HyperDbg Debugger
Loading...
Searching...
No Matches
Functions | Variables
track.cpp File Reference

!track command More...

#include "pch.h"

Functions

VOID CommandTrackHelp ()
 help of the !track command
 
VOID CommandTrack (vector< string > SplitCommand, string Command)
 handler of !track command
 
VOID CommandTrackHandleReceivedInstructions (unsigned char *BufferToDisassemble, UINT32 BuffLength, BOOLEAN Isx86_64, UINT64 RipAddress)
 Handle received 'call' or 'ret'.
 
VOID CommandTrackHandleReceivedCallInstructions (const char *NameOfFunctionFromSymbols, UINT64 ComputedAbsoluteAddress)
 Handle received 'call'.
 
VOID CommandTrackHandleReceivedRetInstructions (UINT64 CurrentRip)
 Handle received 'ret'.
 

Variables

BOOLEAN g_IsSerialConnectedToRemoteDebuggee
 Shows if the debugger was connected to remote debuggee over (A remote guest)
 
BOOLEAN g_IsInstrumentingInstructions
 Shows whether the user is running 't', 'p', or 'i' command.
 
ACTIVE_DEBUGGING_PROCESS g_ActiveProcessDebuggingState
 State of active debugging thread.
 
BOOLEAN g_AddressConversion
 Whether converting addresses to object names or not.
 
UINT32 NumberOfCallsIdentation = 0
 
BOOLEAN IsCallInstructionVisited = FALSE
 
BOOLEAN ShowRegs = FALSE
 
volatile BOOLEAN RequestShowingRegs = FALSE
 

Detailed Description

!track command

Author
Sina Karvandi (sina@.nosp@m.hype.nosp@m.rdbg..nosp@m.org)
Version
0.3
Date
2023-05-05
Copyright
This project is released under the GNU Public License v3.

Function Documentation

◆ CommandTrack()

VOID CommandTrack ( vector< string > SplitCommand,
string Command )

handler of !track command

Parameters
SplitCommand
Command
Returns
VOID
95{
96

◆ CommandTrackHandleReceivedCallInstructions()

VOID CommandTrackHandleReceivedCallInstructions ( const char * NameOfFunctionFromSymbols,
UINT64 ComputedAbsoluteAddress )

Handle received 'call'.

Parameters
NameOfFunctionFromSymbols
ComputedAbsoluteAddress
Returns
VOID
270{
271

◆ CommandTrackHandleReceivedInstructions()

VOID CommandTrackHandleReceivedInstructions ( unsigned char * BufferToDisassemble,
UINT32 BuffLength,
BOOLEAN Isx86_64,
UINT64 RipAddress )

Handle received 'call' or 'ret'.

Parameters
BufferToDisassemble
BuffLength
Isx86_64
RipAddress
Returns
VOID
247{
248

◆ CommandTrackHandleReceivedRetInstructions()

VOID CommandTrackHandleReceivedRetInstructions ( UINT64 CurrentRip)

Handle received 'ret'.

Parameters
CurrentRip
Returns
VOID
317{
318

◆ CommandTrackHelp()

VOID CommandTrackHelp ( )

help of the !track command

Returns
VOID
72{
73

Variable Documentation

◆ g_ActiveProcessDebuggingState

ACTIVE_DEBUGGING_PROCESS g_ActiveProcessDebuggingState
extern

State of active debugging thread.

362{0};

◆ g_AddressConversion

BOOLEAN g_AddressConversion
extern

Whether converting addresses to object names or not.

it is enabled by default

◆ g_IsInstrumentingInstructions

BOOLEAN g_IsInstrumentingInstructions
extern

Shows whether the user is running 't', 'p', or 'i' command.

◆ g_IsSerialConnectedToRemoteDebuggee

BOOLEAN g_IsSerialConnectedToRemoteDebuggee
extern

Shows if the debugger was connected to remote debuggee over (A remote guest)

◆ IsCallInstructionVisited

BOOLEAN IsCallInstructionVisited = FALSE

◆ NumberOfCallsIdentation

UINT32 NumberOfCallsIdentation = 0

◆ RequestShowingRegs

volatile BOOLEAN RequestShowingRegs = FALSE

◆ ShowRegs

BOOLEAN ShowRegs = FALSE