HyperDbg Debugger
Loading...
Searching...
No Matches
kd.h
Go to the documentation of this file.
1
12#pragma once
13
15// Definitions //
17
18#define DbgWaitForKernelResponse(KernelSyncObjectId) \
19 do \
20 { \
21 DEBUGGER_SYNCRONIZATION_EVENTS_STATE * SyncronizationObject = \
22 &g_KernelSyncronizationObjectsHandleTable[KernelSyncObjectId]; \
23 \
24 SyncronizationObject->IsOnWaitingState = TRUE; \
25 WaitForSingleObject(SyncronizationObject->EventHandle, INFINITE); \
26 \
27 } while (FALSE);
28
29#define DbgWaitSetRequestData(KernelSyncObjectId, ReqData, ReqSize) \
30 do \
31 { \
32 DEBUGGER_SYNCRONIZATION_EVENTS_STATE * SyncronizationObject = \
33 &g_KernelSyncronizationObjectsHandleTable[KernelSyncObjectId]; \
34 \
35 SyncronizationObject->RequestData = (PVOID)ReqData; \
36 SyncronizationObject->RequestSize = (UINT32)ReqSize; \
37 \
38 } while (FALSE);
39
40#define DbgWaitGetRequestData(KernelSyncObjectId, ReqData, ReqSize) \
41 do \
42 { \
43 DEBUGGER_SYNCRONIZATION_EVENTS_STATE * SyncronizationObject = \
44 &g_KernelSyncronizationObjectsHandleTable[KernelSyncObjectId]; \
45 \
46 *ReqData = SyncronizationObject->RequestData; \
47 *ReqSize = SyncronizationObject->RequestSize; \
48 SyncronizationObject->RequestData = NULL; \
49 SyncronizationObject->RequestSize = NULL_ZERO; \
50 \
51 } while (FALSE);
52
53#define DbgReceivedKernelResponse(KernelSyncObjectId) \
54 do \
55 { \
56 DEBUGGER_SYNCRONIZATION_EVENTS_STATE * SyncronizationObject = \
57 &g_KernelSyncronizationObjectsHandleTable[KernelSyncObjectId]; \
58 \
59 SyncronizationObject->IsOnWaitingState = FALSE; \
60 SetEvent(SyncronizationObject->EventHandle); \
61 } while (FALSE);
62
64// Display Windows Details //
66
67struct HKeyHolder
68{
69private:
70 HKEY m_Key;
71
72public:
73 HKeyHolder() :
74 m_Key(nullptr) { }
75
76 HKeyHolder(const HKeyHolder &) = delete;
77 HKeyHolder & operator=(const HKeyHolder &) = delete;
78
79 ~HKeyHolder()
80 {
81 if (m_Key != nullptr)
82 RegCloseKey(m_Key);
83 }
84
85 operator HKEY() const { return m_Key; }
86
87 HKEY * operator&() { return &m_Key; }
88};
89
91// Functions //
93
94BOOLEAN
95KdCommandPacketToDebuggee(
96 DEBUGGER_REMOTE_PACKET_TYPE PacketType,
97 DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION RequestedAction);
98
99BOOLEAN
100KdCommandPacketAndBufferToDebuggee(
101 DEBUGGER_REMOTE_PACKET_TYPE PacketType,
102 DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION RequestedAction,
103 CHAR * Buffer,
104 UINT32 BufferLength);
105
106BOOLEAN
107KdPrepareSerialConnectionToRemoteSystem(HANDLE SerialHandle,
108 BOOLEAN IsNamedPipe);
109
110BOOLEAN
111KdPrepareAndConnectDebugPort(const char * PortName, DWORD Baudrate, UINT32 Port, BOOLEAN IsPreparing, BOOLEAN IsNamedPipe);
112
113BOOLEAN
114KdSendPacketToDebuggee(const CHAR * Buffer, UINT32 Length, BOOLEAN SendEndOfBuffer);
115
116BOOLEAN
117KdReceivePacketFromDebuggee(CHAR * BufferToSave, UINT32 * LengthReceived);
118
119BOOLEAN
120KdReceivePacketFromDebugger(CHAR * BufferToSave, UINT32 * LengthReceived);
121
122BOOLEAN
123KdCheckForTheEndOfTheBuffer(PUINT32 CurrentLoopIndex, BYTE * Buffer);
124
125BOOLEAN
126KdSendSwitchCorePacketToDebuggee(UINT32 NewCore);
127
128BOOLEAN
129KdSendShortCircuitingEventToDebuggee(BOOLEAN IsEnabled);
130
131BOOLEAN
132KdSendEventQueryAndModifyPacketToDebuggee(
133 UINT64 Tag,
134 DEBUGGER_MODIFY_EVENTS_TYPE TypeOfAction,
135 BOOLEAN * IsEnabled);
136
137BOOLEAN
138KdSendFlushPacketToDebuggee();
139
140BOOLEAN
141KdSendCallStackPacketToDebuggee(UINT64 BaseAddress,
142 UINT32 Size,
143 DEBUGGER_CALLSTACK_DISPLAY_METHOD DisplayMethod,
144 BOOLEAN Is32Bit);
145
146BOOLEAN
147KdSendTestQueryPacketToDebuggee(DEBUGGER_TEST_QUERY_STATE Type);
148
149BOOLEAN
150KdSendTestQueryPacketWithContextToDebuggee(DEBUGGER_TEST_QUERY_STATE Type, UINT64 Context);
151
152BOOLEAN
153KdSendSymbolReloadPacketToDebuggee(UINT32 ProcessId);
154
155BOOLEAN
156KdSendReadRegisterPacketToDebuggee(PDEBUGGEE_REGISTER_READ_DESCRIPTION RegDes, UINT32 RegBuffSize);
157
158BOOLEAN
159KdSendWriteRegisterPacketToDebuggee(PDEBUGGEE_REGISTER_WRITE_DESCRIPTION RegDes);
160
161BOOLEAN
162KdSendReadMemoryPacketToDebuggee(PDEBUGGER_READ_MEMORY ReadMem, UINT32 RequestSize);
163
164BOOLEAN
165KdSendEditMemoryPacketToDebuggee(PDEBUGGER_EDIT_MEMORY EditMem, UINT32 Size);
166
167PDEBUGGER_EVENT_AND_ACTION_RESULT
168KdSendRegisterEventPacketToDebuggee(PDEBUGGER_GENERAL_EVENT_DETAIL Event,
169 UINT32 EventBufferLength);
170
171PDEBUGGER_EVENT_AND_ACTION_RESULT
172KdSendAddActionToEventPacketToDebuggee(PDEBUGGER_GENERAL_ACTION GeneralAction,
173 UINT32 GeneralActionLength);
174
175BOOLEAN
176KdSendSwitchProcessPacketToDebuggee(DEBUGGEE_DETAILS_AND_SWITCH_PROCESS_TYPE ActionType,
177 UINT32 NewPid,
178 UINT64 NewProcess,
179 BOOLEAN SetChangeByClockInterrupt,
180 PDEBUGGEE_PROCESS_LIST_NEEDED_DETAILS SymDetailsForProcessList);
181
182BOOLEAN
183KdSendSwitchThreadPacketToDebuggee(DEBUGGEE_DETAILS_AND_SWITCH_THREAD_TYPE ActionType,
184 UINT32 NewTid,
185 UINT64 NewThread,
186 BOOLEAN CheckByClockInterrupt,
187 PDEBUGGEE_THREAD_LIST_NEEDED_DETAILS SymDetailsForThreadList);
188
189BOOLEAN
190KdSendBpPacketToDebuggee(PDEBUGGEE_BP_PACKET BpPacket);
191
192BOOLEAN
193KdSendVa2paAndPa2vaPacketToDebuggee(PDEBUGGER_VA2PA_AND_PA2VA_COMMANDS Va2paAndPa2vaPacket);
194
195BOOLEAN
196KdSendPtePacketToDebuggee(PDEBUGGER_READ_PAGE_TABLE_ENTRIES_DETAILS PtePacket);
197
198BOOLEAN
199KdSendPageinPacketToDebuggee(PDEBUGGER_PAGE_IN_REQUEST PageinPacket);
200
201BOOLEAN
202KdSendListOrModifyPacketToDebuggee(
203 PDEBUGGEE_BP_LIST_OR_MODIFY_PACKET ListOrModifyPacket);
204
205BOOLEAN
206KdSendScriptPacketToDebuggee(UINT64 BufferAddress, UINT32 BufferLength, UINT32 Pointer, BOOLEAN IsFormat);
207
208BOOLEAN
209KdSendUserInputPacketToDebuggee(const char * Sendbuf, int Len, BOOLEAN IgnoreBreakingAgain);
210
211BOOLEAN
212KdSendSearchRequestPacketToDebuggee(UINT64 * SearchRequestBuffer, UINT32 SearchRequestBufferSize);
213
214BOOLEAN
215KdSendStepPacketToDebuggee(DEBUGGER_REMOTE_STEPPING_REQUEST StepRequestType);
216
217BYTE
218KdComputeDataChecksum(PVOID Buffer, UINT32 Length);
219
220BOOLEAN
221KdRegisterEventInDebuggee(PDEBUGGER_GENERAL_EVENT_DETAIL EventRegBuffer,
222 UINT32 Length);
223
224BOOLEAN
225KdAddActionToEventInDebuggee(PDEBUGGER_GENERAL_ACTION ActionAddingBuffer,
226 UINT32 Length);
227
228BOOLEAN
229KdSendModifyEventInDebuggee(PDEBUGGER_MODIFY_EVENTS ModifyEvent, BOOLEAN SendTheResultBackToDebugger);
230
231BOOLEAN
232KdSendGeneralBuffersFromDebuggeeToDebugger(
233 DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION RequestedAction,
234 PVOID Buffer,
235 UINT32 BufferLength,
236 BOOLEAN PauseDebuggeeWhenSent);
237
238BOOLEAN
239KdCloseConnection();
240
241BOOLEAN
242KdReloadSymbolsInDebuggee(BOOLEAN PauseDebuggee, UINT32 UserProcessId);
243
244BOOLEAN
245KdSendResponseOfThePingPacket();
246
247VOID
248KdUninitializeConnection();
249
250VOID
251KdSendUsermodePrints(CHAR * Input, UINT32 Length);
252
253VOID
254KdSendSymbolDetailPacket(PMODULE_SYMBOL_DETAIL SymbolDetailPacket,
255 UINT32 CurrentSymbolInfoIndex,
256 UINT32 TotalSymbols);
257
258VOID
259KdHandleUserInputInDebuggee(DEBUGGEE_USER_INPUT_PACKET * Descriptor);
260
261VOID
262KdTheRemoteSystemIsRunning();
263
264VOID
265KdBreakControlCheckAndPauseDebugger();
266
267VOID
268KdBreakControlCheckAndContinueDebugger();
269
270VOID
271KdSetStatusAndWaitForPause();
BOOLEAN
UCHAR BOOLEAN
Definition BasicTypes.h:39
BYTE
unsigned char BYTE
Definition BasicTypes.h:24
VOID
#define VOID
Definition BasicTypes.h:33
PUINT32
unsigned int * PUINT32
Definition BasicTypes.h:48
UINT64
unsigned __int64 UINT64
Definition BasicTypes.h:21
DWORD
unsigned long DWORD
Definition BasicTypes.h:22
UINT32
unsigned int UINT32
Definition BasicTypes.h:48
CHAR
char CHAR
Definition BasicTypes.h:31
DEBUGGER_REMOTE_PACKET_TYPE
enum _DEBUGGER_REMOTE_PACKET_TYPE DEBUGGER_REMOTE_PACKET_TYPE
enum for different packet types in HyperDbg packets
DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION
enum _DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION
enum for requested action for HyperDbg packet
Tag
POOL_TYPE SIZE_T ULONG Tag
Definition Hooks.h:168
BufferAddress
UINT64 BOOLEAN PVOID BufferAddress
Definition HyperDbgScriptImports.h:67
DEBUGGER_TEST_QUERY_STATE
enum _DEBUGGER_TEST_QUERY_STATE DEBUGGER_TEST_QUERY_STATE
test query used for test purposed
DEBUGGER_CALLSTACK_DISPLAY_METHOD
enum _DEBUGGER_CALLSTACK_DISPLAY_METHOD DEBUGGER_CALLSTACK_DISPLAY_METHOD
callstack showing method
DEBUGGEE_DETAILS_AND_SWITCH_THREAD_TYPE
enum _DEBUGGEE_DETAILS_AND_SWITCH_THREAD_TYPE DEBUGGEE_DETAILS_AND_SWITCH_THREAD_TYPE
Debugger thread switch and thread details.
DEBUGGER_REMOTE_STEPPING_REQUEST
enum _DEBUGGER_REMOTE_STEPPING_REQUEST DEBUGGER_REMOTE_STEPPING_REQUEST
stepping and tracking types
DEBUGGEE_DETAILS_AND_SWITCH_PROCESS_TYPE
enum _DEBUGGEE_DETAILS_AND_SWITCH_PROCESS_TYPE DEBUGGEE_DETAILS_AND_SWITCH_PROCESS_TYPE
Debugger process switch and process details.
Context
NTKERNELAPI _In_opt_ PVOID Context
Definition Dpc.h:25
DEBUGGER_MODIFY_EVENTS_TYPE
enum _DEBUGGER_MODIFY_EVENTS_TYPE DEBUGGER_MODIFY_EVENTS_TYPE
different types of modifying events request (enable/disable/clear)
KdSendAddActionToEventPacketToDebuggee
PDEBUGGER_EVENT_AND_ACTION_RESULT KdSendAddActionToEventPacketToDebuggee(PDEBUGGER_GENERAL_ACTION GeneralAction, UINT32 GeneralActionLength)
Send an add action to event request to the debuggee.
Definition kd.cpp:737
KdSendReadMemoryPacketToDebuggee
BOOLEAN KdSendReadMemoryPacketToDebuggee(PDEBUGGER_READ_MEMORY ReadMem, UINT32 RequestSize)
Send a Read memory packet to the debuggee.
Definition kd.cpp:597
KdSendEventQueryAndModifyPacketToDebuggee
BOOLEAN KdSendEventQueryAndModifyPacketToDebuggee(UINT64 Tag, DEBUGGER_MODIFY_EVENTS_TYPE TypeOfAction, BOOLEAN *IsEnabled)
Sends a query or request to enable/disable/clear for event.
Definition kd.cpp:265
KdSendSymbolDetailPacket
VOID KdSendSymbolDetailPacket(PMODULE_SYMBOL_DETAIL SymbolDetailPacket, UINT32 CurrentSymbolInfoIndex, UINT32 TotalSymbols)
KdSendUserInputPacketToDebuggee
BOOLEAN KdSendUserInputPacketToDebuggee(const char *Sendbuf, int Len, BOOLEAN IgnoreBreakingAgain)
Sends user input packet to the debuggee.
Definition kd.cpp:1120
KdSendListOrModifyPacketToDebuggee
BOOLEAN KdSendListOrModifyPacketToDebuggee(PDEBUGGEE_BP_LIST_OR_MODIFY_PACKET ListOrModifyPacket)
Sends a breakpoint list or modification packet to the debuggee.
Definition kd.cpp:1023
KdPrepareAndConnectDebugPort
BOOLEAN KdPrepareAndConnectDebugPort(const char *PortName, DWORD Baudrate, UINT32 Port, BOOLEAN IsPreparing, BOOLEAN IsNamedPipe)
KdRegisterEventInDebuggee
BOOLEAN KdRegisterEventInDebuggee(PDEBUGGER_GENERAL_EVENT_DETAIL EventRegBuffer, UINT32 Length)
KdSendPageinPacketToDebuggee
BOOLEAN KdSendPageinPacketToDebuggee(PDEBUGGER_PAGE_IN_REQUEST PageinPacket)
Sends a page-in or '.pagein' command packet to the debuggee.
Definition kd.cpp:936
KdSendVa2paAndPa2vaPacketToDebuggee
BOOLEAN KdSendVa2paAndPa2vaPacketToDebuggee(PDEBUGGER_VA2PA_AND_PA2VA_COMMANDS Va2paAndPa2vaPacket)
Sends VA2PA and PA2VA packest, or '!va2pa' and '!pa2va' commands packet to the debuggee.
Definition kd.cpp:965
KdSendModifyEventInDebuggee
BOOLEAN KdSendModifyEventInDebuggee(PDEBUGGER_MODIFY_EVENTS ModifyEvent, BOOLEAN SendTheResultBackToDebugger)
KdSendSymbolReloadPacketToDebuggee
BOOLEAN KdSendSymbolReloadPacketToDebuggee(UINT32 ProcessId)
Send symbol reload packet to the debuggee.
Definition kd.cpp:493
KdBreakControlCheckAndContinueDebugger
VOID KdBreakControlCheckAndContinueDebugger()
KdSendFlushPacketToDebuggee
BOOLEAN KdSendFlushPacketToDebuggee()
Send a flush request to the debuggee.
Definition kd.cpp:314
KdSendTestQueryPacketToDebuggee
BOOLEAN KdSendTestQueryPacketToDebuggee(DEBUGGER_TEST_QUERY_STATE Type)
Send a test query request to the debuggee.
Definition kd.cpp:425
KdSendPtePacketToDebuggee
BOOLEAN KdSendPtePacketToDebuggee(PDEBUGGER_READ_PAGE_TABLE_ENTRIES_DETAILS PtePacket)
Sends a PTE or '!pte' command packet to the debuggee.
Definition kd.cpp:907
KdComputeDataChecksum
BYTE KdComputeDataChecksum(PVOID Buffer, UINT32 Length)
calculate the checksum of received buffer from debugger
Definition Kd.c:270
KdSendStepPacketToDebuggee
BOOLEAN KdSendStepPacketToDebuggee(DEBUGGER_REMOTE_STEPPING_REQUEST StepRequestType)
Sends p (step out) and t (step in) packet to the debuggee.
Definition kd.cpp:1206
KdCloseConnection
BOOLEAN KdCloseConnection()
KdReceivePacketFromDebugger
BOOLEAN KdReceivePacketFromDebugger(CHAR *BufferToSave, UINT32 *LengthReceived)
KdSendSwitchThreadPacketToDebuggee
BOOLEAN KdSendSwitchThreadPacketToDebuggee(DEBUGGEE_DETAILS_AND_SWITCH_THREAD_TYPE ActionType, UINT32 NewTid, UINT64 NewThread, BOOLEAN CheckByClockInterrupt, PDEBUGGEE_THREAD_LIST_NEEDED_DETAILS SymDetailsForThreadList)
Sends a change thread or show threads detail packet to the debuggee.
Definition kd.cpp:858
KdCheckForTheEndOfTheBuffer
BOOLEAN KdCheckForTheEndOfTheBuffer(PUINT32 CurrentLoopIndex, BYTE *Buffer)
compares the buffer with a string
Definition kd.cpp:56
KdSetStatusAndWaitForPause
VOID KdSetStatusAndWaitForPause()
KdCommandPacketToDebuggee
BOOLEAN KdCommandPacketToDebuggee(DEBUGGER_REMOTE_PACKET_TYPE PacketType, DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION RequestedAction)
KdPrepareSerialConnectionToRemoteSystem
BOOLEAN KdPrepareSerialConnectionToRemoteSystem(HANDLE SerialHandle, BOOLEAN IsNamedPipe)
KdSendResponseOfThePingPacket
BOOLEAN KdSendResponseOfThePingPacket()
KdSendSearchRequestPacketToDebuggee
BOOLEAN KdSendSearchRequestPacketToDebuggee(UINT64 *SearchRequestBuffer, UINT32 SearchRequestBufferSize)
Sends search query request packet to the debuggee.
Definition kd.cpp:1178
KdTheRemoteSystemIsRunning
VOID KdTheRemoteSystemIsRunning()
KdSendScriptPacketToDebuggee
BOOLEAN KdSendScriptPacketToDebuggee(UINT64 BufferAddress, UINT32 BufferLength, UINT32 Pointer, BOOLEAN IsFormat)
Sends a script packet to the debuggee.
Definition kd.cpp:1056
KdSendTestQueryPacketWithContextToDebuggee
BOOLEAN KdSendTestQueryPacketWithContextToDebuggee(DEBUGGER_TEST_QUERY_STATE Type, UINT64 Context)
Send a test query request to the debuggee with the specified context.
Definition kd.cpp:460
KdSendRegisterEventPacketToDebuggee
PDEBUGGER_EVENT_AND_ACTION_RESULT KdSendRegisterEventPacketToDebuggee(PDEBUGGER_GENERAL_EVENT_DETAIL Event, UINT32 EventBufferLength)
Send a register event request to the debuggee.
Definition kd.cpp:670
KdHandleUserInputInDebuggee
VOID KdHandleUserInputInDebuggee(DEBUGGEE_USER_INPUT_PACKET *Descriptor)
KdSendShortCircuitingEventToDebuggee
BOOLEAN KdSendShortCircuitingEventToDebuggee(BOOLEAN IsEnabled)
Sends a short-circuiting event request to debuggee.
Definition kd.cpp:226
KdSendSwitchProcessPacketToDebuggee
BOOLEAN KdSendSwitchProcessPacketToDebuggee(DEBUGGEE_DETAILS_AND_SWITCH_PROCESS_TYPE ActionType, UINT32 NewPid, UINT64 NewProcess, BOOLEAN SetChangeByClockInterrupt, PDEBUGGEE_PROCESS_LIST_NEEDED_DETAILS SymDetailsForProcessList)
Sends a change process or show process details packet to the debuggee.
Definition kd.cpp:805
KdBreakControlCheckAndPauseDebugger
VOID KdBreakControlCheckAndPauseDebugger()
KdReceivePacketFromDebuggee
BOOLEAN KdReceivePacketFromDebuggee(CHAR *BufferToSave, UINT32 *LengthReceived)
KdUninitializeConnection
VOID KdUninitializeConnection()
KdReloadSymbolsInDebuggee
BOOLEAN KdReloadSymbolsInDebuggee(BOOLEAN PauseDebuggee, UINT32 UserProcessId)
KdSendUsermodePrints
VOID KdSendUsermodePrints(CHAR *Input, UINT32 Length)
KdSendReadRegisterPacketToDebuggee
BOOLEAN KdSendReadRegisterPacketToDebuggee(PDEBUGGEE_REGISTER_READ_DESCRIPTION RegDes, UINT32 RegBuffSize)
Send a read register packet to the debuggee.
Definition kd.cpp:527
KdSendEditMemoryPacketToDebuggee
BOOLEAN KdSendEditMemoryPacketToDebuggee(PDEBUGGER_EDIT_MEMORY EditMem, UINT32 Size)
Send an Edit memory packet to the debuggee.
Definition kd.cpp:633
KdCommandPacketAndBufferToDebuggee
BOOLEAN KdCommandPacketAndBufferToDebuggee(DEBUGGER_REMOTE_PACKET_TYPE PacketType, DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION RequestedAction, CHAR *Buffer, UINT32 BufferLength)
KdSendGeneralBuffersFromDebuggeeToDebugger
BOOLEAN KdSendGeneralBuffersFromDebuggeeToDebugger(DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION RequestedAction, PVOID Buffer, UINT32 BufferLength, BOOLEAN PauseDebuggeeWhenSent)
KdAddActionToEventInDebuggee
BOOLEAN KdAddActionToEventInDebuggee(PDEBUGGER_GENERAL_ACTION ActionAddingBuffer, UINT32 Length)
KdSendBpPacketToDebuggee
BOOLEAN KdSendBpPacketToDebuggee(PDEBUGGEE_BP_PACKET BpPacket)
Sends a breakpoint set or 'bp' command packet to the debuggee.
Definition kd.cpp:994
KdSendPacketToDebuggee
BOOLEAN KdSendPacketToDebuggee(const CHAR *Buffer, UINT32 Length, BOOLEAN SendEndOfBuffer)
KdSendWriteRegisterPacketToDebuggee
BOOLEAN KdSendWriteRegisterPacketToDebuggee(PDEBUGGEE_REGISTER_WRITE_DESCRIPTION RegDes)
Send a write register packet to the debuggee.
Definition kd.cpp:562
KdSendSwitchCorePacketToDebuggee
BOOLEAN KdSendSwitchCorePacketToDebuggee(UINT32 NewCore)
Sends a change core or '~ x' command packet to the debuggee.
Definition kd.cpp:181
KdSendCallStackPacketToDebuggee
BOOLEAN KdSendCallStackPacketToDebuggee(UINT64 BaseAddress, UINT32 Size, DEBUGGER_CALLSTACK_DISPLAY_METHOD DisplayMethod, BOOLEAN Is32Bit)
Send a callstack request to the debuggee.
Definition kd.cpp:348
_DEBUGGEE_BP_LIST_OR_MODIFY_PACKET
The structure of breakpoint modification requests packet in HyperDbg.
Definition RequestStructures.h:1090
_DEBUGGEE_BP_PACKET
The structure of bp command packet in HyperDbg.
Definition RequestStructures.h:1060
_DEBUGGEE_PROCESS_LIST_NEEDED_DETAILS
The structure of needed information to get the details of the process from nt!_EPROCESS and location ...
Definition RequestStructures.h:684
_DEBUGGEE_REGISTER_READ_DESCRIPTION
Register Descriptor Structure to use in r command.
Definition RequestStructures.h:1156
_DEBUGGEE_REGISTER_WRITE_DESCRIPTION
Register Descriptor Structure to write on registers.
Definition RequestStructures.h:1171
_DEBUGGEE_THREAD_LIST_NEEDED_DETAILS
The structure of needed information to get the details of the thread from nt!_ETHREAD and location of...
Definition RequestStructures.h:698
_DEBUGGEE_USER_INPUT_PACKET
The structure of user-input packet in HyperDbg.
Definition DataTypes.h:140
_DEBUGGER_EDIT_MEMORY
request for edit virtual and physical memory
Definition RequestStructures.h:482
_DEBUGGER_EVENT_AND_ACTION_RESULT
Status of register buffers.
Definition Events.h:423
_DEBUGGER_GENERAL_ACTION
Each event can have multiple actions.
Definition Events.h:406
_DEBUGGER_GENERAL_EVENT_DETAIL
Each command is like the following struct, it also used for tracing works in user mode and sending it...
Definition Events.h:350
_DEBUGGER_MODIFY_EVENTS
request for modifying events (enable/disable/clear)
Definition Events.h:242
_DEBUGGER_PAGE_IN_REQUEST
requests for the '.pagein' command
Definition RequestStructures.h:73
_DEBUGGER_READ_MEMORY
request for reading virtual and physical memory
Definition RequestStructures.h:266
_DEBUGGER_READ_PAGE_TABLE_ENTRIES_DETAILS
request for !pte command
Definition RequestStructures.h:22
_DEBUGGER_VA2PA_AND_PA2VA_COMMANDS
requests for !va2pa and !pa2va commands
Definition RequestStructures.h:54
_MODULE_SYMBOL_DETAIL
structures for sending and saving details about each module and symbols details
Definition Symbols.h:24
HKeyHolder
Definition kd.h:68
HKeyHolder::operator=
HKeyHolder & operator=(const HKeyHolder &)=delete
HKeyHolder::operator&
HKEY * operator&()
Definition kd.h:87
HKeyHolder::HKeyHolder
HKeyHolder()
Definition kd.h:73
HKeyHolder::HKeyHolder
HKeyHolder(const HKeyHolder &)=delete
HKeyHolder::~HKeyHolder
~HKeyHolder()
Definition kd.h:79