HyperDbg Debugger
Loading...
Searching...
No Matches
RequestStructures.h
Go to the documentation of this file.
1
13#pragma once
14#include "Pcie.h"
15
16#define SIZEOF_DEBUGGER_INIT_VMM_PACKET \
17 sizeof(DEBUGGER_INIT_VMM_PACKET)
18
23typedef struct _DEBUGGER_INIT_VMM_PACKET
24{
26
28
29// ==============================================================================================
30
31#define SIZEOF_DEBUGGER_INIT_HYPERTRACE_PACKET \
32 sizeof(DEBUGGER_INIT_HYPERTRACE_PACKET)
33
39{
41
43
44// ==============================================================================================
45
46#define SIZEOF_DEBUGGER_READ_PAGE_TABLE_ENTRIES_DETAILS \
47 sizeof(DEBUGGER_READ_PAGE_TABLE_ENTRIES_DETAILS)
48
54{
55 UINT64 VirtualAddress;
57
59 UINT64 Pml4eValue;
60
62 UINT64 PdpteValue;
63
64 UINT64 PdeVirtualAddress;
65 UINT64 PdeValue;
66
67 UINT64 PteVirtualAddress;
68 UINT64 PteValue;
69
71
74
75// ==============================================================================================
76
77#define SIZEOF_DEBUGGER_VA2PA_AND_PA2VA_COMMANDS \
78 sizeof(DEBUGGER_VA2PA_AND_PA2VA_COMMANDS)
79
85{
86 UINT64 VirtualAddress;
87 UINT64 PhysicalAddress;
91
93
94// ==============================================================================================
95
96#define SIZEOF_DEBUGGER_PAGE_IN_REQUEST \
97 sizeof(DEBUGGER_PAGE_IN_REQUEST)
98
103typedef struct _DEBUGGER_PAGE_IN_REQUEST
104{
105 UINT64 VirtualAddressFrom;
106 UINT64 VirtualAddressTo;
110
112
113// ==============================================================================================
114
125
136
137#define SIZEOF_REVERSING_MACHINE_RECONSTRUCT_MEMORY_REQUEST \
138 sizeof(REVERSING_MACHINE_RECONSTRUCT_MEMORY_REQUEST)
139
145{
147 UINT32 Size;
151
153
154// ==============================================================================================
155
156#define SIZEOF_DEBUGGER_DT_COMMAND_OPTIONS \
157 sizeof(DEBUGGER_DT_COMMAND_OPTIONS)
158
163typedef struct _DEBUGGER_DT_COMMAND_OPTIONS
164{
165 const CHAR * TypeName;
166 UINT64 SizeOfTypeName;
167 UINT64 Address;
172
174
175// ==============================================================================================
176
193
194#define SIZEOF_DEBUGGER_PREALLOC_COMMAND \
195 sizeof(DEBUGGER_PREALLOC_COMMAND)
196
201typedef struct _DEBUGGER_PREALLOC_COMMAND
202{
206
208
209// ==============================================================================================
210
220
221#define SIZEOF_DEBUGGER_PREACTIVATE_COMMAND \
222 sizeof(DEBUGGER_PREACTIVATE_COMMAND)
223
229{
232
234
235// ==============================================================================================
236
237#define SIZEOF_DEBUGGER_READ_MEMORY sizeof(DEBUGGER_READ_MEMORY)
238
248
258
269
286
291typedef struct _DEBUGGER_READ_MEMORY
292{
293 UINT32 Pid; // Read from cr3 of what process
294 UINT64 Address;
295 UINT32 Size;
296 BOOLEAN GetAddressMode; // Debugger sets whether the read memory is for diassembler or not
297 DEBUGGER_READ_MEMORY_ADDRESS_MODE AddressMode; // Debuggee sets the mode of address
300 UINT32 ReturnLength; // not used in local debugging
301 UINT32 KernelStatus; // not used in local debugging
302
303 //
304 // Here is the target buffer (actual memory)
305 //
306
308
309// ==============================================================================================
310
311#define SIZEOF_DEBUGGER_FLUSH_LOGGING_BUFFERS \
312 sizeof(DEBUGGER_FLUSH_LOGGING_BUFFERS)
313
319{
323
325
326// ==============================================================================================
327
328#define SIZEOF_DEBUGGER_TEST_QUERY_BUFFER \
329 sizeof(DEBUGGER_TEST_QUERY_BUFFER)
330
336{
337 TEST_QUERY_HALTING_CORE_STATUS = 1, // Query constant to show detail of halting of core
338 TEST_QUERY_PREALLOCATED_POOL_STATE = 2, // Query pre-allocated pool state
339 TEST_QUERY_TRAP_STATE = 3, // Query trap state
340 TEST_BREAKPOINT_TURN_OFF_BPS = 4, // Turn off the breakpoints (#BP)
341 TEST_BREAKPOINT_TURN_ON_BPS = 5, // Turn on the breakpoints (#BP)
342 TEST_BREAKPOINT_TURN_OFF_BPS_AND_EVENTS_FOR_COMMANDS_IN_REMOTE_COMPUTER = 6, // Turn off the breakpoints and events for executing the commands in the remote computer
343 TEST_BREAKPOINT_TURN_ON_BPS_AND_EVENTS_FOR_COMMANDS_IN_REMOTE_COMPUTER = 7, // Turn on the breakpoints and events for executing the commands in the remote computer
344 TEST_SETTING_TARGET_TASKS_ON_HALTED_CORES_SYNCHRONOUS = 8, // For testing synchronized event
345 TEST_SETTING_TARGET_TASKS_ON_HALTED_CORES_ASYNCHRONOUS = 9, // For testing unsynchronized event
346 TEST_SETTING_TARGET_TASKS_ON_TARGET_HALTED_CORES = 10, // Send the task to the halted core
347 TEST_BREAKPOINT_TURN_OFF_DBS = 11, // Turn off the debug breaks (#DB)
348 TEST_BREAKPOINT_TURN_ON_DBS = 12, // Turn on the debug breaks (#DB)
349
351
357{
359 UINT64 Context;
361
363
364// ==============================================================================================
365
366#define SIZEOF_DEBUGGER_PERFORM_KERNEL_TESTS \
367 sizeof(DEBUGGER_PERFORM_KERNEL_TESTS)
368
374{
376
378
379// ==============================================================================================
380
381#define SIZEOF_DEBUGGER_SEND_COMMAND_EXECUTION_FINISHED_SIGNAL \
382 sizeof(DEBUGGER_SEND_COMMAND_EXECUTION_FINISHED_SIGNAL)
383
389{
391
394
395// ==============================================================================================
396
397#define SIZEOF_DEBUGGEE_SEND_GENERAL_PACKET_FROM_DEBUGGEE_TO_DEBUGGER \
398 sizeof(DEBUGGEE_SEND_GENERAL_PACKET_FROM_DEBUGGEE_TO_DEBUGGER)
399
405{
410
411 //
412 // The buffer for the general packet is here
413 //
414
417
418// ==============================================================================================
419
420#define SIZEOF_DEBUGGER_SEND_USERMODE_MESSAGES_TO_DEBUGGER \
421 sizeof(DEBUGGER_SEND_USERMODE_MESSAGES_TO_DEBUGGER)
422
428{
431
432 //
433 // Here is the messages
434 //
435
438
439// ==============================================================================================
440
441#define SIZEOF_DEBUGGER_READ_AND_WRITE_ON_MSR \
442 sizeof(DEBUGGER_READ_AND_WRITE_ON_MSR)
443
453
459{
460 UINT64 Msr; // It's actually a 32-Bit value but let's not mess with a register
461 UINT32 CoreNumber; // specifies the core to execute wrmsr or read the msr
462 // (DEBUGGER_READ_AND_WRITE_ON_MSR_APPLY_ALL_CORES mean all
463 // the cores)
464 DEBUGGER_MSR_ACTION_TYPE ActionType; // Detects whether user needs wrmsr or rdmsr
465 UINT64 Value;
466
468
469#define SIZEOF_DEBUGGER_READ_AND_WRITE_ON_MSR \
470 sizeof(DEBUGGER_READ_AND_WRITE_ON_MSR)
471
472// ==============================================================================================
473
474#define SIZEOF_DEBUGGER_EDIT_MEMORY sizeof(DEBUGGER_EDIT_MEMORY)
475
485
496
501typedef struct _DEBUGGER_EDIT_MEMORY
502{
504 UINT64 Address; // Target address to modify
505 UINT32 ProcessId; // specifies the process id
506 DEBUGGER_EDIT_MEMORY_TYPE MemoryType; // Type of memory
507 DEBUGGER_EDIT_MEMORY_BYTE_SIZE ByteSize; // Modification size
510
512
513// ==============================================================================================
514
515#define SIZEOF_DEBUGGER_SEARCH_MEMORY sizeof(DEBUGGER_SEARCH_MEMORY)
516
528
540
545typedef struct _DEBUGGER_SEARCH_MEMORY
546{
547 UINT64 Address; // Target address to start searching
548 UINT64 Length; // Length of bytes to search
549 UINT32 ProcessId; // specifies the process id
550 DEBUGGER_SEARCH_MEMORY_TYPE MemoryType; // Type of memory
551 DEBUGGER_SEARCH_MEMORY_BYTE_SIZE ByteSize; // Modification size
554
556
557// ==============================================================================================
558
568{
570 UINT32 SysNtQuerySystemInformationEx; // On 24H2, changes on each windows version
571
572 UINT32 SysNtSystemDebugControl; // On 24H2, changes on each windows version
575 UINT32 SysNtQueryDirectoryObject; // On 24H2, changes on each windows version
582 UINT32 SysNtOpenKeyEx; // On 24H2, changes on each windows version
585
587
588#define SIZEOF_DEBUGGER_HIDE_AND_TRANSPARENT_DEBUGGER_MODE \
589 sizeof(DEBUGGER_HIDE_AND_TRANSPARENT_DEBUGGER_MODE)
590
596{
598
599 // UINT64 CpuidAverage;
600 // UINT64 CpuidStandardDeviation;
601 // UINT64 CpuidMedian;
602
603 // UINT64 RdtscAverage;
604 // UINT64 RdtscStandardDeviation;
605 // UINT64 RdtscMedian;
606
610
611 SYSTEM_CALL_NUMBERS_INFORMATION SystemCallNumbersInformation; // System call numbers information
612
613 UINT32 KernelStatus; /* DEBUGGER_OPERATION_WAS_SUCCESSFUL ,
614 DEBUGGER_ERROR_UNABLE_TO_HIDE_OR_UNHIDE_DEBUGGER
615 */
616
617 UINT32 EvadeMask; // zero means TRANSPARENT_EVADE_MASK_DEFAULT
618
621
622// ==============================================================================================
623
624#define SIZEOF_DEBUGGER_PREPARE_DEBUGGEE sizeof(DEBUGGER_PREPARE_DEBUGGEE)
625
630typedef struct _DEBUGGER_PREPARE_DEBUGGEE
631{
634 UINT64 KernelBaseAddress;
635 UINT32 Result; // Result from the kernel
637
639
640// ==============================================================================================
641
646typedef struct _DEBUGGEE_CHANGE_CORE_PACKET
647{
650
652
653// ==============================================================================================
654
655#define SIZEOF_DEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS \
656 sizeof(DEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS)
657
674
680{
686 UINT64 Rip; // used in switching threads
687 BYTE InstructionBytesOnRip[MAXIMUM_INSTR_SIZE]; // used in switching threads
688 UINT32 SizeOfInstruction; // used in switching threads
689 BOOLEAN IsPaused; // used in switching to threads
691 UINT32 CountOfActiveDebuggingThreadsAndProcesses; // used in showing the list of active threads/processes
692 UINT64 Token;
693 UINT64 Result;
694
697
698// ==============================================================================================
699
700#define SIZEOF_DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS \
701 sizeof(DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS)
702
717
729
736{
737 UINT64 PsActiveProcessHead; // nt!PsActiveProcessHead
738 ULONG ImageFileNameOffset; // nt!_EPROCESS.ImageFileName
739 ULONG UniquePidOffset; // nt!_EPROCESS.UniqueProcessId
740 ULONG ActiveProcessLinksOffset; // nt!_EPROCESS.ActiveProcessLinks
741
743
750{
751 UINT32 ThreadListHeadOffset; // nt!_EPROCESS.ThreadListHead
752 UINT32 ThreadListEntryOffset; // nt!_ETHREAD.ThreadListEntry
753 UINT32 CidOffset; // nt!_ETHREAD.Cid
754 UINT64 PsActiveProcessHead; // nt!PsActiveProcessHead
755 ULONG ActiveProcessLinksOffset; // nt!_EPROCESS.ActiveProcessLinks
756 UINT64 Process;
757
759
766{
767 UINT64 Eprocess;
769 UINT64 Cr3;
770 UCHAR ImageFileName[15 + 1];
771
773
780{
781 UINT64 Eprocess;
782 UINT64 Ethread;
785 UCHAR ImageFileName[15 + 1];
786
788
794{
800 UINT64 Result;
801
804
805#define SIZEOF_DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS \
806 sizeof(DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS)
807
808// ==============================================================================================
809
815{
819 UINT64 Value;
821
823
824#define SIZEOF_DEBUGGER_CALLSTACK_REQUEST \
825 sizeof(DEBUGGER_CALLSTACK_REQUEST)
826
837
842typedef struct _DEBUGGER_CALLSTACK_REQUEST
843{
847 UINT32 Size;
849 UINT64 BaseAddress;
850 UINT64 BufferSize;
851
852 //
853 // Here is the size of stack frames
854 //
855
857
858// ==============================================================================================
859
860#define SIZEOF_USERMODE_DEBUGGING_THREAD_OR_PROCESS_STATE_DETAILS \
861 sizeof(USERMODE_DEBUGGING_THREAD_OR_PROCESS_STATE_DETAILS)
862
864{
869
871
872// ==============================================================================================
873
879{
880 UINT64 ScriptBuffer;
884
887
893{
896 UINT64 RequstBufferAddress;
897
899
905{
909
911
912// ==============================================================================================
913
927
932typedef struct _DEBUGGER_UD_COMMAND_ACTION
933{
935 UINT64 OptionalParam1;
936 UINT64 OptionalParam2;
937 UINT64 OptionalParam3;
938 UINT64 OptionalParam4;
939
941
946typedef struct _DEBUGGER_UD_COMMAND_PACKET
947{
954
956
957#define SIZEOF_DEBUGGER_UD_COMMAND_PACKET sizeof(DEBUGGER_UD_COMMAND_PACKET)
958
959// ==============================================================================================
960
973
980{
983 UINT64 Process;
985 UCHAR ProcessName[16];
988
990
991// ==============================================================================================
992
997#define SIZEOF_DEBUGGEE_DETAILS_AND_SWITCH_PROCESS_PACKET \
998 sizeof(DEBUGGEE_DETAILS_AND_SWITCH_PROCESS_PACKET)
999
1012
1018{
1022 UINT64 Thread;
1023 UINT64 Process;
1025 UCHAR ProcessName[16];
1027 UINT32 Result;
1028
1030
1035#define SIZEOF_DEBUGGEE_DETAILS_AND_SWITCH_THREAD_PACKET \
1036 sizeof(DEBUGGEE_DETAILS_AND_SWITCH_THREAD_PACKET)
1037
1038// ==============================================================================================
1039
1055
1060typedef struct _DEBUGGEE_STEP_PACKET
1061{
1063
1064 //
1065 // Only in the case of call instructions
1066 // the 'p' command
1067 //
1070
1072
1077#define DEBUGGER_REMOTE_TRACKING_DEFAULT_COUNT_OF_STEPPING 0xffffffff
1078
1079// ==============================================================================================
1080
1091
1096typedef struct _DEBUGGER_APIC_REQUEST
1097{
1101
1103
1108#define SIZEOF_DEBUGGER_APIC_REQUEST \
1109 sizeof(DEBUGGER_APIC_REQUEST)
1110
1114#define LAPIC_SIZE 0x400
1115
1116#define LAPIC_LVT_FLAG_ENTRY_MASKED (1UL << 16)
1117#define LAPIC_LVT_DELIVERY_MODE_EXT_INT (7UL << 8)
1118#define LAPIC_SVR_FLAG_SW_ENABLE (1UL << 8)
1119
1123typedef struct _LAPIC_PAGE
1124{
1125 UINT8 Reserved000[0x10];
1126 UINT8 Reserved010[0x10];
1127
1128 UINT32 Id; // offset 0x020
1129 UINT8 Reserved024[0x0C];
1130
1131 UINT32 Version; // offset 0x030
1132 UINT8 Reserved034[0x0C];
1133
1134 UINT8 Reserved040[0x40];
1135
1136 UINT32 TPR; // offset 0x080
1137 UINT8 Reserved084[0x0C];
1138
1139 UINT32 ArbitrationPriority; // offset 0x090
1140 UINT8 Reserved094[0x0C];
1141
1142 UINT32 ProcessorPriority; // offset 0x0A0
1143 UINT8 Reserved0A4[0x0C];
1144
1145 UINT32 EOI; // offset 0x0B0
1146 UINT8 Reserved0B4[0x0C];
1147
1148 UINT32 RemoteRead; // offset 0x0C0
1149 UINT8 Reserved0C4[0x0C];
1150
1151 UINT32 LogicalDestination; // offset 0x0D0
1152 UINT8 Reserved0D4[0x0C];
1153
1154 UINT32 DestinationFormat; // offset 0x0E0
1155 UINT8 Reserved0E4[0x0C];
1156
1157 UINT32 SpuriousInterruptVector; // offset 0x0F0
1158 UINT8 Reserved0F4[0x0C];
1159
1160 UINT32 ISR[32]; // offset 0x100
1161
1162 UINT32 TMR[32]; // offset 0x180
1163
1164 UINT32 IRR[32]; // offset 0x200
1165
1166 UINT32 ErrorStatus; // offset 0x280
1167 UINT8 Reserved284[0x0C];
1168
1169 UINT8 Reserved290[0x60];
1170
1171 UINT32 LvtCmci; // offset 0x2F0
1172 UINT8 Reserved2F4[0x0C];
1173
1174 UINT32 IcrLow; // offset 0x300
1175 UINT8 Reserved304[0x0C];
1176
1177 UINT32 IcrHigh; // offset 0x310
1178 UINT8 Reserved314[0x0C];
1179
1180 UINT32 LvtTimer; // offset 0x320
1181 UINT8 Reserved324[0x0C];
1182
1183 UINT32 LvtThermalSensor; // offset 0x330
1184 UINT8 Reserved334[0x0C];
1185
1186 UINT32 LvtPerfMonCounters; // offset 0x340
1187 UINT8 Reserved344[0x0C];
1188
1189 UINT32 LvtLINT0; // offset 0x350
1190 UINT8 Reserved354[0x0C];
1191
1192 UINT32 LvtLINT1; // offset 0x360
1193 UINT8 Reserved364[0x0C];
1194
1195 UINT32 LvtError; // offset 0x370
1196 UINT8 Reserved374[0x0C];
1197
1198 UINT32 InitialCount; // offset 0x380
1199 UINT8 Reserved384[0x0C];
1200
1201 UINT32 CurrentCount; // offset 0x390
1202 UINT8 Reserved394[0x0C];
1203
1204 UINT8 Reserved3A0[0x40]; // offset 0x3A0
1205
1206 UINT32 DivideConfiguration; // offset 0x3E0
1207 UINT8 Reserved3E4[0x0C];
1208
1209 UINT32 SelfIpi; // offset 0x3F0
1210 UINT8 Reserved3F4[0x0C]; // valid only for X2APIC
1212
1213// ==============================================================================================
1214
1222#define MAX_NUMBER_OF_IO_APIC_ENTRIES 400
1223
1228typedef struct _IO_APIC_ENTRY_PACKETS
1229{
1230 UINT64 ApicBasePa;
1231 UINT64 ApicBaseVa;
1233 UINT32 IoLl;
1236
1238
1243static_assert(sizeof(IO_APIC_ENTRY_PACKETS) < PacketChunkSize,
1244 "err (static_assert), size of PacketChunkSize should be bigger than IO_APIC_ENTRY_PACKETS");
1245
1246// ==============================================================================================
1247
1258
1263typedef struct _SMI_OPERATION_PACKETS
1264{
1266 UINT64 SmiCount;
1268
1270
1275#define SIZEOF_SMI_OPERATION_PACKETS \
1276 sizeof(SMI_OPERATION_PACKETS)
1277
1278// ==============================================================================================
1279
1296
1302{
1306
1308
1313#define SIZEOF_HYPERTRACE_LBR_OPERATION_PACKETS \
1314 sizeof(HYPERTRACE_LBR_OPERATION_PACKETS)
1315
1316// ==============================================================================================
1317
1322typedef struct _HYPERTRACE_LBR_DUMP_PACKETS
1323{
1324 UINT32 CoreId;
1325 BOOLEAN NextCoreIsValid; // In the case of dumping all cores, this flag indicates whether the next core number is valid
1326 BOOLEAN ArchBasedLBR; // Whether the LBR is architecture-based
1330
1332
1337#define HYPERTRACE_LBR_DUMP_ALL_CORES 0xffffffff
1338
1343#define SIZEOF_HYPERTRACE_LBR_DUMP_PACKETS \
1344 sizeof(HYPERTRACE_LBR_DUMP_PACKETS)
1345
1346// ==============================================================================================
1347
1364
1382{
1385
1386 //
1387 // Filter / config (used by FILTER and ENABLE)
1388 //
1389 UINT32 TraceUser; /* Boolean: trace CPL > 0 */
1390 UINT32 TraceKernel; /* Boolean: trace CPL == 0 */
1391 UINT64 TargetCr3; /* CR3 to filter by (0 = no filter) */
1392 UINT64 BufferSize; /* Output buffer size (0 = keep current) */
1393 UINT32 NumAddrRanges; /* Number of valid AddrRanges entries */
1394 UINT32 TargetProcessId; /* Process to trace; kernel resolves it
1395 to TargetCr3 when TargetCr3 == 0
1396 (0 = no PID-based CR3 filter) */
1398
1399 //
1400 // SIZE output: per-CPU bytes-written snapshot
1401 //
1402 UINT32 NumCpus; /* CPUs populated in BytesPerCpu */
1403 UINT32 Reserved2; /* Padding to 8-align the array */
1405
1407
1412#define SIZEOF_HYPERTRACE_PT_OPERATION_PACKETS \
1413 sizeof(HYPERTRACE_PT_OPERATION_PACKETS)
1414
1415// ==============================================================================================
1416
1436typedef struct _HYPERTRACE_PT_MMAP_PACKETS
1437{
1441
1443
1448#define SIZEOF_HYPERTRACE_PT_MMAP_PACKETS \
1449 sizeof(HYPERTRACE_PT_MMAP_PACKETS)
1450
1451// ==============================================================================================
1452
1457#define MAX_NUMBER_OF_IDT_ENTRIES 256
1458
1464{
1467
1469
1474#define SIZEOF_INTERRUPT_DESCRIPTOR_TABLE_ENTRIES_PACKETS \
1475 sizeof(INTERRUPT_DESCRIPTOR_TABLE_ENTRIES_PACKETS)
1476
1482 "err (static_assert), size of PacketChunkSize should be bigger than INTERRUPT_DESCRIPTOR_TABLE_ENTRIES_PACKETS");
1483
1484// ==============================================================================================
1485
1490typedef struct _DEBUGGEE_FORMATS_PACKET
1491{
1492 UINT64 Value;
1493 UINT32 Result;
1494
1496
1497// ==============================================================================================
1498
1504{
1506
1508
1509// ==============================================================================================
1510
1515typedef struct _DEBUGGEE_BP_PACKET
1516{
1517 UINT64 Address;
1518 UINT32 Pid;
1519 UINT32 Tid;
1520 UINT32 Core;
1523 UINT32 Result;
1524
1526
1531#define SIZEOF_DEBUGGEE_BP_PACKET \
1532 sizeof(DEBUGGEE_BP_PACKET)
1533
1547
1553{
1554 UINT64 BreakpointId;
1556 UINT32 Result;
1557
1559
1560// ==============================================================================================
1561
1575
1576// ==============================================================================================
1577
1582typedef struct _DEBUGGEE_SCRIPT_PACKET
1583{
1587 UINT64 FormatValue;
1588 UINT32 Result;
1589
1590 //
1591 // The script buffer is here
1592 //
1593
1595
1596// ==============================================================================================
1597
1603{
1605 UINT32 Result;
1606
1608
1609// ==============================================================================================
1610
1616{
1618 UINT64 Value;
1620
1622
1623// ==============================================================================================
1624
1630{
1632 UINT64 Value;
1634
1636
1637// ==============================================================================================
1638
1639#define SIZEOF_DEBUGGEE_PCITREE_REQUEST_RESPONSE_PACKET \
1640 sizeof(DEBUGGEE_PCITREE_REQUEST_RESPONSE_PACKET)
1641
1647{
1651
1653
1659 "err (static_assert), size of PacketChunkSize should be bigger than DEBUGGEE_PCITREE_REQUEST_RESPONSE_PACKET");
1660
1661// ==============================================================================================
1662
1663#define SIZEOF_DEBUGGEE_PCIDEVINFO_REQUEST_RESPONSE_PACKET \
1664 sizeof(DEBUGGEE_PCIDEVINFO_REQUEST_RESPONSE_PACKET)
1665
1671{
1673 BOOL PrintRaw;
1675
1677
1683 "err (static_assert), size of PacketChunkSize should be bigger than DEBUGGEE_PCIDEVINFO_REQUEST_RESPONSE_PACKET");
1684
1685// ==============================================================================================
int BOOL
Definition BasicTypes.h:25
UCHAR BOOLEAN
Definition BasicTypes.h:35
void * PVOID
Definition BasicTypes.h:56
unsigned char BYTE
Definition BasicTypes.h:40
unsigned char UCHAR
Definition BasicTypes.h:34
unsigned char UINT8
Definition BasicTypes.h:52
unsigned int UINT32
Definition BasicTypes.h:54
char CHAR
Definition BasicTypes.h:33
unsigned long ULONG
Definition BasicTypes.h:31
enum _DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION
enum for requested action for HyperDbg packet
#define MAXIMUM_CALL_INSTR_SIZE
maximum size for call instruction in Intel
Definition Constants.h:475
#define PacketChunkSize
Size of each packet.
Definition Constants.h:187
#define MAXIMUM_CHARACTER_FOR_OS_NAME
maximum name for OS name buffer
Definition Constants.h:461
#define MAXIMUM_INSTR_SIZE
maximum instruction size in Intel
Definition Constants.h:470
struct _LBR_STACK_ENTRY LBR_STACK_ENTRY
The structure to hold the LBR stack for a single processor core, including the branch entries and the...
#define DEV_MAX_NUM
Definition Pcie.h:42
struct _PCI_DEV_MINIMAL PCI_DEV_MINIMAL
PCI Device Minimal Data Structure for !pcitree.
struct _PCI_DEV PCI_DEV
PCI Device Data Structure.
struct _PT_USER_BUFFER_DESC PT_USER_BUFFER_DESC
One per-CPU descriptor returned by the PT mmap surface.
struct _PT_ADDR_RANGE PT_ADDR_RANGE
Intel PT IP filter range.
#define PT_MAX_ADDR_RANGES
Definition PtDefinitions.h:53
#define PT_MAX_CPUS_FOR_MMAP
Definition PtDefinitions.h:60
_DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_TYPES
different type of process or thread queries
Definition RequestStructures.h:708
@ DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_QUERY_THREAD_COUNT
Definition RequestStructures.h:710
@ DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_QUERY_PROCESS_LIST
Definition RequestStructures.h:711
@ DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_QUERY_CURRENT_THREAD
Definition RequestStructures.h:714
@ DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_QUERY_THREAD_LIST
Definition RequestStructures.h:712
@ DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_QUERY_CURRENT_PROCESS
Definition RequestStructures.h:713
@ DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_QUERY_PROCESS_COUNT
Definition RequestStructures.h:709
struct _DEBUGGEE_STEP_PACKET DEBUGGEE_STEP_PACKET
The structure of stepping packet in HyperDbg.
struct _HYPERTRACE_PT_OPERATION_PACKETS HYPERTRACE_PT_OPERATION_PACKETS
The structure of HyperTrace PT result packet in HyperDbg.
struct _DEBUGGER_READ_PAGE_TABLE_ENTRIES_DETAILS * PDEBUGGER_READ_PAGE_TABLE_ENTRIES_DETAILS
struct _HYPERTRACE_LBR_OPERATION_PACKETS HYPERTRACE_LBR_OPERATION_PACKETS
The structure of HyperTrace LBR result packet in HyperDbg.
_SMI_OPERATION_REQUEST_TYPE
check so the IO_APIC_ENTRY_PACKETS should be smaller than packet size
Definition RequestStructures.h:1253
@ SMI_OPERATION_REQUEST_TYPE_READ_COUNT
Definition RequestStructures.h:1254
@ SMI_OPERATION_REQUEST_TYPE_TRIGGER_POWER_SMI
Definition RequestStructures.h:1255
struct _DEBUGGEE_SCRIPT_PACKET * PDEBUGGEE_SCRIPT_PACKET
struct _DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS * PDEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS
struct _REVERSING_MACHINE_RECONSTRUCT_MEMORY_REQUEST REVERSING_MACHINE_RECONSTRUCT_MEMORY_REQUEST
requests for !rev command
struct _DEBUGGER_READ_AND_WRITE_ON_MSR DEBUGGER_READ_AND_WRITE_ON_MSR
request to read or write on MSRs
enum _HYPERTRACE_LBR_OPERATION_REQUEST_TYPE HYPERTRACE_LBR_OPERATION_REQUEST_TYPE
Perform actions related to HyperTrace for LBR.
struct _DEBUGGER_INIT_VMM_PACKET * PDEBUGGER_INIT_VMM_PACKET
struct _DEBUGGEE_REGISTER_WRITE_DESCRIPTION * PDEBUGGEE_REGISTER_WRITE_DESCRIPTION
_DEBUGGER_EDIT_MEMORY_TYPE
different type of addresses for editing memory
Definition RequestStructures.h:481
@ EDIT_PHYSICAL_MEMORY
Definition RequestStructures.h:483
@ EDIT_VIRTUAL_MEMORY
Definition RequestStructures.h:482
struct _DEBUGGEE_SCRIPT_PACKET DEBUGGEE_SCRIPT_PACKET
The structure of script packet in HyperDbg.
struct _LAPIC_PAGE * PLAPIC_PAGE
struct _DEBUGGEE_PCIDEVINFO_REQUEST_RESPONSE_PACKET DEBUGGEE_PCIDEVINFO_REQUEST_RESPONSE_PACKET
PCI device info Request-Response Packet, used by !pcicam and future PCI-related commands....
struct _DEBUGGER_APIC_REQUEST * PDEBUGGER_APIC_REQUEST
struct _DEBUGGER_PREACTIVATE_COMMAND DEBUGGER_PREACTIVATE_COMMAND
requests for the 'preactivate' command
struct _DEBUGGEE_CHANGE_CORE_PACKET * PDEBUGGEE_CHANGE_CORE_PACKET
enum _DEBUGGER_PREACTIVATE_COMMAND_TYPE DEBUGGER_PREACTIVATE_COMMAND_TYPE
different types of preactivate requests
enum _DEBUGGER_SHOW_MEMORY_STYLE DEBUGGER_SHOW_MEMORY_STYLE
the way that debugger should show the details of memory or disassemble them
struct _DEBUGGER_EVENT_ACTION_RUN_SCRIPT_CONFIGURATION DEBUGGER_EVENT_ACTION_RUN_SCRIPT_CONFIGURATION
Used for run the script.
struct _DEBUGGER_SEND_USERMODE_MESSAGES_TO_DEBUGGER * PDEBUGGER_SEND_USERMODE_MESSAGES_TO_DEBUGGER
struct _HYPERTRACE_PT_OPERATION_PACKETS * PHYPERTRACE_PT_OPERATION_PACKETS
struct _DEBUGGEE_PROCESS_LIST_DETAILS_ENTRY * PDEBUGGEE_PROCESS_LIST_DETAILS_ENTRY
enum _DEBUGGER_UD_COMMAND_ACTION_TYPE DEBUGGER_UD_COMMAND_ACTION_TYPE
User-mode debugging actions.
struct _DEBUGGER_SEARCH_MEMORY * PDEBUGGER_SEARCH_MEMORY
struct _SYSTEM_CALL_NUMBERS_INFORMATION SYSTEM_CALL_NUMBERS_INFORMATION
Windows System call values that are intercepted by transparency mode.
struct _DEBUGGEE_RESULT_OF_SEARCH_PACKET DEBUGGEE_RESULT_OF_SEARCH_PACKET
The structure of result of search packet in HyperDbg.
struct _DEBUGGER_EVENT_REQUEST_BUFFER DEBUGGER_EVENT_REQUEST_BUFFER
used in the case of requesting a "request buffer"
struct _DEBUGGER_PREPARE_DEBUGGEE DEBUGGER_PREPARE_DEBUGGEE
request to make this computer to a debuggee
struct _DEBUGGEE_THREAD_LIST_NEEDED_DETAILS * PDEBUGGEE_THREAD_LIST_NEEDED_DETAILS
struct _DEBUGGEE_PROCESS_LIST_NEEDED_DETAILS * PDEBUGGEE_PROCESS_LIST_NEEDED_DETAILS
enum _DEBUGGER_PREALLOC_COMMAND_TYPE DEBUGGER_PREALLOC_COMMAND_TYPE
different types of prealloc requests
struct _DEBUGGEE_PROCESS_LIST_NEEDED_DETAILS DEBUGGEE_PROCESS_LIST_NEEDED_DETAILS
The structure of needed information to get the details of the process from nt!_EPROCESS and location ...
struct _DEBUGGER_PREALLOC_COMMAND DEBUGGER_PREALLOC_COMMAND
requests for the 'prealloc' command
_REVERSING_MACHINE_RECONSTRUCT_MEMORY_TYPE
different types of reconstruct requests
Definition RequestStructures.h:131
@ REVERSING_MACHINE_RECONSTRUCT_MEMORY_TYPE_PATTERN
Definition RequestStructures.h:134
@ REVERSING_MACHINE_RECONSTRUCT_MEMORY_TYPE_UNKNOWN
Definition RequestStructures.h:132
@ REVERSING_MACHINE_RECONSTRUCT_MEMORY_TYPE_RECONSTRUCT
Definition RequestStructures.h:133
struct _DEBUGGER_PERFORM_KERNEL_TESTS * PDEBUGGER_PERFORM_KERNEL_TESTS
struct _DEBUGGER_CALLSTACK_REQUEST * PDEBUGGER_CALLSTACK_REQUEST
struct _DEBUGGEE_PCITREE_REQUEST_RESPONSE_PACKET * PDEBUGGEE_PCITREE_REQUEST_RESPONSE_PACKET
struct _INTERRUPT_DESCRIPTOR_TABLE_ENTRIES_PACKETS INTERRUPT_DESCRIPTOR_TABLE_ENTRIES_PACKETS
The structure of IDT entries result packet in HyperDbg.
struct _DEBUGGER_PAGE_IN_REQUEST DEBUGGER_PAGE_IN_REQUEST
requests for the '.pagein' command
struct _DEBUGGER_SINGLE_CALLSTACK_FRAME * PDEBUGGER_SINGLE_CALLSTACK_FRAME
struct _DEBUGGEE_REGISTER_READ_DESCRIPTION * PDEBUGGEE_REGISTER_READ_DESCRIPTION
struct _DEBUGGER_DT_COMMAND_OPTIONS * PDEBUGGER_DT_COMMAND_OPTIONS
struct _DEBUGGER_EVENT_REQUEST_BUFFER * PDEBUGGER_EVENT_REQUEST_BUFFER
struct _DEBUGGER_UD_COMMAND_PACKET DEBUGGER_UD_COMMAND_PACKET
The structure of command packet in uHyperDbg.
struct _DEBUGGEE_DETAILS_AND_SWITCH_THREAD_PACKET * PDEBUGGEE_DETAILS_AND_SWITCH_THREAD_PACKET
enum _DEBUGGER_TEST_QUERY_STATE DEBUGGER_TEST_QUERY_STATE
test query used for test purposed
struct _DEBUGGER_PREACTIVATE_COMMAND * PDEBUGGER_PREACTIVATE_COMMAND
_DEBUGGER_PREACTIVATE_COMMAND_TYPE
different types of preactivate requests
Definition RequestStructures.h:216
@ DEBUGGER_PREACTIVATE_COMMAND_TYPE_MODE
Definition RequestStructures.h:217
struct _DEBUGGER_EVENT_ACTION_RUN_SCRIPT_CONFIGURATION * PDEBUGGER_EVENT_ACTION_RUN_SCRIPT_CONFIGURATION
struct _DEBUGGER_DT_COMMAND_OPTIONS DEBUGGER_DT_COMMAND_OPTIONS
requests options for dt and struct command
enum _DEBUGGER_CALLSTACK_DISPLAY_METHOD DEBUGGER_CALLSTACK_DISPLAY_METHOD
callstack showing method
struct _DEBUGGEE_FORMATS_PACKET * PDEBUGGEE_FORMATS_PACKET
struct _DEBUGGER_READ_AND_WRITE_ON_MSR * PDEBUGGER_READ_AND_WRITE_ON_MSR
struct _DEBUGGEE_RESULT_OF_SEARCH_PACKET * PDEBUGGEE_RESULT_OF_SEARCH_PACKET
enum _DEBUGGER_READ_READING_TYPE DEBUGGER_READ_READING_TYPE
different types of reading memory
struct _DEBUGGER_FLUSH_LOGGING_BUFFERS DEBUGGER_FLUSH_LOGGING_BUFFERS
request for flushing buffers
struct _DEBUGGER_UD_COMMAND_PACKET * PDEBUGGER_UD_COMMAND_PACKET
struct _DEBUGGEE_BP_LIST_OR_MODIFY_PACKET DEBUGGEE_BP_LIST_OR_MODIFY_PACKET
The structure of breakpoint modification requests packet in HyperDbg.
_HYPERTRACE_PT_OPERATION_REQUEST_TYPE
Perform actions related to HyperTrace for PT.
Definition RequestStructures.h:1353
@ HYPERTRACE_PT_OPERATION_REQUEST_TYPE_PAUSE
Definition RequestStructures.h:1356
@ HYPERTRACE_PT_OPERATION_REQUEST_TYPE_DUMP
Definition RequestStructures.h:1359
@ HYPERTRACE_PT_OPERATION_REQUEST_TYPE_ENABLE
Definition RequestStructures.h:1354
@ HYPERTRACE_PT_OPERATION_REQUEST_TYPE_FILTER
Definition RequestStructures.h:1361
@ HYPERTRACE_PT_OPERATION_REQUEST_TYPE_RESUME
Definition RequestStructures.h:1357
@ HYPERTRACE_PT_OPERATION_REQUEST_TYPE_SIZE
Definition RequestStructures.h:1358
@ HYPERTRACE_PT_OPERATION_REQUEST_TYPE_FLUSH
Definition RequestStructures.h:1360
@ HYPERTRACE_PT_OPERATION_REQUEST_TYPE_DISABLE
Definition RequestStructures.h:1355
struct _DEBUGGER_READ_MEMORY DEBUGGER_READ_MEMORY
request for reading virtual and physical memory
struct _DEBUGGEE_BP_PACKET * PDEBUGGEE_BP_PACKET
struct _DEBUGGER_SEND_USERMODE_MESSAGES_TO_DEBUGGER DEBUGGER_SEND_USERMODE_MESSAGES_TO_DEBUGGER
request for send a user-mode message to debugger
enum _DEBUGGER_CONDITIONAL_JUMP_STATUS DEBUGGER_CONDITIONAL_JUMP_STATUS
Whether a jump is taken or not taken.
_DEBUGGER_READ_READING_TYPE
different types of reading memory
Definition RequestStructures.h:244
@ READ_FROM_KERNEL
Definition RequestStructures.h:245
@ READ_FROM_VMX_ROOT
Definition RequestStructures.h:246
struct _SMI_OPERATION_PACKETS * PSMI_OPERATION_PACKETS
_DEBUGGER_CALLSTACK_DISPLAY_METHOD
callstack showing method
Definition RequestStructures.h:832
@ DEBUGGER_CALLSTACK_DISPLAY_METHOD_WITHOUT_PARAMS
Definition RequestStructures.h:833
@ DEBUGGER_CALLSTACK_DISPLAY_METHOD_WITH_PARAMS
Definition RequestStructures.h:834
struct _DEBUGGER_PREALLOC_COMMAND * PDEBUGGER_PREALLOC_COMMAND
enum _DEBUGGEE_DETAILS_AND_SWITCH_THREAD_TYPE DEBUGGEE_DETAILS_AND_SWITCH_THREAD_TYPE
Debugger thread switch and thread details.
enum _DEBUGGER_EDIT_MEMORY_TYPE DEBUGGER_EDIT_MEMORY_TYPE
different type of addresses for editing memory
_DEBUGGER_SEARCH_MEMORY_BYTE_SIZE
different sizes on searching memory
Definition RequestStructures.h:534
@ SEARCH_QWORD
Definition RequestStructures.h:537
@ SEARCH_BYTE
Definition RequestStructures.h:535
@ SEARCH_DWORD
Definition RequestStructures.h:536
enum _DEBUGGER_SEARCH_MEMORY_TYPE DEBUGGER_SEARCH_MEMORY_TYPE
different types of address for searching on memory
struct _HYPERTRACE_LBR_OPERATION_PACKETS * PHYPERTRACE_LBR_OPERATION_PACKETS
struct _HYPERTRACE_PT_MMAP_PACKETS HYPERTRACE_PT_MMAP_PACKETS
Result packet for the HyperTrace PT mmap surface.
_DEBUGGER_TEST_QUERY_STATE
test query used for test purposed
Definition RequestStructures.h:336
@ TEST_BREAKPOINT_TURN_OFF_DBS
Definition RequestStructures.h:347
@ TEST_BREAKPOINT_TURN_ON_BPS_AND_EVENTS_FOR_COMMANDS_IN_REMOTE_COMPUTER
Definition RequestStructures.h:343
@ TEST_BREAKPOINT_TURN_OFF_BPS
Definition RequestStructures.h:340
@ TEST_BREAKPOINT_TURN_ON_DBS
Definition RequestStructures.h:348
@ TEST_SETTING_TARGET_TASKS_ON_HALTED_CORES_ASYNCHRONOUS
Definition RequestStructures.h:345
@ TEST_BREAKPOINT_TURN_ON_BPS
Definition RequestStructures.h:341
@ TEST_SETTING_TARGET_TASKS_ON_HALTED_CORES_SYNCHRONOUS
Definition RequestStructures.h:344
@ TEST_QUERY_PREALLOCATED_POOL_STATE
Definition RequestStructures.h:338
@ TEST_QUERY_HALTING_CORE_STATUS
Definition RequestStructures.h:337
@ TEST_QUERY_TRAP_STATE
Definition RequestStructures.h:339
@ TEST_SETTING_TARGET_TASKS_ON_TARGET_HALTED_CORES
Definition RequestStructures.h:346
@ TEST_BREAKPOINT_TURN_OFF_BPS_AND_EVENTS_FOR_COMMANDS_IN_REMOTE_COMPUTER
Definition RequestStructures.h:342
struct _DEBUGGEE_REGISTER_WRITE_DESCRIPTION DEBUGGEE_REGISTER_WRITE_DESCRIPTION
Register Descriptor Structure to write on registers.
#define MAX_NUMBER_OF_IO_APIC_ENTRIES
Maximum number of I/O APIC entries.
Definition RequestStructures.h:1222
struct _DEBUGGER_CALLSTACK_REQUEST DEBUGGER_CALLSTACK_REQUEST
request for callstack frames
_DEBUGGER_APIC_REQUEST_TYPE
Perform actions related to APIC.
Definition RequestStructures.h:1086
@ DEBUGGER_APIC_REQUEST_TYPE_READ_IO_APIC
Definition RequestStructures.h:1088
@ DEBUGGER_APIC_REQUEST_TYPE_READ_LOCAL_APIC
Definition RequestStructures.h:1087
_DEBUGGER_CONDITIONAL_JUMP_STATUS
Whether a jump is taken or not taken.
Definition RequestStructures.h:1567
@ DEBUGGER_CONDITIONAL_JUMP_STATUS_JUMP_IS_NOT_TAKEN
Definition RequestStructures.h:1572
@ DEBUGGER_CONDITIONAL_JUMP_STATUS_ERROR
Definition RequestStructures.h:1569
@ DEBUGGER_CONDITIONAL_JUMP_STATUS_JUMP_IS_TAKEN
Definition RequestStructures.h:1571
@ DEBUGGER_CONDITIONAL_JUMP_STATUS_NOT_CONDITIONAL_JUMP
Definition RequestStructures.h:1570
struct _DEBUGGEE_PCIDEVINFO_REQUEST_RESPONSE_PACKET * PDEBUGGEE_PCIDEVINFO_REQUEST_RESPONSE_PACKET
enum _DEBUGGER_READ_MEMORY_TYPE DEBUGGER_READ_MEMORY_TYPE
different type of addresses
enum _HYPERTRACE_PT_OPERATION_REQUEST_TYPE HYPERTRACE_PT_OPERATION_REQUEST_TYPE
Perform actions related to HyperTrace for PT.
struct _DEBUGGEE_DETAILS_AND_SWITCH_PROCESS_PACKET DEBUGGEE_DETAILS_AND_SWITCH_PROCESS_PACKET
The structure of changing process and show process packet in HyperDbg.
struct _DEBUGGER_PAGE_IN_REQUEST * PDEBUGGER_PAGE_IN_REQUEST
_DEBUGGER_REMOTE_STEPPING_REQUEST
stepping and tracking types
Definition RequestStructures.h:1045
@ DEBUGGER_REMOTE_STEPPING_REQUEST_INSTRUMENTATION_STEP_IN
Definition RequestStructures.h:1047
@ DEBUGGER_REMOTE_STEPPING_REQUEST_INSTRUMENTATION_STEP_IN_FOR_TRACKING
Definition RequestStructures.h:1048
@ DEBUGGER_REMOTE_STEPPING_REQUEST_STEP_IN
Definition RequestStructures.h:1046
@ DEBUGGER_REMOTE_STEPPING_REQUEST_STEP_OVER_FOR_GU
Definition RequestStructures.h:1051
@ DEBUGGER_REMOTE_STEPPING_REQUEST_STEP_OVER
Definition RequestStructures.h:1050
@ DEBUGGER_REMOTE_STEPPING_REQUEST_STEP_OVER_FOR_GU_LAST_INSTRUCTION
Definition RequestStructures.h:1052
struct _IO_APIC_ENTRY_PACKETS IO_APIC_ENTRY_PACKETS
The structure of I/O APIC result packet in HyperDbg.
enum _REVERSING_MACHINE_RECONSTRUCT_MEMORY_TYPE REVERSING_MACHINE_RECONSTRUCT_MEMORY_TYPE
different types of reconstruct requests
struct _DEBUGGER_HIDE_AND_TRANSPARENT_DEBUGGER_MODE * PDEBUGGER_HIDE_AND_TRANSPARENT_DEBUGGER_MODE
enum _DEBUGGEE_BREAKPOINT_MODIFICATION_REQUEST DEBUGGEE_BREAKPOINT_MODIFICATION_REQUEST
breakpoint modification types
struct _IO_APIC_ENTRY_PACKETS * PIO_APIC_ENTRY_PACKETS
struct _DEBUGGER_SEND_COMMAND_EXECUTION_FINISHED_SIGNAL * PDEBUGGER_SEND_COMMAND_EXECUTION_FINISHED_SIGNAL
_DEBUGGEE_DETAILS_AND_SWITCH_THREAD_TYPE
Debugger thread switch and thread details.
Definition RequestStructures.h:1005
@ DEBUGGEE_DETAILS_AND_SWITCH_THREAD_GET_THREAD_LIST
Definition RequestStructures.h:1009
@ DEBUGGEE_DETAILS_AND_SWITCH_THREAD_PERFORM_SWITCH
Definition RequestStructures.h:1007
@ DEBUGGEE_DETAILS_AND_SWITCH_THREAD_GET_THREAD_DETAILS
Definition RequestStructures.h:1008
_DEBUGGER_EDIT_MEMORY_BYTE_SIZE
size of editing memory
Definition RequestStructures.h:491
@ EDIT_QWORD
Definition RequestStructures.h:494
@ EDIT_DWORD
Definition RequestStructures.h:493
@ EDIT_BYTE
Definition RequestStructures.h:492
enum _DEBUGGER_EDIT_MEMORY_BYTE_SIZE DEBUGGER_EDIT_MEMORY_BYTE_SIZE
size of editing memory
struct _SYSTEM_CALL_NUMBERS_INFORMATION * PSYSTEM_CALL_NUMBERS_INFORMATION
enum _DEBUGGER_REMOTE_STEPPING_REQUEST DEBUGGER_REMOTE_STEPPING_REQUEST
stepping and tracking types
struct _DEBUGGEE_FORMATS_PACKET DEBUGGEE_FORMATS_PACKET
check so the INTERRUPT_DESCRIPTOR_TABLE_ENTRIES_PACKETS should be smaller than packet size
_DEBUGGER_SEARCH_MEMORY_TYPE
different types of address for searching on memory
Definition RequestStructures.h:522
@ SEARCH_PHYSICAL_FROM_VIRTUAL_MEMORY
Definition RequestStructures.h:525
@ SEARCH_PHYSICAL_MEMORY
Definition RequestStructures.h:523
@ SEARCH_VIRTUAL_MEMORY
Definition RequestStructures.h:524
struct _DEBUGGEE_SYMBOL_REQUEST_PACKET * PDEBUGGEE_SYMBOL_REQUEST_PACKET
struct _LAPIC_PAGE LAPIC_PAGE
LAPIC structure and offsets.
struct _HYPERTRACE_LBR_DUMP_PACKETS HYPERTRACE_LBR_DUMP_PACKETS
The structure of HyperTrace LBR dump result packet in HyperDbg.
struct _DEBUGGER_SEND_COMMAND_EXECUTION_FINISHED_SIGNAL DEBUGGER_SEND_COMMAND_EXECUTION_FINISHED_SIGNAL
request for send a signal that command execution finished
_DEBUGGER_PREALLOC_COMMAND_TYPE
different types of prealloc requests
Definition RequestStructures.h:182
@ DEBUGGER_PREALLOC_COMMAND_TYPE_MONITOR
Definition RequestStructures.h:184
@ DEBUGGER_PREALLOC_COMMAND_TYPE_EPTHOOK2
Definition RequestStructures.h:186
@ DEBUGGER_PREALLOC_COMMAND_TYPE_BIG_EVENT
Definition RequestStructures.h:188
@ DEBUGGER_PREALLOC_COMMAND_TYPE_REGULAR_EVENT
Definition RequestStructures.h:187
@ DEBUGGER_PREALLOC_COMMAND_TYPE_THREAD_INTERCEPTION
Definition RequestStructures.h:183
@ DEBUGGER_PREALLOC_COMMAND_TYPE_BIG_SAFE_BUFFER
Definition RequestStructures.h:190
@ DEBUGGER_PREALLOC_COMMAND_TYPE_REGULAR_SAFE_BUFFER
Definition RequestStructures.h:189
@ DEBUGGER_PREALLOC_COMMAND_TYPE_EPTHOOK
Definition RequestStructures.h:185
enum _DEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS_ACTION_TYPE DEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS_ACTION_TYPE
different actions of switchings
enum _SMI_OPERATION_REQUEST_TYPE SMI_OPERATION_REQUEST_TYPE
check so the IO_APIC_ENTRY_PACKETS should be smaller than packet size
struct _REVERSING_MACHINE_RECONSTRUCT_MEMORY_REQUEST * PREVERSING_MACHINE_RECONSTRUCT_MEMORY_REQUEST
struct _DEBUGGEE_REGISTER_READ_DESCRIPTION DEBUGGEE_REGISTER_READ_DESCRIPTION
Register Descriptor Structure to use in r command.
struct _HYPERTRACE_LBR_DUMP_PACKETS * PHYPERTRACE_LBR_DUMP_PACKETS
enum _DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_TYPES DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_TYPES
different type of process or thread queries
struct _DEBUGGEE_BP_PACKET DEBUGGEE_BP_PACKET
The structure of bp command packet in HyperDbg.
struct _SMI_OPERATION_PACKETS SMI_OPERATION_PACKETS
The structure of I/O APIC result packet in HyperDbg.
_DEBUGGER_READ_MEMORY_ADDRESS_MODE
different address mode
Definition RequestStructures.h:264
@ DEBUGGER_READ_ADDRESS_MODE_32_BIT
Definition RequestStructures.h:265
@ DEBUGGER_READ_ADDRESS_MODE_64_BIT
Definition RequestStructures.h:266
struct _DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS
request for query count of active processes and threads
struct _DEBUGGER_PREPARE_DEBUGGEE * PDEBUGGER_PREPARE_DEBUGGEE
_DEBUGGER_MSR_ACTION_TYPE
different types of actions on MSRs
Definition RequestStructures.h:449
@ DEBUGGER_MSR_READ
Definition RequestStructures.h:450
@ DEBUGGER_MSR_WRITE
Definition RequestStructures.h:451
_HYPERTRACE_LBR_OPERATION_REQUEST_TYPE
Perform actions related to HyperTrace for LBR.
Definition RequestStructures.h:1285
@ HYPERTRACE_LBR_OPERATION_REQUEST_TYPE_FILTER
Definition RequestStructures.h:1290
@ HYPERTRACE_LBR_OPERATION_REQUEST_TYPE_FLUSH
Definition RequestStructures.h:1288
@ HYPERTRACE_LBR_OPERATION_REQUEST_TYPE_DISABLE
Definition RequestStructures.h:1287
@ HYPERTRACE_LBR_OPERATION_REQUEST_TYPE_ENABLE
Definition RequestStructures.h:1286
struct _DEBUGGEE_PROCESS_LIST_DETAILS_ENTRY DEBUGGEE_PROCESS_LIST_DETAILS_ENTRY
The structure showing list of processes (details of each entry).
struct _DEBUGGER_EDIT_MEMORY * PDEBUGGER_EDIT_MEMORY
struct _DEBUGGER_READ_MEMORY * PDEBUGGER_READ_MEMORY
struct _DEBUGGER_EVENT_REQUEST_CUSTOM_CODE DEBUGGER_EVENT_REQUEST_CUSTOM_CODE
used in the case of custom code requests to the debugger
struct _DEBUGGER_EDIT_MEMORY DEBUGGER_EDIT_MEMORY
request for edit virtual and physical memory
enum _DEBUGGER_MSR_ACTION_TYPE DEBUGGER_MSR_ACTION_TYPE
different types of actions on MSRs
enum _DEBUGGER_SEARCH_MEMORY_BYTE_SIZE DEBUGGER_SEARCH_MEMORY_BYTE_SIZE
different sizes on searching memory
struct _DEBUGGEE_PCITREE_REQUEST_RESPONSE_PACKET DEBUGGEE_PCITREE_REQUEST_RESPONSE_PACKET
Pcitree Request-Response Packet. Represents PCI device tree.
enum _DEBUGGER_APIC_REQUEST_TYPE DEBUGGER_APIC_REQUEST_TYPE
Perform actions related to APIC.
struct _DEBUGGER_EVENT_REQUEST_CUSTOM_CODE * PDEBUGGER_EVENT_REQUEST_CUSTOM_CODE
struct _DEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS DEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS
request for attaching user-mode process
struct _DEBUGGEE_DETAILS_AND_SWITCH_THREAD_PACKET DEBUGGEE_DETAILS_AND_SWITCH_THREAD_PACKET
The structure of changing thead and show thread packet in HyperDbg.
enum _DEBUGGER_READ_MEMORY_ADDRESS_MODE DEBUGGER_READ_MEMORY_ADDRESS_MODE
different address mode
struct _DEBUGGER_INIT_HYPERTRACE_PACKET DEBUGGER_INIT_HYPERTRACE_PACKET
request for initializing HyperTrace
struct _DEBUGGER_UD_COMMAND_ACTION * PDEBUGGER_UD_COMMAND_ACTION
struct _USERMODE_DEBUGGING_THREAD_OR_PROCESS_STATE_DETAILS * PUSERMODE_DEBUGGING_THREAD_OR_PROCESS_STATE_DETAILS
struct _DEBUGGEE_SYMBOL_REQUEST_PACKET DEBUGGEE_SYMBOL_REQUEST_PACKET
The structure of .sym reload packet in HyperDbg.
struct _USERMODE_DEBUGGING_THREAD_OR_PROCESS_STATE_DETAILS USERMODE_DEBUGGING_THREAD_OR_PROCESS_STATE_DETAILS
struct _DEBUGGER_PERFORM_KERNEL_TESTS DEBUGGER_PERFORM_KERNEL_TESTS
request performing kernel tests
enum _DEBUGGEE_DETAILS_AND_SWITCH_PROCESS_TYPE DEBUGGEE_DETAILS_AND_SWITCH_PROCESS_TYPE
Debugger process switch and process details.
_REVERSING_MACHINE_RECONSTRUCT_MEMORY_MODE
different modes of reconstruct requests
Definition RequestStructures.h:120
@ REVERSING_MACHINE_RECONSTRUCT_MEMORY_MODE_KERNEL_MODE
Definition RequestStructures.h:123
@ REVERSING_MACHINE_RECONSTRUCT_MEMORY_MODE_USER_MODE
Definition RequestStructures.h:122
@ REVERSING_MACHINE_RECONSTRUCT_MEMORY_MODE_UNKNOWN
Definition RequestStructures.h:121
struct _DEBUGGEE_THREAD_LIST_DETAILS_ENTRY DEBUGGEE_THREAD_LIST_DETAILS_ENTRY
The structure showing list of threads (details of each entry).
#define MAX_NUMBER_OF_IDT_ENTRIES
Maximum number of IDT entries.
Definition RequestStructures.h:1457
enum _REVERSING_MACHINE_RECONSTRUCT_MEMORY_MODE REVERSING_MACHINE_RECONSTRUCT_MEMORY_MODE
different modes of reconstruct requests
struct _DEBUGGEE_THREAD_LIST_NEEDED_DETAILS DEBUGGEE_THREAD_LIST_NEEDED_DETAILS
The structure of needed information to get the details of the thread from nt!_ETHREAD and location of...
struct _DEBUGGER_SEARCH_MEMORY DEBUGGER_SEARCH_MEMORY
request for searching memory
_DEBUGGEE_BREAKPOINT_MODIFICATION_REQUEST
breakpoint modification types
Definition RequestStructures.h:1539
@ DEBUGGEE_BREAKPOINT_MODIFICATION_REQUEST_DISABLE
Definition RequestStructures.h:1543
@ DEBUGGEE_BREAKPOINT_MODIFICATION_REQUEST_LIST_BREAKPOINTS
Definition RequestStructures.h:1541
@ DEBUGGEE_BREAKPOINT_MODIFICATION_REQUEST_ENABLE
Definition RequestStructures.h:1542
@ DEBUGGEE_BREAKPOINT_MODIFICATION_REQUEST_CLEAR
Definition RequestStructures.h:1544
struct _DEBUGGER_APIC_REQUEST DEBUGGER_APIC_REQUEST
The structure of actions for APIC.
struct _DEBUGGEE_DETAILS_AND_SWITCH_PROCESS_PACKET * PDEBUGGEE_DETAILS_AND_SWITCH_PROCESS_PACKET
_DEBUGGER_UD_COMMAND_ACTION_TYPE
User-mode debugging actions.
Definition RequestStructures.h:919
@ DEBUGGER_UD_COMMAND_ACTION_TYPE_EXECUTE_SCRIPT_BUFFER
Definition RequestStructures.h:924
@ DEBUGGER_UD_COMMAND_ACTION_TYPE_READ_REGISTERS
Definition RequestStructures.h:923
@ DEBUGGER_UD_COMMAND_ACTION_TYPE_PAUSE
Definition RequestStructures.h:921
@ DEBUGGER_UD_COMMAND_ACTION_TYPE_NONE
Definition RequestStructures.h:920
@ DEBUGGER_UD_COMMAND_ACTION_TYPE_REGULAR_STEP
Definition RequestStructures.h:922
struct _DEBUGGEE_SEND_GENERAL_PACKET_FROM_DEBUGGEE_TO_DEBUGGER * PDEBUGGEE_SEND_GENERAL_PACKET_FROM_DEBUGGEE_TO_DEBUGGER
_DEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS_ACTION_TYPE
different actions of switchings
Definition RequestStructures.h:663
@ DEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS_ACTION_DETACH
Definition RequestStructures.h:665
@ DEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS_ACTION_QUERY_COUNT_OF_ACTIVE_DEBUGGING_THREADS
Definition RequestStructures.h:671
@ DEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS_ACTION_CONTINUE_PROCESS
Definition RequestStructures.h:668
@ DEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS_ACTION_KILL_PROCESS
Definition RequestStructures.h:667
@ DEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS_ACTION_SWITCH_BY_PROCESS_OR_THREAD
Definition RequestStructures.h:670
@ DEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS_ACTION_PAUSE_PROCESS
Definition RequestStructures.h:669
@ DEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS_ACTION_ATTACH
Definition RequestStructures.h:664
@ DEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS_ACTION_REMOVE_HOOKS
Definition RequestStructures.h:666
struct _DEBUGGER_DEBUGGER_TEST_QUERY_BUFFER DEBUGGER_DEBUGGER_TEST_QUERY_BUFFER
request for test query buffers
struct _DEBUGGER_FLUSH_LOGGING_BUFFERS * PDEBUGGER_FLUSH_LOGGING_BUFFERS
struct _DEBUGGEE_STEP_PACKET * PDEBUGGEE_STEP_PACKET
struct _DEBUGGEE_BP_LIST_OR_MODIFY_PACKET * PDEBUGGEE_BP_LIST_OR_MODIFY_PACKET
_DEBUGGEE_DETAILS_AND_SWITCH_PROCESS_TYPE
Debugger process switch and process details.
Definition RequestStructures.h:966
@ DEBUGGEE_DETAILS_AND_SWITCH_PROCESS_GET_PROCESS_DETAILS
Definition RequestStructures.h:968
@ DEBUGGEE_DETAILS_AND_SWITCH_PROCESS_GET_PROCESS_LIST
Definition RequestStructures.h:969
@ DEBUGGEE_DETAILS_AND_SWITCH_PROCESS_PERFORM_SWITCH
Definition RequestStructures.h:970
struct _DEBUGGER_SINGLE_CALLSTACK_FRAME DEBUGGER_SINGLE_CALLSTACK_FRAME
The structure for saving the callstack frame of one parameter.
struct _DEBUGGEE_SEND_GENERAL_PACKET_FROM_DEBUGGEE_TO_DEBUGGER DEBUGGEE_SEND_GENERAL_PACKET_FROM_DEBUGGEE_TO_DEBUGGER
request for send general packets from debuggee to debugger
struct _DEBUGGER_VA2PA_AND_PA2VA_COMMANDS DEBUGGER_VA2PA_AND_PA2VA_COMMANDS
requests for !va2pa and !pa2va commands
struct _DEBUGGEE_THREAD_LIST_DETAILS_ENTRY * PDEBUGGEE_THREAD_LIST_DETAILS_ENTRY
struct _DEBUGGER_VA2PA_AND_PA2VA_COMMANDS * PDEBUGGER_VA2PA_AND_PA2VA_COMMANDS
struct _DEBUGGER_UD_COMMAND_ACTION DEBUGGER_UD_COMMAND_ACTION
Description of user-mode debugging actions.
struct _INTERRUPT_DESCRIPTOR_TABLE_ENTRIES_PACKETS * PINTERRUPT_DESCRIPTOR_TABLE_ENTRIES_PACKETS
_DEBUGGER_SHOW_MEMORY_STYLE
the way that debugger should show the details of memory or disassemble them
Definition RequestStructures.h:276
@ DEBUGGER_SHOW_COMMAND_DT
Definition RequestStructures.h:277
@ DEBUGGER_SHOW_COMMAND_DC
Definition RequestStructures.h:281
@ DEBUGGER_SHOW_COMMAND_DISASSEMBLE32
Definition RequestStructures.h:279
@ DEBUGGER_SHOW_COMMAND_DD
Definition RequestStructures.h:283
@ DEBUGGER_SHOW_COMMAND_DQ
Definition RequestStructures.h:282
@ DEBUGGER_SHOW_COMMAND_DB
Definition RequestStructures.h:280
@ DEBUGGER_SHOW_COMMAND_DUMP
Definition RequestStructures.h:284
@ DEBUGGER_SHOW_COMMAND_DISASSEMBLE64
Definition RequestStructures.h:278
struct _DEBUGGER_READ_PAGE_TABLE_ENTRIES_DETAILS DEBUGGER_READ_PAGE_TABLE_ENTRIES_DETAILS
request for !pte command
struct _DEBUGGER_INIT_VMM_PACKET DEBUGGER_INIT_VMM_PACKET
request for initializing VMM
enum _DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_ACTIONS DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_ACTIONS
different actions on showing or querying list of process or threads
struct _DEBUGGEE_CHANGE_CORE_PACKET DEBUGGEE_CHANGE_CORE_PACKET
The structure of changing core packet in HyperDbg.
struct _DEBUGGER_INIT_HYPERTRACE_PACKET * PDEBUGGER_INIT_HYPERTRACE_PACKET
struct _DEBUGGER_HIDE_AND_TRANSPARENT_DEBUGGER_MODE DEBUGGER_HIDE_AND_TRANSPARENT_DEBUGGER_MODE
request for enable or disable transparent-mode
_DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_ACTIONS
different actions on showing or querying list of process or threads
Definition RequestStructures.h:723
@ DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_ACTION_QUERY_SAVE_DETAILS
Definition RequestStructures.h:726
@ DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_ACTION_SHOW_INSTANTLY
Definition RequestStructures.h:724
@ DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_ACTION_QUERY_COUNT
Definition RequestStructures.h:725
struct _HYPERTRACE_PT_MMAP_PACKETS * PHYPERTRACE_PT_MMAP_PACKETS
_DEBUGGER_READ_MEMORY_TYPE
different type of addresses
Definition RequestStructures.h:254
@ DEBUGGER_READ_PHYSICAL_ADDRESS
Definition RequestStructures.h:255
@ DEBUGGER_READ_VIRTUAL_ADDRESS
Definition RequestStructures.h:256
struct _DEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS * PDEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS
struct _DEBUGGER_DEBUGGER_TEST_QUERY_BUFFER * PDEBUGGER_DEBUGGER_TEST_QUERY_BUFFER
PCIe-related data structures.
enum _HYPERTRACE_LBR_OPERATION_REQUEST_TYPE HYPERTRACE_LBR_OPERATION_REQUEST_TYPE
Perform actions related to HyperTrace for LBR.
enum _DEBUGGER_UD_COMMAND_ACTION_TYPE DEBUGGER_UD_COMMAND_ACTION_TYPE
User-mode debugging actions.
struct _DEBUGGEE_PROCESS_LIST_NEEDED_DETAILS DEBUGGEE_PROCESS_LIST_NEEDED_DETAILS
The structure of needed information to get the details of the process from nt!_EPROCESS and location ...
enum _DEBUGGER_TEST_QUERY_STATE DEBUGGER_TEST_QUERY_STATE
test query used for test purposed
enum _DEBUGGER_CALLSTACK_DISPLAY_METHOD DEBUGGER_CALLSTACK_DISPLAY_METHOD
callstack showing method
enum _DEBUGGER_READ_READING_TYPE DEBUGGER_READ_READING_TYPE
different types of reading memory
enum _DEBUGGEE_DETAILS_AND_SWITCH_THREAD_TYPE DEBUGGEE_DETAILS_AND_SWITCH_THREAD_TYPE
Debugger thread switch and thread details.
enum _DEBUGGER_EDIT_MEMORY_TYPE DEBUGGER_EDIT_MEMORY_TYPE
different type of addresses for editing memory
enum _DEBUGGER_SEARCH_MEMORY_TYPE DEBUGGER_SEARCH_MEMORY_TYPE
different types of address for searching on memory
enum _DEBUGGER_READ_MEMORY_TYPE DEBUGGER_READ_MEMORY_TYPE
different type of addresses
enum _HYPERTRACE_PT_OPERATION_REQUEST_TYPE HYPERTRACE_PT_OPERATION_REQUEST_TYPE
Perform actions related to HyperTrace for PT.
enum _DEBUGGEE_BREAKPOINT_MODIFICATION_REQUEST DEBUGGEE_BREAKPOINT_MODIFICATION_REQUEST
breakpoint modification types
enum _DEBUGGER_EDIT_MEMORY_BYTE_SIZE DEBUGGER_EDIT_MEMORY_BYTE_SIZE
size of editing memory
enum _DEBUGGER_REMOTE_STEPPING_REQUEST DEBUGGER_REMOTE_STEPPING_REQUEST
stepping and tracking types
enum _DEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS_ACTION_TYPE DEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS_ACTION_TYPE
different actions of switchings
enum _SMI_OPERATION_REQUEST_TYPE SMI_OPERATION_REQUEST_TYPE
check so the IO_APIC_ENTRY_PACKETS should be smaller than packet size
enum _DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_TYPES DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_TYPES
different type of process or thread queries
enum _DEBUGGER_MSR_ACTION_TYPE DEBUGGER_MSR_ACTION_TYPE
different types of actions on MSRs
enum _DEBUGGER_SEARCH_MEMORY_BYTE_SIZE DEBUGGER_SEARCH_MEMORY_BYTE_SIZE
different sizes on searching memory
enum _DEBUGGER_APIC_REQUEST_TYPE DEBUGGER_APIC_REQUEST_TYPE
Perform actions related to APIC.
enum _DEBUGGER_READ_MEMORY_ADDRESS_MODE DEBUGGER_READ_MEMORY_ADDRESS_MODE
different address mode
enum _DEBUGGEE_DETAILS_AND_SWITCH_PROCESS_TYPE DEBUGGEE_DETAILS_AND_SWITCH_PROCESS_TYPE
Debugger process switch and process details.
struct _DEBUGGEE_THREAD_LIST_NEEDED_DETAILS DEBUGGEE_THREAD_LIST_NEEDED_DETAILS
The structure of needed information to get the details of the thread from nt!_ETHREAD and location of...
struct _DEBUGGER_UD_COMMAND_ACTION DEBUGGER_UD_COMMAND_ACTION
Description of user-mode debugging actions.
enum _DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_ACTIONS DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_ACTIONS
different actions on showing or querying list of process or threads
RequestedActionOfThePacket Value(0x1) 00000000
The structure of breakpoint modification requests packet in HyperDbg.
Definition RequestStructures.h:1553
UINT64 BreakpointId
Definition RequestStructures.h:1554
UINT32 Result
Definition RequestStructures.h:1556
DEBUGGEE_BREAKPOINT_MODIFICATION_REQUEST Request
Definition RequestStructures.h:1555
The structure of bp command packet in HyperDbg.
Definition RequestStructures.h:1516
UINT32 Tid
Definition RequestStructures.h:1519
UINT32 Result
Definition RequestStructures.h:1523
BOOLEAN RemoveAfterHit
Definition RequestStructures.h:1521
UINT32 Core
Definition RequestStructures.h:1520
BOOLEAN CheckForCallbacks
Definition RequestStructures.h:1522
UINT64 Address
Definition RequestStructures.h:1517
UINT32 Pid
Definition RequestStructures.h:1518
The structure of changing core packet in HyperDbg.
Definition RequestStructures.h:647
UINT32 Result
Definition RequestStructures.h:649
UINT32 NewCore
Definition RequestStructures.h:648
The structure of changing process and show process packet in HyperDbg.
Definition RequestStructures.h:980
DEBUGGEE_PROCESS_LIST_NEEDED_DETAILS ProcessListSymDetails
Definition RequestStructures.h:986
UINT32 ProcessId
Definition RequestStructures.h:982
UINT64 Process
Definition RequestStructures.h:983
DEBUGGEE_DETAILS_AND_SWITCH_PROCESS_TYPE ActionType
Definition RequestStructures.h:981
UINT32 Result
Definition RequestStructures.h:987
BOOLEAN IsSwitchByClkIntr
Definition RequestStructures.h:984
UCHAR ProcessName[16]
Definition RequestStructures.h:985
The structure of changing thead and show thread packet in HyperDbg.
Definition RequestStructures.h:1018
UCHAR ProcessName[16]
Definition RequestStructures.h:1025
DEBUGGEE_DETAILS_AND_SWITCH_THREAD_TYPE ActionType
Definition RequestStructures.h:1019
UINT64 Thread
Definition RequestStructures.h:1022
DEBUGGEE_THREAD_LIST_NEEDED_DETAILS ThreadListSymDetails
Definition RequestStructures.h:1026
UINT64 Process
Definition RequestStructures.h:1023
UINT32 ProcessId
Definition RequestStructures.h:1021
UINT32 ThreadId
Definition RequestStructures.h:1020
BOOLEAN CheckByClockInterrupt
Definition RequestStructures.h:1024
UINT32 Result
Definition RequestStructures.h:1027
check so the INTERRUPT_DESCRIPTOR_TABLE_ENTRIES_PACKETS should be smaller than packet size
Definition RequestStructures.h:1491
UINT32 Result
Definition RequestStructures.h:1493
PCI device info Request-Response Packet, used by !pcicam and future PCI-related commands....
Definition RequestStructures.h:1671
PCI_DEV DeviceInfo
Definition RequestStructures.h:1674
UINT32 KernelStatus
Definition RequestStructures.h:1672
BOOL PrintRaw
Definition RequestStructures.h:1673
Pcitree Request-Response Packet. Represents PCI device tree.
Definition RequestStructures.h:1647
UINT8 DeviceInfoListNum
Definition RequestStructures.h:1649
UINT32 KernelStatus
Definition RequestStructures.h:1648
PCI_DEV_MINIMAL DeviceInfoList[DEV_MAX_NUM]
Definition RequestStructures.h:1650
The structure showing list of processes (details of each entry).
Definition RequestStructures.h:766
UCHAR ImageFileName[15+1]
Definition RequestStructures.h:770
UINT64 Cr3
Definition RequestStructures.h:769
UINT32 ProcessId
Definition RequestStructures.h:768
UINT64 Eprocess
Definition RequestStructures.h:767
The structure of needed information to get the details of the process from nt!_EPROCESS and location ...
Definition RequestStructures.h:736
ULONG UniquePidOffset
Definition RequestStructures.h:739
ULONG ImageFileNameOffset
Definition RequestStructures.h:738
ULONG ActiveProcessLinksOffset
Definition RequestStructures.h:740
UINT64 PsActiveProcessHead
Definition RequestStructures.h:737
Register Descriptor Structure to use in r command.
Definition RequestStructures.h:1616
UINT32 RegisterId
Definition RequestStructures.h:1617
UINT32 KernelStatus
Definition RequestStructures.h:1619
UINT64 Value
Definition RequestStructures.h:1618
Register Descriptor Structure to write on registers.
Definition RequestStructures.h:1630
UINT64 Value
Definition RequestStructures.h:1632
UINT32 RegisterId
Definition RequestStructures.h:1631
UINT32 KernelStatus
Definition RequestStructures.h:1633
The structure of result of search packet in HyperDbg.
Definition RequestStructures.h:1603
UINT32 CountOfResults
Definition RequestStructures.h:1604
UINT32 Result
Definition RequestStructures.h:1605
The structure of script packet in HyperDbg.
Definition RequestStructures.h:1583
BOOLEAN IsFormat
Definition RequestStructures.h:1586
UINT32 ScriptBufferPointer
Definition RequestStructures.h:1585
UINT32 ScriptBufferSize
Definition RequestStructures.h:1584
UINT64 FormatValue
Definition RequestStructures.h:1587
UINT32 Result
Definition RequestStructures.h:1588
request for send general packets from debuggee to debugger
Definition RequestStructures.h:405
BOOLEAN PauseDebuggeeWhenSent
Definition RequestStructures.h:408
DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION RequestedAction
Definition RequestStructures.h:406
UINT32 LengthOfBuffer
Definition RequestStructures.h:407
UINT32 KernelResult
Definition RequestStructures.h:409
The structure of stepping packet in HyperDbg.
Definition RequestStructures.h:1061
BOOLEAN IsCurrentInstructionACall
Definition RequestStructures.h:1068
UINT32 CallLength
Definition RequestStructures.h:1069
DEBUGGER_REMOTE_STEPPING_REQUEST StepType
Definition RequestStructures.h:1062
The structure of .sym reload packet in HyperDbg.
Definition RequestStructures.h:1504
UINT32 ProcessId
Definition RequestStructures.h:1505
The structure showing list of threads (details of each entry).
Definition RequestStructures.h:780
UINT64 Ethread
Definition RequestStructures.h:782
UCHAR ImageFileName[15+1]
Definition RequestStructures.h:785
UINT32 ThreadId
Definition RequestStructures.h:784
UINT64 Eprocess
Definition RequestStructures.h:781
UINT32 ProcessId
Definition RequestStructures.h:783
The structure of needed information to get the details of the thread from nt!_ETHREAD and location of...
Definition RequestStructures.h:750
UINT32 ThreadListHeadOffset
Definition RequestStructures.h:751
UINT32 CidOffset
Definition RequestStructures.h:753
UINT32 ThreadListEntryOffset
Definition RequestStructures.h:752
UINT64 PsActiveProcessHead
Definition RequestStructures.h:754
UINT64 Process
Definition RequestStructures.h:756
ULONG ActiveProcessLinksOffset
Definition RequestStructures.h:755
The structure of actions for APIC.
Definition RequestStructures.h:1097
UINT32 KernelStatus
Definition RequestStructures.h:1100
BOOLEAN IsUsingX2APIC
Definition RequestStructures.h:1099
DEBUGGER_APIC_REQUEST_TYPE ApicType
Definition RequestStructures.h:1098
request for attaching user-mode process
Definition RequestStructures.h:680
BOOLEAN CheckCallbackAtFirstInstruction
Definition RequestStructures.h:684
DEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS_ACTION_TYPE Action
Definition RequestStructures.h:690
BOOLEAN IsStartingNewProcess
Definition RequestStructures.h:681
UINT32 ProcessId
Definition RequestStructures.h:682
UINT32 SizeOfInstruction
Definition RequestStructures.h:688
UINT64 Result
Definition RequestStructures.h:693
UINT64 Token
Definition RequestStructures.h:692
BYTE InstructionBytesOnRip[MAXIMUM_INSTR_SIZE]
Definition RequestStructures.h:687
BOOLEAN IsPaused
Definition RequestStructures.h:689
UINT32 ThreadId
Definition RequestStructures.h:683
BOOLEAN Is32Bit
Definition RequestStructures.h:685
UINT64 Rip
Definition RequestStructures.h:686
UINT32 CountOfActiveDebuggingThreadsAndProcesses
Definition RequestStructures.h:691
request for callstack frames
Definition RequestStructures.h:843
UINT32 Size
Definition RequestStructures.h:847
UINT32 KernelStatus
Definition RequestStructures.h:845
UINT32 FrameCount
Definition RequestStructures.h:848
UINT64 BufferSize
Definition RequestStructures.h:850
BOOLEAN Is32Bit
Definition RequestStructures.h:844
DEBUGGER_CALLSTACK_DISPLAY_METHOD DisplayMethod
Definition RequestStructures.h:846
UINT64 BaseAddress
Definition RequestStructures.h:849
request for test query buffers
Definition RequestStructures.h:357
UINT64 Context
Definition RequestStructures.h:359
UINT32 KernelStatus
Definition RequestStructures.h:360
DEBUGGER_TEST_QUERY_STATE RequestType
Definition RequestStructures.h:358
requests options for dt and struct command
Definition RequestStructures.h:164
UINT64 Address
Definition RequestStructures.h:167
PVOID BufferAddress
Definition RequestStructures.h:169
const CHAR * TypeName
Definition RequestStructures.h:165
BOOLEAN IsStruct
Definition RequestStructures.h:168
UINT32 TargetPid
Definition RequestStructures.h:170
UINT64 SizeOfTypeName
Definition RequestStructures.h:166
const CHAR * AdditionalParameters
Definition RequestStructures.h:171
request for edit virtual and physical memory
Definition RequestStructures.h:502
UINT32 Result
Definition RequestStructures.h:503
UINT64 Address
Definition RequestStructures.h:504
DEBUGGER_EDIT_MEMORY_TYPE MemoryType
Definition RequestStructures.h:506
UINT32 CountOf64Chunks
Definition RequestStructures.h:508
UINT32 ProcessId
Definition RequestStructures.h:505
UINT32 FinalStructureSize
Definition RequestStructures.h:509
DEBUGGER_EDIT_MEMORY_BYTE_SIZE ByteSize
Definition RequestStructures.h:507
Used for run the script.
Definition RequestStructures.h:879
UINT32 ScriptPointer
Definition RequestStructures.h:882
UINT32 ScriptLength
Definition RequestStructures.h:881
UINT64 ScriptBuffer
Definition RequestStructures.h:880
UINT32 OptionalRequestedBufferSize
Definition RequestStructures.h:883
used in the case of requesting a "request buffer"
Definition RequestStructures.h:893
UINT32 RequestBufferSize
Definition RequestStructures.h:895
BOOLEAN EnabledRequestBuffer
Definition RequestStructures.h:894
UINT64 RequstBufferAddress
Definition RequestStructures.h:896
used in the case of custom code requests to the debugger
Definition RequestStructures.h:905
UINT32 CustomCodeBufferSize
Definition RequestStructures.h:906
UINT32 OptionalRequestedBufferSize
Definition RequestStructures.h:908
PVOID CustomCodeBufferAddress
Definition RequestStructures.h:907
request for flushing buffers
Definition RequestStructures.h:319
UINT32 CountOfMessagesThatSetAsReadFromVmxRoot
Definition RequestStructures.h:321
UINT32 CountOfMessagesThatSetAsReadFromVmxNonRoot
Definition RequestStructures.h:322
UINT32 KernelStatus
Definition RequestStructures.h:320
request for enable or disable transparent-mode
Definition RequestStructures.h:596
SYSTEM_CALL_NUMBERS_INFORMATION SystemCallNumbersInformation
Definition RequestStructures.h:611
UINT32 KernelStatus
Definition RequestStructures.h:613
BOOLEAN IsHide
Definition RequestStructures.h:597
UINT32 EvadeMask
Definition RequestStructures.h:617
UINT32 LengthOfProcessName
Definition RequestStructures.h:609
BOOLEAN TrueIfProcessIdAndFalseIfProcessName
Definition RequestStructures.h:607
UINT32 ProcId
Definition RequestStructures.h:608
request for initializing HyperTrace
Definition RequestStructures.h:39
UINT32 KernelStatus
Definition RequestStructures.h:40
request for initializing VMM
Definition RequestStructures.h:24
UINT32 KernelStatus
Definition RequestStructures.h:25
requests for the '.pagein' command
Definition RequestStructures.h:104
UINT64 VirtualAddressFrom
Definition RequestStructures.h:105
UINT32 KernelStatus
Definition RequestStructures.h:109
UINT32 PageFaultErrorCode
Definition RequestStructures.h:108
UINT32 ProcessId
Definition RequestStructures.h:107
UINT64 VirtualAddressTo
Definition RequestStructures.h:106
request performing kernel tests
Definition RequestStructures.h:374
UINT32 KernelStatus
Definition RequestStructures.h:375
requests for the 'preactivate' command
Definition RequestStructures.h:229
UINT32 KernelStatus
Definition RequestStructures.h:231
DEBUGGER_PREACTIVATE_COMMAND_TYPE Type
Definition RequestStructures.h:230
requests for the 'prealloc' command
Definition RequestStructures.h:202
DEBUGGER_PREALLOC_COMMAND_TYPE Type
Definition RequestStructures.h:203
UINT32 KernelStatus
Definition RequestStructures.h:205
UINT32 Count
Definition RequestStructures.h:204
request to make this computer to a debuggee
Definition RequestStructures.h:631
UINT64 KernelBaseAddress
Definition RequestStructures.h:634
UINT32 Result
Definition RequestStructures.h:635
UINT32 Baudrate
Definition RequestStructures.h:633
UINT32 PortAddress
Definition RequestStructures.h:632
CHAR OsName[MAXIMUM_CHARACTER_FOR_OS_NAME]
Definition RequestStructures.h:636
request for query count of active processes and threads
Definition RequestStructures.h:794
UINT32 Count
Definition RequestStructures.h:799
DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_TYPES QueryType
Definition RequestStructures.h:797
DEBUGGEE_THREAD_LIST_NEEDED_DETAILS ThreadListNeededDetails
Definition RequestStructures.h:796
UINT64 Result
Definition RequestStructures.h:800
DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_ACTIONS QueryAction
Definition RequestStructures.h:798
DEBUGGEE_PROCESS_LIST_NEEDED_DETAILS ProcessListNeededDetails
Definition RequestStructures.h:795
request to read or write on MSRs
Definition RequestStructures.h:459
UINT32 CoreNumber
Definition RequestStructures.h:461
DEBUGGER_MSR_ACTION_TYPE ActionType
Definition RequestStructures.h:464
UINT64 Msr
Definition RequestStructures.h:460
UINT64 Value
Definition RequestStructures.h:465
request for reading virtual and physical memory
Definition RequestStructures.h:292
UINT32 KernelStatus
Definition RequestStructures.h:301
UINT32 Size
Definition RequestStructures.h:295
UINT32 Pid
Definition RequestStructures.h:293
DEBUGGER_READ_MEMORY_ADDRESS_MODE AddressMode
Definition RequestStructures.h:297
UINT32 ReturnLength
Definition RequestStructures.h:300
BOOLEAN GetAddressMode
Definition RequestStructures.h:296
DEBUGGER_READ_READING_TYPE ReadingType
Definition RequestStructures.h:299
DEBUGGER_READ_MEMORY_TYPE MemoryType
Definition RequestStructures.h:298
UINT64 Address
Definition RequestStructures.h:294
request for !pte command
Definition RequestStructures.h:54
UINT64 PdeValue
Definition RequestStructures.h:65
UINT64 PdpteValue
Definition RequestStructures.h:62
UINT64 PdpteVirtualAddress
Definition RequestStructures.h:61
UINT64 VirtualAddress
Definition RequestStructures.h:55
UINT64 PteVirtualAddress
Definition RequestStructures.h:67
UINT64 Pml4eValue
Definition RequestStructures.h:59
UINT64 Pml4eVirtualAddress
Definition RequestStructures.h:58
UINT32 ProcessId
Definition RequestStructures.h:56
UINT32 KernelStatus
Definition RequestStructures.h:70
UINT64 PteValue
Definition RequestStructures.h:68
UINT64 PdeVirtualAddress
Definition RequestStructures.h:64
request for searching memory
Definition RequestStructures.h:546
UINT64 Length
Definition RequestStructures.h:548
UINT32 ProcessId
Definition RequestStructures.h:549
UINT32 CountOf64Chunks
Definition RequestStructures.h:552
UINT32 FinalStructureSize
Definition RequestStructures.h:553
UINT64 Address
Definition RequestStructures.h:547
DEBUGGER_SEARCH_MEMORY_BYTE_SIZE ByteSize
Definition RequestStructures.h:551
DEBUGGER_SEARCH_MEMORY_TYPE MemoryType
Definition RequestStructures.h:550
request for send a signal that command execution finished
Definition RequestStructures.h:389
UINT32 KernelStatus
Definition RequestStructures.h:390
request for send a user-mode message to debugger
Definition RequestStructures.h:428
UINT32 KernelStatus
Definition RequestStructures.h:429
UINT32 Length
Definition RequestStructures.h:430
The structure for saving the callstack frame of one parameter.
Definition RequestStructures.h:815
BOOLEAN IsExecutable
Definition RequestStructures.h:818
BOOLEAN IsStackAddressValid
Definition RequestStructures.h:816
BYTE InstructionBytesOnRip[MAXIMUM_CALL_INSTR_SIZE]
Definition RequestStructures.h:820
BOOLEAN IsValidAddress
Definition RequestStructures.h:817
Description of user-mode debugging actions.
Definition RequestStructures.h:933
DEBUGGER_UD_COMMAND_ACTION_TYPE ActionType
Definition RequestStructures.h:934
UINT64 OptionalParam1
Definition RequestStructures.h:935
UINT64 OptionalParam3
Definition RequestStructures.h:937
UINT64 OptionalParam4
Definition RequestStructures.h:938
UINT64 OptionalParam2
Definition RequestStructures.h:936
The structure of command packet in uHyperDbg.
Definition RequestStructures.h:947
DEBUGGER_UD_COMMAND_ACTION UdAction
Definition RequestStructures.h:948
UINT32 TargetThreadId
Definition RequestStructures.h:950
UINT32 Result
Definition RequestStructures.h:953
BOOLEAN ApplyToAllPausedThreads
Definition RequestStructures.h:951
BOOLEAN WaitForEventCompletion
Definition RequestStructures.h:952
UINT64 ProcessDebuggingDetailToken
Definition RequestStructures.h:949
requests for !va2pa and !pa2va commands
Definition RequestStructures.h:85
BOOLEAN IsVirtual2Physical
Definition RequestStructures.h:89
UINT32 KernelStatus
Definition RequestStructures.h:90
UINT64 PhysicalAddress
Definition RequestStructures.h:87
UINT32 ProcessId
Definition RequestStructures.h:88
UINT64 VirtualAddress
Definition RequestStructures.h:86
The structure of HyperTrace LBR dump result packet in HyperDbg.
Definition RequestStructures.h:1323
BOOLEAN NextCoreIsValid
Definition RequestStructures.h:1325
UINT8 CurrentLbrCapacity
Definition RequestStructures.h:1328
UINT32 KernelStatus
Definition RequestStructures.h:1329
LBR_STACK_ENTRY LbrStack
Definition RequestStructures.h:1327
BOOLEAN ArchBasedLBR
Definition RequestStructures.h:1326
UINT32 CoreId
Definition RequestStructures.h:1324
The structure of HyperTrace LBR result packet in HyperDbg.
Definition RequestStructures.h:1302
UINT32 LbrFilterOptions
Definition RequestStructures.h:1304
HYPERTRACE_LBR_OPERATION_REQUEST_TYPE LbrOperationType
Definition RequestStructures.h:1303
UINT32 KernelStatus
Definition RequestStructures.h:1305
Result packet for the HyperTrace PT mmap surface.
Definition RequestStructures.h:1437
UINT32 KernelStatus
Definition RequestStructures.h:1438
PT_USER_BUFFER_DESC Cpus[PT_MAX_CPUS_FOR_MMAP]
Definition RequestStructures.h:1440
UINT32 NumCpus
Definition RequestStructures.h:1439
The structure of HyperTrace PT result packet in HyperDbg.
Definition RequestStructures.h:1382
UINT32 NumCpus
Definition RequestStructures.h:1402
UINT32 TraceUser
Definition RequestStructures.h:1389
HYPERTRACE_PT_OPERATION_REQUEST_TYPE PtOperationType
Definition RequestStructures.h:1383
UINT32 Reserved2
Definition RequestStructures.h:1403
UINT32 TraceKernel
Definition RequestStructures.h:1390
UINT64 BytesPerCpu[PT_MAX_CPUS_FOR_MMAP]
Definition RequestStructures.h:1404
UINT32 NumAddrRanges
Definition RequestStructures.h:1393
UINT32 KernelStatus
Definition RequestStructures.h:1384
UINT32 TargetProcessId
Definition RequestStructures.h:1394
PT_ADDR_RANGE AddrRanges[PT_MAX_ADDR_RANGES]
Definition RequestStructures.h:1397
UINT64 TargetCr3
Definition RequestStructures.h:1391
UINT64 BufferSize
Definition RequestStructures.h:1392
The structure of IDT entries result packet in HyperDbg.
Definition RequestStructures.h:1464
UINT32 KernelStatus
Definition RequestStructures.h:1465
UINT64 IdtEntry[MAX_NUMBER_OF_IDT_ENTRIES]
Definition RequestStructures.h:1466
The structure of I/O APIC result packet in HyperDbg.
Definition RequestStructures.h:1229
UINT32 IoIdReg
Definition RequestStructures.h:1232
UINT64 ApicBaseVa
Definition RequestStructures.h:1231
UINT32 IoArbIdReg
Definition RequestStructures.h:1234
UINT64 LlLhData[MAX_NUMBER_OF_IO_APIC_ENTRIES]
Definition RequestStructures.h:1235
UINT32 IoLl
Definition RequestStructures.h:1233
UINT64 ApicBasePa
Definition RequestStructures.h:1230
LAPIC structure and offsets.
Definition RequestStructures.h:1124
UINT8 Reserved034[0x0C]
Definition RequestStructures.h:1132
UINT8 Reserved094[0x0C]
Definition RequestStructures.h:1140
UINT32 LvtLINT1
Definition RequestStructures.h:1192
UINT8 Reserved284[0x0C]
Definition RequestStructures.h:1167
UINT32 LvtError
Definition RequestStructures.h:1195
UINT32 TMR[32]
Definition RequestStructures.h:1162
UINT32 Version
Definition RequestStructures.h:1131
UINT8 Reserved0F4[0x0C]
Definition RequestStructures.h:1158
UINT32 LvtCmci
Definition RequestStructures.h:1171
UINT8 Reserved3A0[0x40]
Definition RequestStructures.h:1204
UINT8 Reserved290[0x60]
Definition RequestStructures.h:1169
UINT32 LvtThermalSensor
Definition RequestStructures.h:1183
UINT8 Reserved000[0x10]
Definition RequestStructures.h:1125
UINT32 InitialCount
Definition RequestStructures.h:1198
UINT32 CurrentCount
Definition RequestStructures.h:1201
UINT8 Reserved344[0x0C]
Definition RequestStructures.h:1187
UINT8 Reserved304[0x0C]
Definition RequestStructures.h:1175
UINT8 Reserved364[0x0C]
Definition RequestStructures.h:1193
UINT32 ArbitrationPriority
Definition RequestStructures.h:1139
UINT8 Reserved354[0x0C]
Definition RequestStructures.h:1190
UINT32 ISR[32]
Definition RequestStructures.h:1160
UINT8 Reserved314[0x0C]
Definition RequestStructures.h:1178
UINT32 DivideConfiguration
Definition RequestStructures.h:1206
UINT32 TPR
Definition RequestStructures.h:1136
UINT32 RemoteRead
Definition RequestStructures.h:1148
UINT8 Reserved0C4[0x0C]
Definition RequestStructures.h:1149
UINT8 Reserved010[0x10]
Definition RequestStructures.h:1126
UINT8 Reserved0B4[0x0C]
Definition RequestStructures.h:1146
UINT32 ErrorStatus
Definition RequestStructures.h:1166
UINT8 Reserved2F4[0x0C]
Definition RequestStructures.h:1172
UINT32 EOI
Definition RequestStructures.h:1145
UINT32 LvtTimer
Definition RequestStructures.h:1180
UINT32 LogicalDestination
Definition RequestStructures.h:1151
UINT8 Reserved3E4[0x0C]
Definition RequestStructures.h:1207
UINT8 Reserved040[0x40]
Definition RequestStructures.h:1134
UINT8 Reserved374[0x0C]
Definition RequestStructures.h:1196
UINT32 IcrLow
Definition RequestStructures.h:1174
UINT32 IcrHigh
Definition RequestStructures.h:1177
UINT32 IRR[32]
Definition RequestStructures.h:1164
UINT32 LvtLINT0
Definition RequestStructures.h:1189
UINT8 Reserved0A4[0x0C]
Definition RequestStructures.h:1143
UINT8 Reserved0E4[0x0C]
Definition RequestStructures.h:1155
UINT32 Id
Definition RequestStructures.h:1128
UINT8 Reserved0D4[0x0C]
Definition RequestStructures.h:1152
UINT32 DestinationFormat
Definition RequestStructures.h:1154
UINT32 ProcessorPriority
Definition RequestStructures.h:1142
UINT32 LvtPerfMonCounters
Definition RequestStructures.h:1186
UINT8 Reserved324[0x0C]
Definition RequestStructures.h:1181
UINT32 SelfIpi
Definition RequestStructures.h:1209
UINT8 Reserved084[0x0C]
Definition RequestStructures.h:1137
UINT8 Reserved384[0x0C]
Definition RequestStructures.h:1199
UINT8 Reserved3F4[0x0C]
Definition RequestStructures.h:1210
UINT32 SpuriousInterruptVector
Definition RequestStructures.h:1157
UINT8 Reserved334[0x0C]
Definition RequestStructures.h:1184
UINT8 Reserved024[0x0C]
Definition RequestStructures.h:1129
UINT8 Reserved394[0x0C]
Definition RequestStructures.h:1202
requests for !rev command
Definition RequestStructures.h:145
UINT32 Size
Definition RequestStructures.h:147
UINT32 ProcessId
Definition RequestStructures.h:146
UINT32 KernelStatus
Definition RequestStructures.h:150
REVERSING_MACHINE_RECONSTRUCT_MEMORY_TYPE Type
Definition RequestStructures.h:149
REVERSING_MACHINE_RECONSTRUCT_MEMORY_MODE Mode
Definition RequestStructures.h:148
The structure of I/O APIC result packet in HyperDbg.
Definition RequestStructures.h:1264
UINT32 KernelStatus
Definition RequestStructures.h:1267
UINT64 SmiCount
Definition RequestStructures.h:1266
SMI_OPERATION_REQUEST_TYPE SmiOperationType
Definition RequestStructures.h:1265
Windows System call values that are intercepted by transparency mode.
Definition RequestStructures.h:568
UINT32 SysNtQueryInformationProcess
Definition RequestStructures.h:576
UINT32 SysNtQueryAttributesFile
Definition RequestStructures.h:573
UINT32 SysNtQueryValueKey
Definition RequestStructures.h:583
UINT32 SysNtOpenKey
Definition RequestStructures.h:581
UINT32 SysNtOpenKeyEx
Definition RequestStructures.h:582
UINT32 SysNtQueryDirectoryObject
Definition RequestStructures.h:575
UINT32 SysNtOpenDirectoryObject
Definition RequestStructures.h:574
UINT32 SysNtQuerySystemInformationEx
Definition RequestStructures.h:570
UINT32 SysNtOpenFile
Definition RequestStructures.h:580
UINT32 SysNtSetInformationThread
Definition RequestStructures.h:579
UINT32 SysNtSetInformationProcess
Definition RequestStructures.h:577
UINT32 SysNtEnumerateKey
Definition RequestStructures.h:584
UINT32 SysNtQuerySystemInformation
Definition RequestStructures.h:569
UINT32 SysNtQueryInformationThread
Definition RequestStructures.h:578
UINT32 SysNtSystemDebugControl
Definition RequestStructures.h:572
Definition RequestStructures.h:864
UINT64 NumberOfBlockedContextSwitches
Definition RequestStructures.h:867
BOOLEAN IsProcess
Definition RequestStructures.h:868
UINT32 ThreadId
Definition RequestStructures.h:866
UINT32 ProcessId
Definition RequestStructures.h:865