HyperDbg Debugger
Loading...
Searching...
No Matches
Functions
script-engine.h File Reference

General script-engine functions and wrappers. More...

Go to the source code of this file.

Functions

UINT64 ScriptEngineConvertNameToAddressWrapper (const char *FunctionOrVariableName, PBOOLEAN WasFound)
 ScriptEngineConvertNameToAddress wrapper.
 
UINT32 ScriptEngineLoadFileSymbolWrapper (UINT64 BaseAddress, const char *PdbFileName, const char *CustomModuleName)
 ScriptEngineLoadFileSymbol wrapper.
 
VOID ScriptEngineSetTextMessageCallbackWrapper (PVOID Handler)
 ScriptEngineSetTextMessageCallback wrapper.
 
UINT32 ScriptEngineUnloadAllSymbolsWrapper ()
 ScriptEngineUnloadAllSymbols wrapper.
 
UINT32 ScriptEngineUnloadModuleSymbolWrapper (char *ModuleName)
 ScriptEngineUnloadModuleSymbol wrapper.
 
UINT32 ScriptEngineSearchSymbolForMaskWrapper (const char *SearchMask)
 ScriptEngineSearchSymbolForMask wrapper.
 
BOOLEAN ScriptEngineGetFieldOffsetWrapper (CHAR *TypeName, CHAR *FieldName, UINT32 *FieldOffset)
 ScriptEngineGetFieldOffset wrapper.
 
BOOLEAN ScriptEngineGetDataTypeSizeWrapper (CHAR *TypeName, UINT64 *TypeSize)
 ScriptEngineGetDataTypeSize wrapper.
 
BOOLEAN ScriptEngineCreateSymbolTableForDisassemblerWrapper (void *CallbackFunction)
 ScriptEngineCreateSymbolTableForDisassembler wrapper.
 
BOOLEAN ScriptEngineConvertFileToPdbPathWrapper (const char *LocalFilePath, char *ResultPath)
 ScriptEngineConvertFileToPdbPath wrapper.
 
BOOLEAN ScriptEngineConvertFileToPdbFileAndGuidAndAgeDetailsWrapper (const char *LocalFilePath, char *PdbFilePath, char *GuidAndAgeDetails, BOOLEAN Is32BitModule)
 ScriptEngineConvertFileToPdbFileAndGuidAndAgeDetails wrapper.
 
BOOLEAN ScriptEngineSymbolInitLoadWrapper (PMODULE_SYMBOL_DETAIL BufferToStoreDetails, UINT32 StoredLength, BOOLEAN DownloadIfAvailable, const char *SymbolPath, BOOLEAN IsSilentLoad)
 ScriptEngineSymbolInitLoad wrapper.
 
BOOLEAN ScriptEngineShowDataBasedOnSymbolTypesWrapper (const char *TypeName, UINT64 Address, BOOLEAN IsStruct, PVOID BufferAddress, const char *AdditionalParameters)
 ScriptEngineShowDataBasedOnSymbolTypes wrapper.
 
VOID ScriptEngineSymbolAbortLoadingWrapper ()
 SymbolAbortLoading wrapper.
 
VOID ScriptEngineWrapperTestParser (const string &Expr)
 test parser
 
BOOLEAN ScriptAutomaticStatementsTestWrapper (const string &Expr, UINT64 ExpectationValue, BOOLEAN ExceptError)
 massive tests for script engine statements
 
PVOID ScriptEngineParseWrapper (char *Expr, BOOLEAN ShowErrorMessageIfAny)
 ScriptEngineParse wrapper.
 
VOID PrintSymbolBufferWrapper (PVOID SymbolBuffer)
 PrintSymbolBuffer wrapper.
 
UINT64 ScriptEngineWrapperGetHead (PVOID SymbolBuffer)
 wrapper for getting head
 
UINT32 ScriptEngineWrapperGetSize (PVOID SymbolBuffer)
 wrapper for getting size
 
UINT32 ScriptEngineWrapperGetPointer (PVOID SymbolBuffer)
 wrapper for getting pointer
 
VOID ScriptEngineWrapperRemoveSymbolBuffer (PVOID SymbolBuffer)
 wrapper for removing symbol buffer
 
BOOLEAN ScriptEngineFuncNumberOfOperands (UINT64 FuncType, UINT32 *NumberOfGetOperands, UINT32 *NumberOfSetOperands)
 wrapper for getting operand count
 
UINT64 ScriptEngineEvalUInt64StyleExpressionWrapper (const string &Expr, PBOOLEAN HasError)
 In the local debugging (VMI mode) environment, this function computes the expressions.
 
UINT64 ScriptEngineEvalSingleExpression (string Expr, PBOOLEAN HasError)
 Get the value from the evaluation of single expression from local debuggee and remote debuggee.
 

Detailed Description

General script-engine functions and wrappers.

Author
Sina Karvandi (sina@.nosp@m.hype.nosp@m.rdbg..nosp@m.org)
Version
0.1
Date
2021-09-23
Copyright
This project is released under the GNU Public License v3.

Function Documentation

◆ PrintSymbolBufferWrapper()

VOID PrintSymbolBufferWrapper ( PVOID SymbolBuffer)

PrintSymbolBuffer wrapper.

Print symbol buffer wrapper

Parameters
SymbolBuffer
Returns
PVOID
302{
303 PrintSymbolBuffer(SymbolBuffer);
304}
PrintSymbolBuffer
void PrintSymbolBuffer(const PVOID SymbolBuffer)
Prints a symbol buffer.
Definition script-engine.c:2859

◆ ScriptAutomaticStatementsTestWrapper()

BOOLEAN ScriptAutomaticStatementsTestWrapper ( const string & Expr,
UINT64 ExpectationValue,
BOOLEAN ExceptError )

massive tests for script engine statements

Parameters
ExprThe expression to test
ExpectationValueWhat value this statements expects (not used if ExceptError is TRUE)
ExceptErrorTrue if the statement expects an error
Returns
BOOLEAN whether the test was successful or not
543{
544 //
545 // Set the global variable indicator of test_statement to 0
546 //
547 g_CurrentExprEvalResult = 0;
548
549 //
550 // Call the test parser
551 //
552 ScriptEngineWrapperTestParser(Expr);
553
554 //
555 // Check the global variable to see the results
556 //
557 if (g_CurrentExprEvalResultHasError && ExceptError)
558 {
559 return TRUE;
560 }
561 else if (ExpectationValue == g_CurrentExprEvalResult)
562 {
563 return TRUE;
564 }
565
566 return FALSE;
567}
TRUE
#define TRUE
Definition BasicTypes.h:55
FALSE
#define FALSE
Definition BasicTypes.h:54
ScriptEngineWrapperTestParser
VOID ScriptEngineWrapperTestParser(const string &Expr)
test parser
Definition script-engine-wrapper.cpp:719
g_CurrentExprEvalResultHasError
BOOLEAN g_CurrentExprEvalResultHasError
global variable to detect if there was an error in the result of script-engine statement tests
Definition globals.h:671
g_CurrentExprEvalResult
UINT64 g_CurrentExprEvalResult
global variable to save the result of script-engine statement tests
Definition globals.h:664

◆ ScriptEngineConvertFileToPdbFileAndGuidAndAgeDetailsWrapper()

BOOLEAN ScriptEngineConvertFileToPdbFileAndGuidAndAgeDetailsWrapper ( const char * LocalFilePath,
char * PdbFilePath,
char * GuidAndAgeDetails,
BOOLEAN Is32BitModule )

ScriptEngineConvertFileToPdbFileAndGuidAndAgeDetails wrapper.

Parameters
LocalFilePath
PdbFilePath
GuidAndAgeDetails
Is32BitModule
Returns
BOOLEAN
250{
251 return ScriptEngineConvertFileToPdbFileAndGuidAndAgeDetails(LocalFilePath, PdbFilePath, GuidAndAgeDetails, Is32BitModule);
252}
PdbFilePath
char * PdbFilePath
Definition HyperDbgScriptImports.h:63
Is32BitModule
char char BOOLEAN Is32BitModule
Definition HyperDbgScriptImports.h:63
GuidAndAgeDetails
char char * GuidAndAgeDetails
Definition HyperDbgScriptImports.h:63
ScriptEngineConvertFileToPdbFileAndGuidAndAgeDetails
BOOLEAN ScriptEngineConvertFileToPdbFileAndGuidAndAgeDetails(const char *LocalFilePath, char *PdbFilePath, char *GuidAndAgeDetails, BOOLEAN Is32BitModule)
Convert file to pdb attributes for symbols.
Definition script-engine.c:252

◆ ScriptEngineConvertFileToPdbPathWrapper()

BOOLEAN ScriptEngineConvertFileToPdbPathWrapper ( const char * LocalFilePath,
char * ResultPath )

ScriptEngineConvertFileToPdbPath wrapper.

Parameters
LocalFilePath
ResultPath
Returns
BOOLEAN
175{
176 return ScriptEngineConvertFileToPdbPath(LocalFilePath, ResultPath);
177}
ResultPath
char * ResultPath
Definition HyperDbgScriptImports.h:61
ScriptEngineConvertFileToPdbPath
BOOLEAN ScriptEngineConvertFileToPdbPath(const char *LocalFilePath, char *ResultPath)
Convert local file to pdb path.
Definition script-engine.c:173

◆ ScriptEngineConvertNameToAddressWrapper()

UINT64 ScriptEngineConvertNameToAddressWrapper ( const char * FunctionOrVariableName,
PBOOLEAN WasFound )

ScriptEngineConvertNameToAddress wrapper.

Parameters
FunctionName
WasFound
Returns
UINT64
54{
55 return ScriptEngineConvertNameToAddress(FunctionOrVariableName, WasFound);
56}
WasFound
PBOOLEAN WasFound
Definition HyperDbgScriptImports.h:45
ScriptEngineConvertNameToAddress
UINT64 ScriptEngineConvertNameToAddress(const char *FunctionOrVariableName, PBOOLEAN WasFound)
Converts name to address.
Definition script-engine.c:33

◆ ScriptEngineCreateSymbolTableForDisassemblerWrapper()

BOOLEAN ScriptEngineCreateSymbolTableForDisassemblerWrapper ( void * CallbackFunction)

ScriptEngineCreateSymbolTableForDisassembler wrapper.

Parameters
CallbackFunction
Returns
BOOLEAN
160{
161 return ScriptEngineCreateSymbolTableForDisassembler(CallbackFunction);
162}
ScriptEngineCreateSymbolTableForDisassembler
BOOLEAN ScriptEngineCreateSymbolTableForDisassembler(void *CallbackFunction)
Create symbol table for disassembler.
Definition script-engine.c:157

◆ ScriptEngineEvalSingleExpression()

UINT64 ScriptEngineEvalSingleExpression ( string Expr,
PBOOLEAN HasError )

Get the value from the evaluation of single expression from local debuggee and remote debuggee.

Parameters
Expr
HasError
Returns
UINT64
31{
32 PVOID CodeBuffer;
33 UINT64 BufferAddress;
34 UINT32 BufferLength;
35 UINT32 Pointer;
36 UINT64 Result = NULL;
37
38 //
39 // Prepend and append 'formats(' and ')'
40 //
41 Expr.insert(0, "formats(");
42 Expr.append(");");
43
44 //
45 // Run script engine handler
46 //
47 CodeBuffer = ScriptEngineParseWrapper((char *)Expr.c_str(), FALSE);
48
49 if (CodeBuffer == NULL)
50 {
51 //
52 // return to show that this item contains an script
53 //
54 *HasError = TRUE;
55 return NULL;
56 }
57
58 //
59 // Print symbols (test)
60 //
61 // PrintSymbolBufferWrapper(CodeBuffer);
62
63 //
64 // Set the buffer and length
65 //
66 BufferAddress = ScriptEngineWrapperGetHead(CodeBuffer);
67 BufferLength = ScriptEngineWrapperGetSize(CodeBuffer);
68 Pointer = ScriptEngineWrapperGetPointer(CodeBuffer);
69
70 //
71 // Check if it's connected over remote debuggee (in the Debugger Mode)
72 //
73 if (g_IsSerialConnectedToRemoteDebuggee)
74 {
75 //
76 // Send over serial
77 //
78
79 //
80 // Send it to the remote debuggee
81 //
82 KdSendScriptPacketToDebuggee(BufferAddress, BufferLength, Pointer, TRUE);
83
84 //
85 // Check whether there was an error in evaluation or not
86 //
87 if (g_ErrorStateOfResultOfEvaluatedExpression == DEBUGGER_OPERATION_WAS_SUCCESSFUL)
88 {
89 //
90 // Everything was fine, return the result of the evaluated
91 // expression and null the global holders
92 //
93 Result = g_ResultOfEvaluatedExpression;
94 g_ErrorStateOfResultOfEvaluatedExpression = NULL;
95 g_ResultOfEvaluatedExpression = NULL;
96 *HasError = FALSE;
97 }
98 else
99 {
100 //
101 // There was an error evaluating the expression from the kernel (debuggee)
102 //
103 g_ErrorStateOfResultOfEvaluatedExpression = NULL;
104 g_ResultOfEvaluatedExpression = NULL;
105
106 *HasError = TRUE;
107 Result = NULL;
108 }
109 }
110 else
111 {
112 //
113 // It's in vmi-mode,
114 // execute it locally with regs set to ZERO
115 //
116 Result = ScriptEngineEvalUInt64StyleExpressionWrapper(Expr, HasError);
117 }
118
119 //
120 // Remove the buffer of script engine interpreted code
121 //
122 ScriptEngineWrapperRemoveSymbolBuffer(CodeBuffer);
123
124 return Result;
125}
UINT64
unsigned __int64 UINT64
Definition BasicTypes.h:21
UINT32
unsigned int UINT32
Definition BasicTypes.h:48
DEBUGGER_OPERATION_WAS_SUCCESSFUL
#define DEBUGGER_OPERATION_WAS_SUCCESSFUL
General value to indicate that the operation or request was successful.
Definition ErrorCodes.h:23
BufferAddress
UINT64 BOOLEAN PVOID BufferAddress
Definition HyperDbgScriptImports.h:67
KdSendScriptPacketToDebuggee
BOOLEAN KdSendScriptPacketToDebuggee(UINT64 BufferAddress, UINT32 BufferLength, UINT32 Pointer, BOOLEAN IsFormat)
Sends a script packet to the debuggee.
Definition kd.cpp:1056
test-case-generator.NULL
NULL()
Definition test-case-generator.py:530
ScriptEngineWrapperGetSize
UINT32 ScriptEngineWrapperGetSize(PVOID SymbolBuffer)
wrapper for getting size
Definition script-engine-wrapper.cpp:834
ScriptEngineWrapperGetPointer
UINT32 ScriptEngineWrapperGetPointer(PVOID SymbolBuffer)
wrapper for getting pointer
Definition script-engine-wrapper.cpp:848
ScriptEngineParseWrapper
PVOID ScriptEngineParseWrapper(char *Expr, BOOLEAN ShowErrorMessageIfAny)
ScriptEngineParse wrapper.
Definition script-engine-wrapper.cpp:267
ScriptEngineEvalUInt64StyleExpressionWrapper
UINT64 ScriptEngineEvalUInt64StyleExpressionWrapper(const string &Expr, PBOOLEAN HasError)
In the local debugging (VMI mode) environment, this function computes the expressions.
Definition script-engine-wrapper.cpp:799
ScriptEngineWrapperGetHead
UINT64 ScriptEngineWrapperGetHead(PVOID SymbolBuffer)
wrapper for getting head
Definition script-engine-wrapper.cpp:822
ScriptEngineWrapperRemoveSymbolBuffer
VOID ScriptEngineWrapperRemoveSymbolBuffer(PVOID SymbolBuffer)
wrapper for removing symbol buffer
Definition script-engine-wrapper.cpp:860
g_ResultOfEvaluatedExpression
UINT64 g_ResultOfEvaluatedExpression
Result of the expression that is evaluated in the debuggee.
Definition globals.h:630
g_IsSerialConnectedToRemoteDebuggee
BOOLEAN g_IsSerialConnectedToRemoteDebuggee
Shows if the debugger was connected to remote debuggee over (A remote guest)
Definition globals.h:231
g_ErrorStateOfResultOfEvaluatedExpression
UINT32 g_ErrorStateOfResultOfEvaluatedExpression
Shows the state of the evaluation of expression which whether contains error or not.
Definition globals.h:637

◆ ScriptEngineEvalUInt64StyleExpressionWrapper()

UINT64 ScriptEngineEvalUInt64StyleExpressionWrapper ( const string & Expr,
PBOOLEAN HasError )

In the local debugging (VMI mode) environment, this function computes the expressions.

for example, if the user u ExAllocatePoolWithTag+0x10 this will evaluate the expr

Parameters
Expr
HasError
Returns
UINT64
800{
801 //
802 // In VMI-mode we'll form all registers as zero
803 //
804 GUEST_REGS GuestRegs = {0};
805
806 ScriptEngineEvalWrapper(&GuestRegs, Expr);
807
808 //
809 // Set the results and return the value
810 //
811 *HasError = g_CurrentExprEvalResultHasError;
812 return g_CurrentExprEvalResult;
813}
ScriptEngineEvalWrapper
VOID ScriptEngineEvalWrapper(PGUEST_REGS GuestRegs, string Expr)
Script engine evaluation wrapper.
Definition script-engine-wrapper.cpp:314
GUEST_REGS
Definition BasicTypes.h:70

◆ ScriptEngineFuncNumberOfOperands()

BOOLEAN ScriptEngineFuncNumberOfOperands ( UINT64 FuncType,
UINT32 * NumberOfGetOperands,
UINT32 * NumberOfSetOperands )

wrapper for getting operand count

Parameters
FuncType
NumberOfGetOperands
NumberOfSetOperands
Returns
BOOLEAN
875{
876 return FuncGetNumberOfOperands(FuncType, NumberOfGetOperands, NumberOfSetOperands);
877}
NumberOfGetOperands
UINT32 * NumberOfGetOperands
Definition HyperDbgScriptImports.h:33
NumberOfSetOperands
UINT32 UINT32 * NumberOfSetOperands
Definition HyperDbgScriptImports.h:33
FuncGetNumberOfOperands
BOOLEAN FuncGetNumberOfOperands(UINT64 FuncType, UINT32 *NumberOfGetOperands, UINT32 *NumberOfSetOperands)
Script Engine get number of operands.
Definition script-engine.c:3356

◆ ScriptEngineGetDataTypeSizeWrapper()

BOOLEAN ScriptEngineGetDataTypeSizeWrapper ( CHAR * TypeName,
UINT64 * TypeSize )

ScriptEngineGetDataTypeSize wrapper.

Parameters
TypeName
TypeSize
Returns
BOOLEAN
147{
148 return ScriptEngineGetDataTypeSize(TypeName, TypeSize);
149}
TypeSize
UINT64 * TypeSize
Definition HyperDbgScriptImports.h:57
ScriptEngineGetDataTypeSize
BOOLEAN ScriptEngineGetDataTypeSize(CHAR *TypeName, UINT64 *TypeSize)
Get size of a data type (structure)
Definition script-engine.c:142

◆ ScriptEngineGetFieldOffsetWrapper()

BOOLEAN ScriptEngineGetFieldOffsetWrapper ( CHAR * TypeName,
CHAR * FieldName,
UINT32 * FieldOffset )

ScriptEngineGetFieldOffset wrapper.

Parameters
TypeName
FieldName
FieldOffset
Returns
BOOLEAN
133{
134 return ScriptEngineGetFieldOffset(TypeName, FieldName, FieldOffset);
135}
FieldName
CHAR * FieldName
Definition HyperDbgScriptImports.h:55
FieldOffset
CHAR UINT32 * FieldOffset
Definition HyperDbgScriptImports.h:55
ScriptEngineGetFieldOffset
BOOLEAN ScriptEngineGetFieldOffset(CHAR *TypeName, CHAR *FieldName, UINT32 *FieldOffset)
Get offset of a field from the structure.
Definition script-engine.c:126

◆ ScriptEngineLoadFileSymbolWrapper()

UINT32 ScriptEngineLoadFileSymbolWrapper ( UINT64 BaseAddress,
const char * PdbFileName,
const char * CustomModuleName )

ScriptEngineLoadFileSymbol wrapper.

Parameters
BaseAddress
FileName
Returns
UINT32
68{
69 return ScriptEngineLoadFileSymbol(BaseAddress, PdbFileName, CustomModuleName);
70}
CustomModuleName
const char const char * CustomModuleName
Definition HyperDbgScriptImports.h:47
PdbFileName
const char * PdbFileName
Definition HyperDbgScriptImports.h:47
ScriptEngineLoadFileSymbol
UINT32 ScriptEngineLoadFileSymbol(UINT64 BaseAddress, const char *PdbFileName, const char *CustomModuleName)
Definition script-engine.c:53

◆ ScriptEngineParseWrapper()

PVOID ScriptEngineParseWrapper ( char * Expr,
BOOLEAN ShowErrorMessageIfAny )

ScriptEngineParse wrapper.

Parameters
Expr
ShowErrorMessageIfAny
Returns
PVOID
268{
269 PSYMBOL_BUFFER SymbolBuffer;
270 SymbolBuffer = (PSYMBOL_BUFFER)ScriptEngineParse(Expr);
271
272 //
273 // Check if there is an error or not
274 //
275 if (SymbolBuffer->Message == NULL)
276 {
277 return SymbolBuffer;
278 }
279 else
280 {
281 //
282 // Show error message and free the buffer
283 //
284 if (ShowErrorMessageIfAny)
285 {
286 ShowMessages("%s\n", SymbolBuffer->Message);
287 }
288 ScriptEngineWrapperRemoveSymbolBuffer(SymbolBuffer);
289 return NULL;
290 }
291}
PSYMBOL_BUFFER
struct SYMBOL_BUFFER * PSYMBOL_BUFFER
ShowMessages
VOID ShowMessages(const char *Fmt,...)
Show messages.
Definition libhyperdbg.cpp:96
ScriptEngineParse
PVOID ScriptEngineParse(char *str)
The entry point of script engine.
Definition script-engine.c:267
SYMBOL_BUFFER
Definition ScriptEngineCommonDefinitions.h:21
SYMBOL_BUFFER::Message
char * Message
Definition ScriptEngineCommonDefinitions.h:25

◆ ScriptEngineSearchSymbolForMaskWrapper()

UINT32 ScriptEngineSearchSymbolForMaskWrapper ( const char * SearchMask)

ScriptEngineSearchSymbolForMask wrapper.

Parameters
SearchMask
Returns
UINT32
117{
118 return ScriptEngineSearchSymbolForMask(SearchMask);
119}
ScriptEngineSearchSymbolForMask
UINT32 ScriptEngineSearchSymbolForMask(const char *SearchMask)
Search for a special mask.
Definition script-engine.c:109

◆ ScriptEngineSetTextMessageCallbackWrapper()

VOID ScriptEngineSetTextMessageCallbackWrapper ( PVOID Handler)

ScriptEngineSetTextMessageCallback wrapper.

Parameters
Handler
Returns
VOID
81{
82 return ScriptEngineSetTextMessageCallback(Handler);
83}
ScriptEngineSetTextMessageCallback
VOID ScriptEngineSetTextMessageCallback(PVOID Handler)
Set the message handler as an alternative to printf.
Definition script-engine.c:68

◆ ScriptEngineShowDataBasedOnSymbolTypesWrapper()

BOOLEAN ScriptEngineShowDataBasedOnSymbolTypesWrapper ( const char * TypeName,
UINT64 Address,
BOOLEAN IsStruct,
PVOID BufferAddress,
const char * AdditionalParameters )

ScriptEngineShowDataBasedOnSymbolTypes wrapper.

Parameters
TypeName
Address
IsStruct
BufferAddress
AdditionalParameters
Returns
BOOLEAN
218{
219 return ScriptEngineShowDataBasedOnSymbolTypes(TypeName, Address, IsStruct, BufferAddress, AdditionalParameters);
220}
IsStruct
UINT64 BOOLEAN IsStruct
Definition HyperDbgScriptImports.h:67
Address
UINT64 Address
Definition HyperDbgScriptImports.h:67
AdditionalParameters
UINT64 BOOLEAN PVOID const char * AdditionalParameters
Definition HyperDbgScriptImports.h:67
ScriptEngineShowDataBasedOnSymbolTypes
BOOLEAN ScriptEngineShowDataBasedOnSymbolTypes(const char *TypeName, UINT64 Address, BOOLEAN IsStruct, PVOID BufferAddress, const char *AdditionalParameters)
Show data based on symbol types.
Definition script-engine.c:215

◆ ScriptEngineSymbolAbortLoadingWrapper()

VOID ScriptEngineSymbolAbortLoadingWrapper ( )

SymbolAbortLoading wrapper.

Returns
VOID
230{
231 return ScriptEngineSymbolAbortLoading();
232}
ScriptEngineSymbolAbortLoading
VOID ScriptEngineSymbolAbortLoading()
Cancel loading.
Definition script-engine.c:233

◆ ScriptEngineSymbolInitLoadWrapper()

BOOLEAN ScriptEngineSymbolInitLoadWrapper ( PMODULE_SYMBOL_DETAIL BufferToStoreDetails,
UINT32 StoredLength,
BOOLEAN DownloadIfAvailable,
const char * SymbolPath,
BOOLEAN IsSilentLoad )

ScriptEngineSymbolInitLoad wrapper.

Parameters
ScriptEngineSymbolInitLoad
StoredLength
DownloadIfAvailable
SymbolPath
IsSilentLoad
Returns
BOOLEAN
196{
197 return ScriptEngineSymbolInitLoad(BufferToStoreDetails, StoredLength, DownloadIfAvailable, SymbolPath, IsSilentLoad);
198}
SymbolPath
UINT32 BOOLEAN const char * SymbolPath
Definition HyperDbgScriptImports.h:65
IsSilentLoad
UINT32 BOOLEAN const char BOOLEAN IsSilentLoad
Definition HyperDbgScriptImports.h:65
StoredLength
UINT32 StoredLength
Definition HyperDbgScriptImports.h:65
DownloadIfAvailable
UINT32 BOOLEAN DownloadIfAvailable
Definition HyperDbgScriptImports.h:65
ScriptEngineSymbolInitLoad
BOOLEAN ScriptEngineSymbolInitLoad(PVOID BufferToStoreDetails, UINT32 StoredLength, BOOLEAN DownloadIfAvailable, const char *SymbolPath, BOOLEAN IsSilentLoad)
Initial load of the symbols.
Definition script-engine.c:192

◆ ScriptEngineUnloadAllSymbolsWrapper()

UINT32 ScriptEngineUnloadAllSymbolsWrapper ( )

ScriptEngineUnloadAllSymbols wrapper.

Returns
UINT32
92{
93 return ScriptEngineUnloadAllSymbols();
94}
ScriptEngineUnloadAllSymbols
UINT32 ScriptEngineUnloadAllSymbols()
Unload all the previously loaded symbols.
Definition script-engine.c:79

◆ ScriptEngineUnloadModuleSymbolWrapper()

UINT32 ScriptEngineUnloadModuleSymbolWrapper ( char * ModuleName)

ScriptEngineUnloadModuleSymbol wrapper.

Parameters
ModuleName
Returns
UINT32
104{
105 return ScriptEngineUnloadModuleSymbol(ModuleName);
106}
ScriptEngineUnloadModuleSymbol
UINT32 ScriptEngineUnloadModuleSymbol(char *ModuleName)
Unload a special pdb.
Definition script-engine.c:94

◆ ScriptEngineWrapperGetHead()

UINT64 ScriptEngineWrapperGetHead ( PVOID SymbolBuffer)

wrapper for getting head

Parameters
SymbolBuffer
Returns
UINT64
823{
824 return (UINT64)((PSYMBOL_BUFFER)SymbolBuffer)->Head;
825}

◆ ScriptEngineWrapperGetPointer()

UINT32 ScriptEngineWrapperGetPointer ( PVOID SymbolBuffer)

wrapper for getting pointer

Parameters
SymbolBuffer
Returns
UINT32
849{
850 return (UINT32)((PSYMBOL_BUFFER)SymbolBuffer)->Pointer;
851}

◆ ScriptEngineWrapperGetSize()

UINT32 ScriptEngineWrapperGetSize ( PVOID SymbolBuffer)

wrapper for getting size

Parameters
SymbolBuffer
Returns
UINT32
835{
836 UINT32 Size =
837 (UINT32)((PSYMBOL_BUFFER)SymbolBuffer)->Pointer * sizeof(SYMBOL);
838 return Size;
839}
SYMBOL
Definition ScriptEngineCommonDefinitions.h:6

◆ ScriptEngineWrapperRemoveSymbolBuffer()

VOID ScriptEngineWrapperRemoveSymbolBuffer ( PVOID SymbolBuffer)

wrapper for removing symbol buffer

Parameters
SymbolBuffer
Returns
UINT32
861{
862 RemoveSymbolBuffer((PSYMBOL_BUFFER)SymbolBuffer);
863}
RemoveSymbolBuffer
void RemoveSymbolBuffer(PVOID SymbolBuffer)
Frees the memory allocated by SymbolBuffer.
Definition script-engine.c:2725

◆ ScriptEngineWrapperTestParser()

VOID ScriptEngineWrapperTestParser ( const string & Expr)

test parser

Parameters
Expr
Returns
VOID
720{
721 ALLOCATED_MEMORY_FOR_SCRIPT_ENGINE_CASTING AllocationsForCastings = {0};
722
723 typedef struct _TEST_STRUCT
724 {
725 UINT64 Var1;
726 UINT64 Var2;
727 UINT64 Var3;
728 UINT64 Var4;
729 } TEST_STRUCT, *PTEST_STRUCT;
730
731 PTEST_STRUCT TestStruct = (PTEST_STRUCT)malloc(sizeof(TEST_STRUCT));
732
733 if (TestStruct == NULL)
734 {
735 return;
736 }
737
738 RtlZeroMemory(TestStruct, sizeof(TEST_STRUCT));
739
740 TestStruct->Var1 = 0x41414141;
741 TestStruct->Var3 = 0x4242424242424242;
742
743 GUEST_REGS GuestRegs = {0};
744
745 char test[] = "Hello world !";
746 wchar_t testw[] =
747 L"A B C D E F G H I J K L M N O P Q R S T U V W X Y Z 0 1 2 3 4 5 6 7 8 "
748 L"9 a b c d e f g h i j k l m n o p q r s t u v w x y z";
749
750 char * RspReg = (char *)malloc(0x100);
751
752 if (RspReg == NULL)
753 {
754 ShowMessages("err, unable to allocate stack for script engine tests");
755 free(TestStruct);
756 return;
757 }
758
759 memcpy(RspReg, testw, sizeof(testw));
760
761 GuestRegs.rax = 0x1;
762 GuestRegs.rcx = (UINT64)AllocateStructForCasting(&AllocationsForCastings); // TestStruct
763 GuestRegs.rdx = 0x3;
764 GuestRegs.rbx = 0x4;
765 GuestRegs.rsp = (UINT64)RspReg + 0x50;
766 GuestRegs.rbp = 0x6;
767 GuestRegs.rsi = 0x7;
768 GuestRegs.rdi = 0x8;
769 GuestRegs.r8 = 0x9;
770 GuestRegs.r9 = 0xa;
771 GuestRegs.r10 = 0xb;
772 GuestRegs.r11 = 0xc;
773 GuestRegs.r12 = 0xd;
774 GuestRegs.r13 = 0xe;
775 GuestRegs.r14 = (UINT64)testw;
776 GuestRegs.r15 = (UINT64)test;
777
778 ScriptEngineEvalWrapper(&GuestRegs, Expr);
779
780 free(RspReg);
781 free(TestStruct);
782 free(AllocationsForCastings.Buff1);
783 free(AllocationsForCastings.Buff2);
784 free(AllocationsForCastings.Buff3);
785 free(AllocationsForCastings.Buff4);
786 free(AllocationsForCastings.Buff5);
787 free(AllocationsForCastings.Buff6);
788}
AllocateStructForCasting
PVOID AllocateStructForCasting(PALLOCATED_MEMORY_FOR_SCRIPT_ENGINE_CASTING AllocationsForCastings)
allocate memory and build structure for casting
Definition script-engine-wrapper.cpp:576
_ALLOCATED_MEMORY_FOR_SCRIPT_ENGINE_CASTING
Definition script-engine-wrapper.cpp:30
_ALLOCATED_MEMORY_FOR_SCRIPT_ENGINE_CASTING::Buff1
CHAR * Buff1
Definition script-engine-wrapper.cpp:31
_ALLOCATED_MEMORY_FOR_SCRIPT_ENGINE_CASTING::Buff5
CHAR * Buff5
Definition script-engine-wrapper.cpp:35
_ALLOCATED_MEMORY_FOR_SCRIPT_ENGINE_CASTING::Buff6
CHAR * Buff6
Definition script-engine-wrapper.cpp:36
_ALLOCATED_MEMORY_FOR_SCRIPT_ENGINE_CASTING::Buff4
CHAR * Buff4
Definition script-engine-wrapper.cpp:34
_ALLOCATED_MEMORY_FOR_SCRIPT_ENGINE_CASTING::Buff2
CHAR * Buff2
Definition script-engine-wrapper.cpp:32
_ALLOCATED_MEMORY_FOR_SCRIPT_ENGINE_CASTING::Buff3
CHAR * Buff3
Definition script-engine-wrapper.cpp:33
GUEST_REGS::rsp
UINT64 rsp
Definition BasicTypes.h:79
GUEST_REGS::r14
UINT64 r14
Definition BasicTypes.h:89
GUEST_REGS::r15
UINT64 r15
Definition BasicTypes.h:90
GUEST_REGS::rdi
UINT64 rdi
Definition BasicTypes.h:82
GUEST_REGS::rax
UINT64 rax
Definition BasicTypes.h:75
GUEST_REGS::r12
UINT64 r12
Definition BasicTypes.h:87
GUEST_REGS::r13
UINT64 r13
Definition BasicTypes.h:88
GUEST_REGS::r9
UINT64 r9
Definition BasicTypes.h:84
GUEST_REGS::r8
UINT64 r8
Definition BasicTypes.h:83
GUEST_REGS::rbp
UINT64 rbp
Definition BasicTypes.h:80
GUEST_REGS::rbx
UINT64 rbx
Definition BasicTypes.h:78
GUEST_REGS::r10
UINT64 r10
Definition BasicTypes.h:85
GUEST_REGS::rcx
UINT64 rcx
Definition BasicTypes.h:76
GUEST_REGS::rsi
UINT64 rsi
Definition BasicTypes.h:81
GUEST_REGS::r11
UINT64 r11
Definition BasicTypes.h:86
GUEST_REGS::rdx
UINT64 rdx
Definition BasicTypes.h:77