HyperDbg Debugger
Loading...
Searching...
No Matches
Functions | Variables
script-engine.cpp File Reference

Interpret script engine affairs. More...

#include "pch.h"

Functions

UINT64 ScriptEngineEvalSingleExpression (string Expr, PBOOLEAN HasError)
 Get the value from the evaluation of single expression from local debuggee and remote debuggee.
 

Variables

UINT64 g_ResultOfEvaluatedExpression
 Result of the expression that is evaluated in the debuggee.
 
UINT32 g_ErrorStateOfResultOfEvaluatedExpression
 Shows the state of the evaluation of expression which whether contains error or not.
 
BOOLEAN g_IsSerialConnectedToRemoteDebuggee
 Shows if the debugger was connected to remote debuggee over (A remote guest)
 

Detailed Description

Interpret script engine affairs.

Author
Sina Karvandi (sina@.nosp@m.hype.nosp@m.rdbg..nosp@m.org)
Version
0.1
Date
2021-09-23
Copyright
This project is released under the GNU Public License v3.

Function Documentation

◆ ScriptEngineEvalSingleExpression()

UINT64 ScriptEngineEvalSingleExpression ( string Expr,
PBOOLEAN HasError )

Get the value from the evaluation of single expression from local debuggee and remote debuggee.

Parameters
Expr
HasError
Returns
UINT64
31{
32 PVOID CodeBuffer;
33 UINT64 BufferAddress;
34 UINT32 BufferLength;
35 UINT32 Pointer;
36 UINT64 Result = NULL;
37
38 //
39 // Prepend and append 'formats(' and ')'
40 //
41 Expr.insert(0, "formats(");
42 Expr.append(");");
43
44 //
45 // Run script engine handler
46 //
47 CodeBuffer = ScriptEngineParseWrapper((char *)Expr.c_str(), FALSE);
48
49 if (CodeBuffer == NULL)
50 {
51 //
52 // return to show that this item contains an script
53 //
54 *HasError = TRUE;
55 return NULL;
56 }
57
58 //
59 // Print symbols (test)
60 //
61 // PrintSymbolBufferWrapper(CodeBuffer);
62
63 //
64 // Set the buffer and length
65 //
66 BufferAddress = ScriptEngineWrapperGetHead(CodeBuffer);
67 BufferLength = ScriptEngineWrapperGetSize(CodeBuffer);
68 Pointer = ScriptEngineWrapperGetPointer(CodeBuffer);
69
70 //
71 // Check if it's connected over remote debuggee (in the Debugger Mode)
72 //
73 if (g_IsSerialConnectedToRemoteDebuggee)
74 {
75 //
76 // Send over serial
77 //
78
79 //
80 // Send it to the remote debuggee
81 //
82 KdSendScriptPacketToDebuggee(BufferAddress, BufferLength, Pointer, TRUE);
83
84 //
85 // Check whether there was an error in evaluation or not
86 //
87 if (g_ErrorStateOfResultOfEvaluatedExpression == DEBUGGER_OPERATION_WAS_SUCCESSFUL)
88 {
89 //
90 // Everything was fine, return the result of the evaluated
91 // expression and null the global holders
92 //
93 Result = g_ResultOfEvaluatedExpression;
94 g_ErrorStateOfResultOfEvaluatedExpression = NULL;
95 g_ResultOfEvaluatedExpression = NULL;
96 *HasError = FALSE;
97 }
98 else
99 {
100 //
101 // There was an error evaluating the expression from the kernel (debuggee)
102 //
103 g_ErrorStateOfResultOfEvaluatedExpression = NULL;
104 g_ResultOfEvaluatedExpression = NULL;
105
106 *HasError = TRUE;
107 Result = NULL;
108 }
109 }
110 else
111 {
112 //
113 // It's in vmi-mode,
114 // execute it locally with regs set to ZERO
115 //
116 Result = ScriptEngineEvalUInt64StyleExpressionWrapper(Expr, HasError);
117 }
118
119 //
120 // Remove the buffer of script engine interpreted code
121 //
122 ScriptEngineWrapperRemoveSymbolBuffer(CodeBuffer);
123
124 return Result;
125}
TRUE
#define TRUE
Definition BasicTypes.h:55
FALSE
#define FALSE
Definition BasicTypes.h:54
UINT64
unsigned __int64 UINT64
Definition BasicTypes.h:21
UINT32
unsigned int UINT32
Definition BasicTypes.h:48
DEBUGGER_OPERATION_WAS_SUCCESSFUL
#define DEBUGGER_OPERATION_WAS_SUCCESSFUL
General value to indicate that the operation or request was successful.
Definition ErrorCodes.h:23
BufferAddress
UINT64 BOOLEAN PVOID BufferAddress
Definition HyperDbgScriptImports.h:67
KdSendScriptPacketToDebuggee
BOOLEAN KdSendScriptPacketToDebuggee(UINT64 BufferAddress, UINT32 BufferLength, UINT32 Pointer, BOOLEAN IsFormat)
Sends a script packet to the debuggee.
Definition kd.cpp:1056
test-case-generator.NULL
NULL()
Definition test-case-generator.py:530
ScriptEngineWrapperGetSize
UINT32 ScriptEngineWrapperGetSize(PVOID SymbolBuffer)
wrapper for getting size
Definition script-engine-wrapper.cpp:834
ScriptEngineWrapperGetPointer
UINT32 ScriptEngineWrapperGetPointer(PVOID SymbolBuffer)
wrapper for getting pointer
Definition script-engine-wrapper.cpp:848
ScriptEngineParseWrapper
PVOID ScriptEngineParseWrapper(char *Expr, BOOLEAN ShowErrorMessageIfAny)
ScriptEngineParse wrapper.
Definition script-engine-wrapper.cpp:267
ScriptEngineEvalUInt64StyleExpressionWrapper
UINT64 ScriptEngineEvalUInt64StyleExpressionWrapper(const string &Expr, PBOOLEAN HasError)
In the local debugging (VMI mode) environment, this function computes the expressions.
Definition script-engine-wrapper.cpp:799
ScriptEngineWrapperGetHead
UINT64 ScriptEngineWrapperGetHead(PVOID SymbolBuffer)
wrapper for getting head
Definition script-engine-wrapper.cpp:822
ScriptEngineWrapperRemoveSymbolBuffer
VOID ScriptEngineWrapperRemoveSymbolBuffer(PVOID SymbolBuffer)
wrapper for removing symbol buffer
Definition script-engine-wrapper.cpp:860
g_ResultOfEvaluatedExpression
UINT64 g_ResultOfEvaluatedExpression
Result of the expression that is evaluated in the debuggee.
Definition globals.h:630
g_IsSerialConnectedToRemoteDebuggee
BOOLEAN g_IsSerialConnectedToRemoteDebuggee
Shows if the debugger was connected to remote debuggee over (A remote guest)
Definition globals.h:231
g_ErrorStateOfResultOfEvaluatedExpression
UINT32 g_ErrorStateOfResultOfEvaluatedExpression
Shows the state of the evaluation of expression which whether contains error or not.
Definition globals.h:637

Variable Documentation

◆ g_ErrorStateOfResultOfEvaluatedExpression

UINT32 g_ErrorStateOfResultOfEvaluatedExpression
extern

Shows the state of the evaluation of expression which whether contains error or not.

◆ g_IsSerialConnectedToRemoteDebuggee

BOOLEAN g_IsSerialConnectedToRemoteDebuggee
extern

Shows if the debugger was connected to remote debuggee over (A remote guest)

◆ g_ResultOfEvaluatedExpression

UINT64 g_ResultOfEvaluatedExpression
extern

Result of the expression that is evaluated in the debuggee.