The functions used in loading the VMM and RM. More...

#include "pch.h"

Functions
BOOLEAN	LoaderInitVmmAndReversingMachine ()
	Initialize the VMM and Reversing Machine.

VOID	LoaderUninitializeLogTracer ()
	Uninitialize the log tracer.

Detailed Description

The functions used in loading the VMM and RM.

Author: Sina Karvandi (sina@.nosp@m.hype.nosp@m.rdbg..nosp@m.org)

Version: 0.2

Date: 2023-01-29

Copyright: This project is released under the GNU Public License v3.

Function Documentation

◆ LoaderInitVmmAndReversingMachine()

BOOLEAN LoaderInitVmmAndReversingMachine ( )

Initialize the VMM and Reversing Machine.

Returns: BOOLEAN

{
    MESSAGE_TRACING_CALLBACKS MsgTracingCallbacks = {0};
    VMM_CALLBACKS             VmmCallbacks        = {0};
 
    //
    // Allow to server IOCTL
    //
    g_AllowIOCTLFromUsermode = TRUE;
 
    //
    // Fill the callbacks for the message tracer
    //
    MsgTracingCallbacks.VmxOperationCheck = VmFuncVmxGetCurrentExecutionMode;
    //  MsgTracingCallbacks.CheckImmediateMessageSending = KdCheckImmediateMessagingMechanism;
    //  MsgTracingCallbacks.SendImmediateMessage         = KdLoggingResponsePacketToDebugger;
 
    //
    // Fill the callbacks for using hyperlog in VMM
    //
    VmmCallbacks.LogCallbackPrepareAndSendMessageToQueueWrapper = LogCallbackPrepareAndSendMessageToQueueWrapper;
    VmmCallbacks.LogCallbackSendMessageToQueue                  = LogCallbackSendMessageToQueue;
    VmmCallbacks.LogCallbackSendBuffer                          = LogCallbackSendBuffer;
    VmmCallbacks.LogCallbackCheckIfBufferIsFull                 = LogCallbackCheckIfBufferIsFull;
 
    //
    // Fill the VMM callbacks
    //
    // VmmCallbacks.VmmCallbackTriggerEvents = DebuggerTriggerEvents;
 
    //
    // Initialize message tracer
    //
    if (LogInitialize(&MsgTracingCallbacks))
    {
        //
        // Initialize Vmx
        //
        if (VmFuncInitVmm(&VmmCallbacks))
        {
            LogDebugInfo("HyperDbg's hypervisor loaded successfully");
 
            //
            // Initialize the debugger
            //
            if (CoreInitReversingMachine())
            {
                LogDebugInfo("HyperDbg's reversing machine loaded successfully");
 
                //
                // Set the variable so no one else can get a handle anymore
                //
                g_HandleInUse = TRUE;
 
                return TRUE;
            }
            else
            {
                LogError("Err, HyperDbg's debugger was not loaded");
            }
        }
        else
        {
            LogError("Err, HyperDbg's hypervisor was not loaded");
        }
    }
    else
    {
        LogError("Err, HyperDbg's message tracing module was not loaded");
    }
 
    //
    // Not loaded
    //
    g_AllowIOCTLFromUsermode = FALSE;
 
    return FALSE;
}

◆ LoaderUninitializeLogTracer()

VOID LoaderUninitializeLogTracer ( )

Uninitialize the log tracer.

Returns: VOID

{
    LogDebugInfo("Unloading HyperDbg's debugger...\n");
 
#if !UseDbgPrintInsteadOfUsermodeMessageTracking
 
    //
    // Uinitialize log buffer
    //
    LogDebugInfo("Uninitializing logs\n");
    LogUnInitialize();
#endif
}

Functions

Detailed Description

Function Documentation

◆ LoaderInitVmmAndReversingMachine()

◆ LoaderUninitializeLogTracer()