HyperDbg Debugger
Loading...
Searching...
No Matches
Functions | Variables
p.cpp File Reference

p command More...

#include "pch.h"

Functions

VOID CommandPHelp ()
 help of the p command
 
VOID CommandP (vector< string > SplitCommand, string Command)
 handler of p command
 

Variables

BOOLEAN g_IsSerialConnectedToRemoteDebuggee
 Shows if the debugger was connected to remote debuggee over (A remote guest)
 
BOOLEAN g_IsInstrumentingInstructions
 Shows whether the user is running 't', 'p', or 'i' command.
 
ACTIVE_DEBUGGING_PROCESS g_ActiveProcessDebuggingState
 State of active debugging thread.
 

Detailed Description

p command

Author
Sina Karvandi (sina@.nosp@m.hype.nosp@m.rdbg..nosp@m.org)
Version
0.1
Date
2020-12-29
Copyright
This project is released under the GNU Public License v3.

Function Documentation

◆ CommandP()

VOID CommandP ( vector< string > SplitCommand,
string Command )

handler of p command

Parameters
SplitCommand
Command
Returns
VOID
53{
54 UINT32 StepCount;
55 DEBUGGER_REMOTE_STEPPING_REQUEST RequestFormat;
56
57 //
58 // Validate the commands
59 //
60 if (SplitCommand.size() != 1 && SplitCommand.size() != 2)
61 {
62 ShowMessages("incorrect use of the 'p'\n\n");
63 CommandPHelp();
64 return;
65 }
66
67 //
68 // Set type of request
69 //
70 RequestFormat = DEBUGGER_REMOTE_STEPPING_REQUEST_STEP_OVER;
71
72 //
73 // Check if the command has a counter parameter
74 //
75 if (SplitCommand.size() == 2)
76 {
77 if (!ConvertStringToUInt32(SplitCommand.at(1), &StepCount))
78 {
79 ShowMessages("please specify a correct hex value for [count]\n\n");
80 CommandPHelp();
81 return;
82 }
83 }
84 else
85 {
86 StepCount = 1;
87 }
88
89 //
90 // Check if the remote serial debuggee or user debugger are paused or not
91 //
92 if (g_IsSerialConnectedToRemoteDebuggee || g_ActiveProcessDebuggingState.IsActive)
93 {
94 //
95 // Check if the thread is paused or not
96 //
97 if (g_ActiveProcessDebuggingState.IsActive && !g_ActiveProcessDebuggingState.IsPaused)
98 {
99 ShowMessages("the target process is running, use the "
100 "'pause' command or press CTRL+C to pause the process\n");
101 return;
102 }
103
104 //
105 // Indicate that we're instrumenting
106 //
107 g_IsInstrumentingInstructions = TRUE;
108
109 for (size_t i = 0; i < StepCount; i++)
110 {
111 //
112 // For logging purpose
113 //
114 // ShowMessages("percentage : %f %% (%x)\n", 100.0 * (i /
115 // (float)StepCount), i);
116 //
117
118 if (g_IsSerialConnectedToRemoteDebuggee)
119 {
120 //
121 // It's stepping over serial connection in kernel debugger
122 //
123 KdSendStepPacketToDebuggee(RequestFormat);
124 }
125 else
126 {
127 //
128 // It's stepping over user debugger
129 //
130 UdSendStepPacketToDebuggee(g_ActiveProcessDebuggingState.ProcessDebuggingToken,
131 g_ActiveProcessDebuggingState.ThreadId,
132 RequestFormat);
133 }
134
135 if (!SplitCommand.at(0).compare("pr"))
136 {
137 //
138 // Show registers
139 //
140 HyperDbgRegisterShowAll();
141
142 if (i != StepCount - 1)
143 {
144 ShowMessages("\n");
145 }
146 }
147
148 //
149 // Check if user pressed CTRL+C
150 //
151 if (!g_IsInstrumentingInstructions)
152 {
153 break;
154 }
155 }
156
157 //
158 // We're not instrumenting instructions anymore
159 //
160 g_IsInstrumentingInstructions = FALSE;
161 }
162 else
163 {
164 ShowMessages("err, stepping (p) is not valid in the current context, you "
165 "should connect to a debuggee\n");
166 }
167}
TRUE
#define TRUE
Definition BasicTypes.h:55
FALSE
#define FALSE
Definition BasicTypes.h:54
UINT32
unsigned int UINT32
Definition BasicTypes.h:48
DEBUGGER_REMOTE_STEPPING_REQUEST_STEP_OVER
@ DEBUGGER_REMOTE_STEPPING_REQUEST_STEP_OVER
Definition RequestStructures.h:996
DEBUGGER_REMOTE_STEPPING_REQUEST
enum _DEBUGGER_REMOTE_STEPPING_REQUEST DEBUGGER_REMOTE_STEPPING_REQUEST
stepping and tracking types
ConvertStringToUInt32
BOOLEAN ConvertStringToUInt32(string TextToConvert, PUINT32 Result)
check and convert string to a 32 bit unsigned it and also check for special notations like 0x etc.
Definition common.cpp:347
KdSendStepPacketToDebuggee
BOOLEAN KdSendStepPacketToDebuggee(DEBUGGER_REMOTE_STEPPING_REQUEST StepRequestType)
Sends p (step out) and t (step in) packet to the debuggee.
Definition kd.cpp:1206
ShowMessages
VOID ShowMessages(const char *Fmt,...)
Show messages.
Definition libhyperdbg.cpp:96
g_IsInstrumentingInstructions
BOOLEAN g_IsInstrumentingInstructions
Shows whether the user is running 't', 'p', or 'i' command.
Definition globals.h:561
g_IsSerialConnectedToRemoteDebuggee
BOOLEAN g_IsSerialConnectedToRemoteDebuggee
Shows if the debugger was connected to remote debuggee over (A remote guest)
Definition globals.h:231
CommandPHelp
VOID CommandPHelp()
help of the p command
Definition p.cpp:27
g_ActiveProcessDebuggingState
ACTIVE_DEBUGGING_PROCESS g_ActiveProcessDebuggingState
State of active debugging thread.
Definition globals.h:362
HyperDbgRegisterShowAll
BOOLEAN HyperDbgRegisterShowAll()
handler of r show all registers
Definition r.cpp:317
_ACTIVE_DEBUGGING_PROCESS::IsActive
BOOLEAN IsActive
Definition ud.h:49
_ACTIVE_DEBUGGING_PROCESS::ThreadId
UINT32 ThreadId
Definition ud.h:52
_ACTIVE_DEBUGGING_PROCESS::ProcessDebuggingToken
UINT64 ProcessDebuggingToken
Definition ud.h:50
_ACTIVE_DEBUGGING_PROCESS::IsPaused
BOOLEAN IsPaused
Definition ud.h:53
UdSendStepPacketToDebuggee
VOID UdSendStepPacketToDebuggee(UINT64 ProcessDetailToken, UINT32 TargetThreadId, DEBUGGER_REMOTE_STEPPING_REQUEST StepType)
Send stepping instructions packet to user debugger.
Definition ud.cpp:1000

◆ CommandPHelp()

VOID CommandPHelp ( )

help of the p command

Returns
VOID
28{
29 ShowMessages(
30 "p : executes a single instruction (step) and optionally displays the "
31 "resulting values of all registers and flags.\n\n");
32
33 ShowMessages("syntax : \tp\n");
34 ShowMessages("syntax : \tp [Count (hex)]\n");
35 ShowMessages("syntax : \tpr\n");
36 ShowMessages("syntax : \tpr [Count (hex)]\n");
37
38 ShowMessages("\n");
39 ShowMessages("\t\te.g : p\n");
40 ShowMessages("\t\te.g : pr\n");
41 ShowMessages("\t\te.g : pr 1f\n");
42}

Variable Documentation

◆ g_ActiveProcessDebuggingState

ACTIVE_DEBUGGING_PROCESS g_ActiveProcessDebuggingState
extern

State of active debugging thread.

362{0};

◆ g_IsInstrumentingInstructions

BOOLEAN g_IsInstrumentingInstructions
extern

Shows whether the user is running 't', 'p', or 'i' command.

◆ g_IsSerialConnectedToRemoteDebuggee

BOOLEAN g_IsSerialConnectedToRemoteDebuggee
extern

Shows if the debugger was connected to remote debuggee over (A remote guest)