HyperDbg Debugger
Loading...
Searching...
No Matches
ud.h
Go to the documentation of this file.
1
12#pragma once
13
15// Definitions //
17
18#define DbgWaitForUserResponse(UserSyncObjectId) \
19 do \
20 { \
21 DEBUGGER_SYNCRONIZATION_EVENTS_STATE * SyncronizationObject = \
22 &g_UserSyncronizationObjectsHandleTable[UserSyncObjectId]; \
23 \
24 SyncronizationObject->IsOnWaitingState = TRUE; \
25 WaitForSingleObject(SyncronizationObject->EventHandle, INFINITE); \
26 } while (FALSE);
27
28#define DbgReceivedUserResponse(UserSyncObjectId) \
29 do \
30 { \
31 DEBUGGER_SYNCRONIZATION_EVENTS_STATE * SyncronizationObject = \
32 &g_UserSyncronizationObjectsHandleTable[UserSyncObjectId]; \
33 \
34 SyncronizationObject->IsOnWaitingState = FALSE; \
35 SetEvent(SyncronizationObject->EventHandle); \
36 } while (FALSE);
37
39// Structures //
41
58
60// Functions //
62
63VOID
64UdInitializeUserDebugger();
65
66VOID
67UdUninitializeUserDebugger();
68
69VOID
70UdRemoveActiveDebuggingProcess(BOOLEAN DontSwitchToNewProcess);
71
72VOID
73UdHandleUserDebuggerPausing(PDEBUGGEE_UD_PAUSED_PACKET PausePacket);
74
75VOID
76UdContinueDebuggee(UINT64 ProcessDetailToken);
77
78VOID
79UdSendStepPacketToDebuggee(UINT64 ThreadDetailToken, UINT32 TargetThreadId, DEBUGGER_REMOTE_STEPPING_REQUEST StepType);
80
81VOID
82UdSetActiveDebuggingProcess(UINT64 DebuggingId,
83 UINT32 ProcessId,
84 UINT32 ThreadId,
85 BOOLEAN Is32Bit,
86 BOOLEAN IsPaused);
87BOOLEAN
88UdSetActiveDebuggingThreadByPidOrTid(UINT32 TargetPidOrTid, BOOLEAN IsTid);
89
90BOOLEAN
91UdSetActiveDebuggingThreadByPidOrTid(UINT32 TargetPidOrTid, BOOLEAN IsTid);
92
93BOOLEAN
94UdShowListActiveDebuggingProcessesAndThreads();
95
96BOOL
97UdListProcessThreads(DWORD OwnerPID);
98
99BOOLEAN
100UdCheckThreadByProcessId(DWORD Pid, DWORD Tid);
101
102BOOLEAN
103UdAttachToProcess(UINT32 TargetPid,
104 const WCHAR * TargetFileAddress,
105 const WCHAR * CommandLine,
106 BOOLEAN RunCallbackAtTheFirstInstruction);
107
108BOOLEAN
109UdKillProcess(UINT32 TargetPid);
110
111BOOLEAN
112UdDetachProcess(UINT32 TargetPid, UINT64 ProcessDetailToken);
113
114BOOLEAN
115UdPauseProcess(UINT64 ProcessDebuggingToken);
BOOL
int BOOL
Definition BasicTypes.h:23
BOOLEAN
UCHAR BOOLEAN
Definition BasicTypes.h:39
VOID
#define VOID
Definition BasicTypes.h:33
WCHAR
wchar_t WCHAR
Definition BasicTypes.h:32
UINT64
unsigned __int64 UINT64
Definition BasicTypes.h:21
DWORD
unsigned long DWORD
Definition BasicTypes.h:22
UINT32
unsigned int UINT32
Definition BasicTypes.h:48
DEBUGGER_REMOTE_STEPPING_REQUEST
enum _DEBUGGER_REMOTE_STEPPING_REQUEST DEBUGGER_REMOTE_STEPPING_REQUEST
stepping and tracking types
UdSetActiveDebuggingThreadByPidOrTid
BOOLEAN UdSetActiveDebuggingThreadByPidOrTid(UINT32 TargetPidOrTid, BOOLEAN IsTid)
Set the active debugging thread by process id or thread id.
Definition ud.cpp:1037
UdPauseProcess
BOOLEAN UdPauseProcess(UINT64 ProcessDebuggingToken)
Pause the target process.
Definition ud.cpp:843
UdRemoveActiveDebuggingProcess
VOID UdRemoveActiveDebuggingProcess(BOOLEAN DontSwitchToNewProcess)
Remove the current active debugging process (thread)
Definition ud.cpp:129
UdInitializeUserDebugger
VOID UdInitializeUserDebugger()
initialize user debugger
Definition Ud.c:21
PACTIVE_DEBUGGING_PROCESS
struct _ACTIVE_DEBUGGING_PROCESS * PACTIVE_DEBUGGING_PROCESS
UdDetachProcess
BOOLEAN UdDetachProcess(UINT32 TargetPid, UINT64 ProcessDetailToken)
Detach the target process.
Definition ud.cpp:764
ACTIVE_DEBUGGING_PROCESS
struct _ACTIVE_DEBUGGING_PROCESS ACTIVE_DEBUGGING_PROCESS
structures related to current thread debugging state
UdShowListActiveDebuggingProcessesAndThreads
BOOLEAN UdShowListActiveDebuggingProcessesAndThreads()
Show list of active debugging processes and threads.
Definition ud.cpp:1119
UdCheckThreadByProcessId
BOOLEAN UdCheckThreadByProcessId(DWORD Pid, DWORD Tid)
Check if a thread belongs to special process.
Definition ud.cpp:243
UdUninitializeUserDebugger
VOID UdUninitializeUserDebugger()
uninitialize user debugger
Definition Ud.c:77
UdKillProcess
BOOLEAN UdKillProcess(UINT32 TargetPid)
Kill the target process from kernel.
Definition ud.cpp:666
UdContinueDebuggee
VOID UdContinueDebuggee(UINT64 ProcessDetailToken)
Continue the target user debugger.
Definition ud.cpp:976
UdHandleUserDebuggerPausing
VOID UdHandleUserDebuggerPausing(PDEBUGGEE_UD_PAUSED_PACKET PausePacket)
Handle pause packets from user debugger.
Definition user-listening.cpp:29
UdAttachToProcess
BOOLEAN UdAttachToProcess(UINT32 TargetPid, const WCHAR *TargetFileAddress, const WCHAR *CommandLine, BOOLEAN RunCallbackAtTheFirstInstruction)
Attach to target process.
Definition ud.cpp:349
UdListProcessThreads
BOOL UdListProcessThreads(DWORD OwnerPID)
List of threads by owner process id.
Definition ud.cpp:183
UdSetActiveDebuggingProcess
VOID UdSetActiveDebuggingProcess(UINT64 DebuggingId, UINT32 ProcessId, UINT32 ThreadId, BOOLEAN Is32Bit, BOOLEAN IsPaused)
set the current active debugging process (thread)
Definition ud.cpp:100
UdSendStepPacketToDebuggee
VOID UdSendStepPacketToDebuggee(UINT64 ThreadDetailToken, UINT32 TargetThreadId, DEBUGGER_REMOTE_STEPPING_REQUEST StepType)
Send stepping instructions packet to user debugger.
Definition ud.cpp:1000
_ACTIVE_DEBUGGING_PROCESS
structures related to current thread debugging state
Definition ud.h:48
_ACTIVE_DEBUGGING_PROCESS::ProcessId
UINT32 ProcessId
Definition ud.h:51
_ACTIVE_DEBUGGING_PROCESS::Context
UINT64 Context
Definition ud.h:55
_ACTIVE_DEBUGGING_PROCESS::Registers
GUEST_REGS Registers
Definition ud.h:54
_ACTIVE_DEBUGGING_PROCESS::IsActive
BOOLEAN IsActive
Definition ud.h:49
_ACTIVE_DEBUGGING_PROCESS::ThreadId
UINT32 ThreadId
Definition ud.h:52
_ACTIVE_DEBUGGING_PROCESS::ProcessDebuggingToken
UINT64 ProcessDebuggingToken
Definition ud.h:50
_ACTIVE_DEBUGGING_PROCESS::Is32Bit
BOOLEAN Is32Bit
Definition ud.h:56
_ACTIVE_DEBUGGING_PROCESS::IsPaused
BOOLEAN IsPaused
Definition ud.h:53
_DEBUGGEE_UD_PAUSED_PACKET
The structure of pausing packet in uHyperDbg.
Definition DataTypes.h:229
GUEST_REGS
Definition BasicTypes.h:70