgShortSymbolBuffer);
880 return FALSE;
881 }
882
883 //
884 // Check if the number of GET operands is more than the maximum supported GET operands
885 //
886 if (NumberOfGetOperands > InstanceInfo->maximumNumberOfSupportedGetScriptOperators)
887 {
888 ShowMessages("err, the number of get operands is more than the maximum supported get operands\n");
889 free(HwdbgShortSymbolBuffer);
890 return FALSE;
891 }
892
893 //
894 // Check if the number of SET operands is more than the maximum supported SET operands
895 //
896 if (NumberOfSetOperands > InstanceInfo->maximumNumberOfSupportedSetScriptOperators)
897 {
898 ShowMessages("err, the number of set operands is more than the maximum supported set operands\n");
899 free(HwdbgShortSymbolBuffer);
900 return FALSE;
901 }
902
903 //
904 // *** Now we need to fill operands (GET) ***
905 //
906 for (size_t j = 0; j < NumberOfGetOperands; j++)
907 {
908 i++;
909 IndexOfShortSymbolBuffer++;
910
911 if (SymbolBuffer[i].Type == SYMBOL_SEMANTIC_RULE_TYPE)
912 {
913 ShowMessages("err, not expecting a semantic rule at operand: %x\n", SymbolBuffer[i].Value);
914 free(HwdbgShortSymbolBuffer);
915 return FALSE;
916 }
917
918 //
919 // Move the symbol buffer into a short symbol buffer
920 //
921 HwdbgShortSymbolBuffer[IndexOfShortSymbolBuffer].Type = SymbolBuffer[i].Type;
922 HwdbgShortSymbolBuffer[IndexOfShortSymbolBuffer].Value = SymbolBuffer[i].Value;
923 }
924
925 //
926 // Leave empty space for GET operands that are not used for this operator
927 //
928 IndexOfShortSymbolBuffer = IndexOfShortSymbolBuffer + InstanceInfo->maximumNumberOfSupportedGetScriptOperators - NumberOfGetOperands;
929
930 //
931 // *** Now we need to fill operands (SET) ***
932 //
933 for (size_t j = 0; j < NumberOfSetOperands; j++)
934 {
935 i++;
936 IndexOfShortSymbolBuffer++;
937
938 if (SymbolBuffer[i].Type == SYMBOL_SEMANTIC_RULE_TYPE)
939 {
940 ShowMessages("err, not expecting a semantic rule at operand: %x\n", SymbolBuffer[i].Value);
941 free(HwdbgShortSymbolBuffer);
942 return FALSE;
943 }
944
945 //
946 // Move the symbol buffer into a short symbol buffer
947 //
948 HwdbgShortSymbolBuffer[IndexOfShortSymbolBuffer].Type = SymbolBuffer[i].Type;
949 HwdbgShortSymbolBuffer[IndexOfShortSymbolBuffer].Value = SymbolBuffer[i].Value;
950 }
951
952 //
953 // Leave empty space for SET operands that are not used for this operator
954 //
955 IndexOfShortSymbolBuffer = IndexOfShortSymbolBuffer + InstanceInfo->maximumNumberOfSupportedSetScriptOperators - NumberOfSetOperands;
956
957 //
958 // Increment the index of the short symbol buffer
959 //
960 IndexOfShortSymbolBuffer++;
961 }
962 else
963 {
964 //
965 // Error, we are not expecting a non-semantic rule here
966 //
967 ShowMessages("err, not expecting a non-semantic rule at: %x\n", SymbolBuffer[i].Type);
968 free(HwdbgShortSymbolBuffer);
969 return FALSE;
970 }
971 }
972
973 //
974 // Set the new short symbol buffer address
975 //
976 *NewShortSymbolBuffer = (HWDBG_SHORT_SYMBOL *)HwdbgShortSymbolBuffer;
977
978 return TRUE;
979}
g_HwdbgInstanceInfoIsValid
BOOLEAN g_HwdbgInstanceInfoIsValid
Shows whether the instance info is valid (received) or not.
Definition globals.h:687
FuncGetNumberOfOperands
BOOLEAN FuncGetNumberOfOperands(UINT64 FuncType, UINT32 *NumberOfGetOperands, UINT32 *NumberOfSetOperands)
Script Engine get number of operands.
Definition script-engine.c:3356
_HWDBG_INSTANCE_INFORMATION::maximumNumberOfSupportedGetScriptOperators
UINT32 maximumNumberOfSupportedGetScriptOperators
Definition HardwareDebugger.h:100
_HWDBG_INSTANCE_INFORMATION::maximumNumberOfSupportedSetScriptOperators
UINT32 maximumNumberOfSupportedSetScriptOperators
Definition HardwareDebugger.h:101
HWDBG_SHORT_SYMBOL
Definition ScriptEngineCommonDefinitions.h:15
HWDBG_SHORT_SYMBOL::Type
long long unsigned Type
Definition ScriptEngineCommonDefinitions.h:16
HWDBG_SHORT_SYMBOL::Value
long long unsigned Value
Definition ScriptEngineCommonDefinitions.h:17
SYMBOL::Value
long long unsigned Value
Definition ScriptEngineCommonDefinitions.h:10
SYMBOL::Type
long long unsigned Type
Definition ScriptEngineCommonDefinitions.h:7

◆ HwdbgInterpreterFillFileFromMemory()

BOOLEAN HwdbgInterpreterFillFileFromMemory ( HWDBG_INSTANCE_INFORMATION * InstanceInfo,
const TCHAR * FileName,
UINT32 * MemoryBuffer,
size_t BufferSize,
HWDBG_ACTION_ENUMS RequestedAction )

Function to write the memory buffer to a file in the specified format.

Parameters
InstanceInfo
FileName
MemoryBuffer
BufferSize
RequestedAction
Returns
BOOLEAN
638{
639 std::ofstream File(FileName);
640
641 if (!File.is_open())
642 {
643 printf("err, unable to open file %s\n", FileName);
644 return FALSE;
645 }
646
647 size_t Address = 0;
648 for (size_t I = 0; I < BufferSize / sizeof(UINT32); ++I)
649 {
650 File << std::hex << std::setw(8) << std::setfill('0') << MemoryBuffer[I];
651 File << " ; +0x" << std::hex << std::setw(1) << std::setfill('0') << Address;
652
653 if (I == 0)
654 {
655 File << " | Checksum";
656 }
657 else if (I == 1)
658 {
659 File << " | Checksum";
660 }
661 else if (I == 2)
662 {
663 File << " | Indicator";
664 }
665 else if (I == 3)
666 {
667 File << " | Indicator";
668 }
669 else if (I == 4)
670 {
671 File << " | TypeOfThePacket - DEBUGGER_TO_DEBUGGEE_HARDWARE_LEVEL (0x4)";
672 }
673 else if (I == 5)
674 {
675 File << " | RequestedActionOfThePacket - Value" << " (0x" << std::hex << std::setw(1) << std::setfill('0') << RequestedAction << ")";
676 }
677 else if (I == 6)
678 {
679 File << " | Start of Optional Data";
680 }
681
682 File << "\n";
683 Address += 4;
684 }
685
686 //
687 // Add zeros to the end of the file to fill the shared memory
688 //
689 if (g_HwdbgInstanceInfoIsValid)
690 {
691 while (Address < InstanceInfo->sharedMemorySize)
692 {
693 File << "00000000 ; +0x" << std::hex << std::setw(1) << std::setfill('0') << Address;
694 Address += 4;
695
696 if (Address < InstanceInfo->sharedMemorySize)
697 {
698 File << "\n";
699 }
700 }
701 }
702
703 //
704 // Close the file
705 //
706 File.close();
707
708 return TRUE;
709}
Address
UINT64 Address
Definition HyperDbgScriptImports.h:67

◆ HwdbgInterpreterFillMemoryFromFile()

BOOLEAN HwdbgInterpreterFillMemoryFromFile ( const TCHAR * FileName,
UINT32 * MemoryBuffer,
size_t BufferSize )

Function to read the file and fill the memory buffer.

Parameters
FileName
MemoryBuffer
BufferSize
Returns
BOOLEAN
578{
579 std::ifstream File(FileName);
580 std::string Line;
581 BOOLEAN Result = TRUE;
582 size_t Index = 0;
583
584 if (!File.is_open())
585 {
586 ShowMessages("err, unable to open file %s\n", FileName);
587 return FALSE;
588 }
589
590 while (getline(File, Line))
591 {
592 if (Index >= BufferSize)
593 {
594 Result = FALSE;
595 ShowMessages("err, buffer overflow, file contains more data than buffer can hold\n");
596 break;
597 }
598
599 vector<UINT32> Values = ParseLine(Line);
600
601 for (UINT32 Value : Values)
602 {
603 if (Index < BufferSize)
604 {
605 MemoryBuffer[Index++] = Value;
606 }
607 else
608 {
609 ShowMessages("err, buffer overflow, file contains more data than buffer can hold\n");
610 File.close();
611 return FALSE;
612 }
613 }
614 }
615
616 File.close();
617 return Result;
618}
ParseLine
std::vector< UINT32 > ParseLine(const std::string &Line)
Function to parse a single line of the memory content.
Definition hwdbg-interpreter.cpp:150

◆ HwdbgInterpreterSendPacketAndBufferToHwdbg()

BOOLEAN HwdbgInterpreterSendPacketAndBufferToHwdbg ( HWDBG_INSTANCE_INFORMATION * InstanceInfo,
const TCHAR * FileName,
DEBUGGER_REMOTE_PACKET_TYPE PacketType,
HWDBG_ACTION_ENUMS RequestedAction,
CHAR * Buffer,
UINT32 BufferLength )

Sends a HyperDbg packet + a buffer to the hwdbg.

Parameters
InstanceInfo
FileName
PacketType
RequestedAction
Buffer
BufferLength
Returns
BOOLEAN
1000{
1001 DEBUGGER_REMOTE_PACKET Packet = {0};
1002 SIZE_T CommandMaxSize = 0;
1003 SIZE_T FinalBufferSize = 0;
1004
1005 if (g_HwdbgInstanceInfoIsValid)
1006 {
1007 CommandMaxSize = InstanceInfo->debuggeeAreaOffset - InstanceInfo->debuggerAreaOffset;
1008 }
1009 else
1010 {
1011 //
1012 // Use default limitation
1013 //
1014 CommandMaxSize = DEFAULT_INITIAL_DEBUGGEE_TO_DEBUGGER_OFFSET - DEFAULT_INITIAL_DEBUGGER_TO_DEBUGGEE_OFFSET;
1015 }
1016
1017 //
1018 // If buffer is not available, then the length is zero
1019 //
1020 if (Buffer == NULL)
1021 {
1022 BufferLength = 0;
1023 }
1024
1025 //
1026 // Compute the final buffer size
1027 //
1028 FinalBufferSize = sizeof(DEBUGGER_REMOTE_PACKET) + BufferLength;
1029
1030 //
1031 // Check if buffer not pass the boundary
1032 //
1033 if (FinalBufferSize > CommandMaxSize)
1034 {
1035 ShowMessages("err, buffer is above the maximum buffer size that can be sent to hwdbg (%d > %d)\n",
1036 FinalBufferSize,
1037 CommandMaxSize);
1038
1039 return FALSE;
1040 }
1041
1042 //
1043 // Make the packet's structure
1044 //
1045 Packet.Indicator = INDICATOR_OF_HYPERDBG_PACKET;
1046 Packet.TypeOfThePacket = PacketType;
1047
1048 //
1049 // Set the requested action
1050 //
1051 Packet.RequestedActionOfThePacket = (DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION)RequestedAction;
1052
1053 //
1054 // calculate checksum of the packet
1055 //
1056 Packet.Checksum =
1057 KdComputeDataChecksum((PVOID)((UINT64)&Packet + 1),
1058 sizeof(DEBUGGER_REMOTE_PACKET) - sizeof(BYTE));
1059
1060 if (Buffer != NULL)
1061 {
1062 Packet.Checksum += KdComputeDataChecksum((PVOID)Buffer, BufferLength);
1063 }
1064
1065 //
1066 // If there is an offset for debugger to debuggee command, we'll apply it here
1067 //
1068 if (g_HwdbgInstanceInfoIsValid)
1069 {
1070 FinalBufferSize += InstanceInfo->debuggerAreaOffset;
1071 }
1072 else
1073 {
1074 FinalBufferSize += DEFAULT_INITIAL_DEBUGGER_TO_DEBUGGEE_OFFSET;
1075 }
1076
1077 //
1078 // Allocate a buffer for storing the header packet + buffer (if not empty)
1079 //
1080 CHAR * FinalBuffer = (CHAR *)malloc(FinalBufferSize);
1081
1082 if (!FinalBuffer)
1083 {
1084 return FALSE;
1085 }
1086
1087 RtlZeroMemory(FinalBuffer, FinalBufferSize);
1088
1089 //
1090 // Leave the offset
1091 //
1092 SIZE_T Offset = g_HwdbgInstanceInfoIsValid ? InstanceInfo->debuggerAreaOffset : DEFAULT_INITIAL_DEBUGGER_TO_DEBUGGEE_OFFSET;
1093
1094 //
1095 // Copy the packet into the FinalBuffer
1096 //
1097 memcpy(FinalBuffer + Offset, &Packet, sizeof(DEBUGGER_REMOTE_PACKET));
1098
1099 //
1100 // Copy the buffer (if available) into the FinalBuffer
1101 //
1102 if (Buffer != NULL)
1103 {
1104 memcpy(FinalBuffer + Offset + sizeof(DEBUGGER_REMOTE_PACKET), Buffer, BufferLength);
1105 }
1106
1107 //
1108 // Here you would send FinalBuffer to the hardware debugger
1109 //
1110 HwdbgInterpreterFillFileFromMemory(InstanceInfo, FileName, (UINT32 *)FinalBuffer, FinalBufferSize, RequestedAction);
1111
1112 //
1113 // Free the allocated memory after use
1114 //
1115 free(FinalBuffer);
1116
1117 return TRUE;
1118}
BYTE
unsigned char BYTE
Definition BasicTypes.h:24
CHAR
char CHAR
Definition BasicTypes.h:31
DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION
enum _DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION
enum for requested action for HyperDbg packet
DEBUGGER_REMOTE_PACKET
struct _DEBUGGER_REMOTE_PACKET DEBUGGER_REMOTE_PACKET
The structure of remote packets in HyperDbg.
INDICATOR_OF_HYPERDBG_PACKET
#define INDICATOR_OF_HYPERDBG_PACKET
constant indicator of a HyperDbg packet
Definition Constants.h:502
DEFAULT_INITIAL_DEBUGGEE_TO_DEBUGGER_OFFSET
#define DEFAULT_INITIAL_DEBUGGEE_TO_DEBUGGER_OFFSET
Initial debuggee to debugger offset.
Definition HardwareDebugger.h:23
DEFAULT_INITIAL_DEBUGGER_TO_DEBUGGEE_OFFSET
#define DEFAULT_INITIAL_DEBUGGER_TO_DEBUGGEE_OFFSET
Initial debugger to debuggee offset.
Definition HardwareDebugger.h:29
KdComputeDataChecksum
_Use_decl_annotations_ BYTE KdComputeDataChecksum(PVOID Buffer, UINT32 Length)
calculate the checksum of received buffer from debugger
Definition Kd.c:270
HwdbgInterpreterFillFileFromMemory
BOOLEAN HwdbgInterpreterFillFileFromMemory(HWDBG_INSTANCE_INFORMATION *InstanceInfo, const TCHAR *FileName, UINT32 *MemoryBuffer, size_t BufferSize, HWDBG_ACTION_ENUMS RequestedAction)
Function to write the memory buffer to a file in the specified format.
Definition hwdbg-interpreter.cpp:632
_DEBUGGER_REMOTE_PACKET
The structure of remote packets in HyperDbg.
Definition Connection.h:183
_DEBUGGER_REMOTE_PACKET::RequestedActionOfThePacket
DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION RequestedActionOfThePacket
Definition Connection.h:187
_DEBUGGER_REMOTE_PACKET::TypeOfThePacket
DEBUGGER_REMOTE_PACKET_TYPE TypeOfThePacket
Definition Connection.h:186
_DEBUGGER_REMOTE_PACKET::Checksum
BYTE Checksum
Definition Connection.h:184
_DEBUGGER_REMOTE_PACKET::Indicator
UINT64 Indicator
Definition Connection.h:185
_HWDBG_INSTANCE_INFORMATION::debuggeeAreaOffset
UINT32 debuggeeAreaOffset
Definition HardwareDebugger.h:104
_HWDBG_INSTANCE_INFORMATION::debuggerAreaOffset
UINT32 debuggerAreaOffset
Definition HardwareDebugger.h:103

◆ HwdbgInterpreterSendScriptPacket()

BOOLEAN HwdbgInterpreterSendScriptPacket ( HWDBG_INSTANCE_INFORMATION * InstanceInfo,
const TCHAR * FileName,
UINT32 NumberOfSymbols,
HWDBG_SHORT_SYMBOL * Buffer,
UINT32 BufferLength )

Sends a HyperDbg script packet to the hwdbg.

Parameters
InstanceInfo
FileName
Buffer
BufferLength
Returns
BOOLEAN
1136{
1137 HWDBG_SCRIPT_BUFFER ScriptBuffer = {0};
1138 BOOLEAN Result = FALSE;
1139
1140 //
1141 // Make the packet's structure
1142 //
1143 ScriptBuffer.scriptNumberOfSymbols = NumberOfSymbols;
1144
1145 //
1146 // Allocate a buffer for storing the header packet + buffer (if not empty)
1147 //
1148 CHAR * FinalBuffer = (CHAR *)malloc(BufferLength + sizeof(HWDBG_SCRIPT_BUFFER));
1149
1150 if (!FinalBuffer)
1151 {
1152 return FALSE;
1153 }
1154
1155 RtlZeroMemory(FinalBuffer, BufferLength + sizeof(HWDBG_SCRIPT_BUFFER));
1156
1157 //
1158 // Copy the packet into the FinalBuffer
1159 //
1160 memcpy(FinalBuffer, &ScriptBuffer, sizeof(HWDBG_SCRIPT_BUFFER));
1161
1162 //
1163 // Copy the buffer (if available) into the FinalBuffer
1164 //
1165 if (Buffer != NULL)
1166 {
1167 memcpy(FinalBuffer + sizeof(HWDBG_SCRIPT_BUFFER), Buffer, BufferLength);
1168 }
1169
1170 //
1171 // Here we would send FinalBuffer to the hardware debugger
1172 //
1173 Result = HwdbgInterpreterSendPacketAndBufferToHwdbg(
1174 InstanceInfo,
1175 FileName,
1176 DEBUGGER_REMOTE_PACKET_TYPE_DEBUGGER_TO_DEBUGGEE_HARDWARE_LEVEL,
1177 hwdbgActionConfigureScriptBuffer,
1178 FinalBuffer,
1179 BufferLength + sizeof(HWDBG_SCRIPT_BUFFER));
1180
1181 //
1182 // Free the allocated memory after use
1183 //
1184 free(FinalBuffer);
1185
1186 return Result;
1187}
DEBUGGER_REMOTE_PACKET_TYPE_DEBUGGER_TO_DEBUGGEE_HARDWARE_LEVEL
@ DEBUGGER_REMOTE_PACKET_TYPE_DEBUGGER_TO_DEBUGGEE_HARDWARE_LEVEL
Definition Connection.h:169
hwdbgActionConfigureScriptBuffer
@ hwdbgActionConfigureScriptBuffer
Definition HardwareDebugger.h:43
HwdbgInterpreterSendPacketAndBufferToHwdbg
BOOLEAN HwdbgInterpreterSendPacketAndBufferToHwdbg(HWDBG_INSTANCE_INFORMATION *InstanceInfo, const TCHAR *FileName, DEBUGGER_REMOTE_PACKET_TYPE PacketType, HWDBG_ACTION_ENUMS RequestedAction, CHAR *Buffer, UINT32 BufferLength)
Sends a HyperDbg packet + a buffer to the hwdbg.
Definition hwdbg-interpreter.cpp:994
_HWDBG_SCRIPT_BUFFER
The structure of script buffer in hwdbg.
Definition HardwareDebugger.h:169
_HWDBG_SCRIPT_BUFFER::scriptNumberOfSymbols
UINT32 scriptNumberOfSymbols
Definition HardwareDebugger.h:170

◆ HwdbgInterpreterShowScriptCapabilities()

VOID HwdbgInterpreterShowScriptCapabilities ( HWDBG_INSTANCE_INFORMATION * InstanceInfo)

Shows the script capablities of the target debuggee.

Parameters
InstanceInfo
Returns
VOID
180{
181 ShowMessages("\nThis debuggee supports the following operatiors:\n");
182 ShowMessages("\tlocal and global variable assignments: %s (maximum number of var: %d) \n",
183 InstanceInfo->scriptCapabilities.assign_local_global_var ? "supported" : "not supported",
184 InstanceInfo->numberOfSupportedLocalAndGlobalVariables);
185 ShowMessages("\tregisters (pin/ports) assignment: %s \n",
186 InstanceInfo->scriptCapabilities.assign_registers ? "supported" : "not supported");
187 ShowMessages("\tpseudo-registers assignment: %s \n",
188 InstanceInfo->scriptCapabilities.assign_pseudo_registers ? "supported" : "not supported");
189 ShowMessages("\tconditional statements and comparison operators: %s \n",
190 InstanceInfo->scriptCapabilities.conditional_statements_and_comparison_operators ? "supported" : "not supported");
191
192 ShowMessages("\tor: %s \n", InstanceInfo->scriptCapabilities.func_or ? "supported" : "not supported");
193 ShowMessages("\txor: %s \n", InstanceInfo->scriptCapabilities.func_xor ? "supported" : "not supported");
194 ShowMessages("\tand: %s \n", InstanceInfo->scriptCapabilities.func_and ? "supported" : "not supported");
195 ShowMessages("\tarithmetic shift right: %s \n", InstanceInfo->scriptCapabilities.func_asr ? "supported" : "not supported");
196 ShowMessages("\tarithmetic shift left: %s \n", InstanceInfo->scriptCapabilities.func_asl ? "supported" : "not supported");
197 ShowMessages("\taddition: %s \n", InstanceInfo->scriptCapabilities.func_add ? "supported" : "not supported");
198 ShowMessages("\tsubtraction: %s \n", InstanceInfo->scriptCapabilities.func_sub ? "supported" : "not supported");
199 ShowMessages("\tmultiplication: %s \n", InstanceInfo->scriptCapabilities.func_mul ? "supported" : "not supported");
200 ShowMessages("\tdivision: %s \n", InstanceInfo->scriptCapabilities.func_div ? "supported" : "not supported");
201 ShowMessages("\tmodulus: %s \n", InstanceInfo->scriptCapabilities.func_mod ? "supported" : "not supported");
202
203 ShowMessages("\tgreater than: %s \n",
204 (InstanceInfo->scriptCapabilities.func_gt && InstanceInfo->scriptCapabilities.conditional_statements_and_comparison_operators) ? "supported" : "not supported");
205 ShowMessages("\tless than: %s \n",
206 (InstanceInfo->scriptCapabilities.func_lt && InstanceInfo->scriptCapabilities.conditional_statements_and_comparison_operators) ? "supported" : "not supported");
207 ShowMessages("\tgreater than or equal to: %s \n",
208 (InstanceInfo->scriptCapabilities.func_egt && InstanceInfo->scriptCapabilities.conditional_statements_and_comparison_operators) ? "supported" : "not supported");
209 ShowMessages("\tless than or equal to: %s \n",
210 (InstanceInfo->scriptCapabilities.func_elt && InstanceInfo->scriptCapabilities.conditional_statements_and_comparison_operators) ? "supported" : "not supported");
211 ShowMessages("\tequal: %s \n",
212 (InstanceInfo->scriptCapabilities.func_equal && InstanceInfo->scriptCapabilities.conditional_statements_and_comparison_operators) ? "supported" : "not supported");
213 ShowMessages("\tnot equal: %s \n",
214 (InstanceInfo->scriptCapabilities.func_neq && InstanceInfo->scriptCapabilities.conditional_statements_and_comparison_operators) ? "supported" : "not supported");
215 ShowMessages("\tjump: %s \n",
216 (InstanceInfo->scriptCapabilities.func_jmp && InstanceInfo->scriptCapabilities.conditional_statements_and_comparison_operators) ? "supported" : "not supported");
217 ShowMessages("\tjump if zero: %s \n",
218 (InstanceInfo->scriptCapabilities.func_jz && InstanceInfo->scriptCapabilities.conditional_statements_and_comparison_operators) ? "supported" : "not supported");
219 ShowMessages("\tjump if not zero: %s \n",
220 (InstanceInfo->scriptCapabilities.func_jnz && InstanceInfo->scriptCapabilities.conditional_statements_and_comparison_operators) ? "supported" : "not supported");
221 ShowMessages("\tmove: %s \n", InstanceInfo->scriptCapabilities.func_mov ? "supported" : "not supported");
222 ShowMessages("\tprintf: %s \n", InstanceInfo->scriptCapabilities.func_printf ? "supported" : "not supported");
223 ShowMessages("\n");
224}

◆ HwdbgInterpretPacket()

BOOLEAN HwdbgInterpretPacket ( PVOID BufferReceived,
UINT32 LengthReceived )

Interpret packets of hwdbg.

Parameters
BufferReceived
LengthReceived
Returns
BOOLEAN
31{
32 PHWDBG_INSTANCE_INFORMATION InstanceInfoPacket;
33 PUINT32 InstanceInfoPorts;
34 DEBUGGER_REMOTE_PACKET * TheActualPacket = NULL;
35 BOOLEAN Result = FALSE;
36
37 //
38 // Apply the initial offset
39 //
40 if (g_HwdbgInstanceInfoIsValid)
41 {
42 //
43 // Use the debuggee's preferred offset (area) since the instance info
44 // already received and interpreted
45 //
46 TheActualPacket = (DEBUGGER_REMOTE_PACKET *)(((CHAR *)BufferReceived) + g_HwdbgInstanceInfo.debuggeeAreaOffset);
47 }
48 else
49 {
50 //
51 // Use default initial offset as there is no information (instance info)
52 // from debuggee
53 //
54 TheActualPacket = (DEBUGGER_REMOTE_PACKET *)(((CHAR *)BufferReceived) + DEFAULT_INITIAL_DEBUGGEE_TO_DEBUGGER_OFFSET);
55 }
56
57 if (TheActualPacket->Indicator == INDICATOR_OF_HYPERDBG_PACKET)
58 {
59 //
60 // Check checksum (for hwdbg, checksum is ignored)
61 //
62 // if (KdComputeDataChecksum((PVOID)&TheActualPacket->Indicator,
63 // LengthReceived - sizeof(BYTE)) != TheActualPacket->Checksum)
64 // {
65 // ShowMessages("err, checksum is invalid\n");
66 // return FALSE;
67 // }
68
69 //
70 // Check if the packet type is correct
71 //
72 if (TheActualPacket->TypeOfThePacket != DEBUGGER_REMOTE_PACKET_TYPE_DEBUGGEE_TO_DEBUGGER_HARDWARE_LEVEL)
73 {
74 //
75 // sth wrong happened, the packet is not belonging to use
76 // for hwdbg interpreter
77 //
78 ShowMessages("err, unknown packet received from the debuggee\n");
79 return FALSE;
80 }
81
82 //
83 // It's a HyperDbg packet (for hwdbg)
84 //
85 switch (TheActualPacket->RequestedActionOfThePacket)
86 {
87 case hwdbgResponseSuccessOrErrorMessage:
88
89 Result = TRUE;
90
91 //
92 // Todo: implement it
93 //
94
95 break;
96
97 case hwdbgResponseInstanceInfo:
98
99 Result = TRUE;
100 InstanceInfoPacket = (HWDBG_INSTANCE_INFORMATION *)(((CHAR *)TheActualPacket) + sizeof(DEBUGGER_REMOTE_PACKET));
101 InstanceInfoPorts = (UINT32 *)(((CHAR *)InstanceInfoPacket) + sizeof(HWDBG_INSTANCE_INFORMATION));
102
103 //
104 // Copy the instance info into the global hwdbg instance info
105 //
106 RtlCopyMemory(&g_HwdbgInstanceInfo, InstanceInfoPacket, sizeof(HWDBG_INSTANCE_INFORMATION));
107
108 //
109 // Instance info is valid from now
110 //
111 g_HwdbgInstanceInfoIsValid = TRUE;
112
113 //
114 // Read port arrangements
115 //
116 for (size_t i = 0; i < g_HwdbgInstanceInfo.numberOfPorts; i++)
117 {
118 g_HwdbgPortConfiguration.push_back(InstanceInfoPorts[i]);
119 }
120
121 //
122 // Infom the script engine about the instance info
123 //
124 ScriptEngineSetHwdbgInstanceInfo(&g_HwdbgInstanceInfo);
125
126 break;
127
128 default:
129
130 Result = FALSE;
131 ShowMessages("err, unknown packet request received from the debuggee\n");
132
133 break;
134 }
135 }
136
137 //
138 // Packet handled successfully
139 //
140 return Result;
141}
PUINT32
unsigned int * PUINT32
Definition BasicTypes.h:48
DEBUGGER_REMOTE_PACKET_TYPE_DEBUGGEE_TO_DEBUGGER_HARDWARE_LEVEL
@ DEBUGGER_REMOTE_PACKET_TYPE_DEBUGGEE_TO_DEBUGGER_HARDWARE_LEVEL
Definition Connection.h:174
hwdbgResponseSuccessOrErrorMessage
@ hwdbgResponseSuccessOrErrorMessage
Definition HardwareDebugger.h:54
hwdbgResponseInstanceInfo
@ hwdbgResponseInstanceInfo
Definition HardwareDebugger.h:55
g_HwdbgPortConfiguration
std::vector< UINT32 > g_HwdbgPortConfiguration
Ports configuration of hwdbg.
Definition globals.h:693
g_HwdbgInstanceInfo
HWDBG_INSTANCE_INFORMATION g_HwdbgInstanceInfo
Instance information of the current hwdbg debuggee.
Definition globals.h:681
test-case-generator.NULL
NULL()
Definition test-case-generator.py:530
ScriptEngineSetHwdbgInstanceInfo
BOOLEAN ScriptEngineSetHwdbgInstanceInfo(HWDBG_INSTANCE_INFORMATION *InstancInfo)
Set hwdbg instance info for the script engine.
Definition script-engine.c:3332
_HWDBG_INSTANCE_INFORMATION
The structure of script capabilities information in hwdbg.
Definition HardwareDebugger.h:91
_HWDBG_INSTANCE_INFORMATION::numberOfPorts
UINT32 numberOfPorts
Definition HardwareDebugger.h:106

◆ ParseLine()

std::vector< UINT32 > ParseLine ( const std::string & Line)

Function to parse a single line of the memory content.

Parameters
Line
Returns
VOID
151{
152 std::vector<UINT32> Values;
153 std::stringstream Ss(Line);
154 std::string Token;
155
156 // Skip the memory address part
157 std::getline(Ss, Token, ':');
158
159 // Read the hex value
160 while (std::getline(Ss, Token, ' '))
161 {
162 if (Token.length() == 8 && std::all_of(Token.begin(), Token.end(), ::isxdigit))
163 {
164 Values.push_back(static_cast<UINT32>(std::stoul(Token, nullptr, 16)));
165 }
166 }
167
168 return Values;
169}

Variable Documentation

◆ g_HwdbgInstanceInfo

HWDBG_INSTANCE_INFORMATION g_HwdbgInstanceInfo
extern

Instance information of the current hwdbg debuggee.

◆ g_HwdbgInstanceInfoIsValid

BOOLEAN g_HwdbgInstanceInfoIsValid
extern

Shows whether the instance info is valid (received) or not.

◆ g_HwdbgPortConfiguration

std::vector<UINT32> g_HwdbgPortConfiguration
extern

Ports configuration of hwdbg.