Skip to content

.debug.md

Latest commit

 

History

History
109 lines (71 loc) · 3 KB

.debug.md

File metadata and controls

109 lines (71 loc) · 3 KB
description Description of '.debug' command in HyperDbg.

.debug (prepare and connect to debugger)

Command

.debug

Syntax

.debug [action (remote | prepare | close)] [type (serial | namedpipe)] [baud rate (decimal value)] address

Description

This command prepares debuggee for a remote connection or connects to a remote debuggee.

{% hint style="warning" %} Please note that you should first wait for reconnecting on the debugger, then connect to it in the debuggee. {% endhint %}

Parameters

[action (remote | prepare | close)]

      If you specify `remote` then it means that you want to connect to a debuggee or if you specify `prepared` then it means that you want to prepare the current machine to be debugged as debuggee and `close` means to close all the connections to the debuggee.

[type (serial | namedpipe)]

      If you want to use a serial port as the connection, you should choose `serial`, and if you want to connect to a named pipe, then you should specify `namedpipe`. Please note that `namedpipe` cannot be used in debuggee, and it can be used only in the debugger.

[baud rate (decimal value)]

      This value shows the baud rate of the device. \(See [Remarks](https://docs.hyperdbg.com/commands/meta-commands/.debug#remarks) for more information\)

address

      COM port address or named pipe address. \(See [Remarks](https://docs.hyperdbg.com/commands/meta-commands/.debug#remarks) for more information\)

Examples

If you want to have a kernel debug connection, first, you should run the following command in a debugger (host). As you can see, you can change the com3to your COM port that is connected to the debuggee.

HyperDbg> .debug remote serial 115200 com3

If you want to use a named pipe instead of a COM port, you can execute the following command in the debugger (Host).

HyperDbg> .debug remote namedpipe \\\\.\\pipe\\HyperDbgPipe

After you tell the debugger to listen on a COM port or a named pipe, now you can run the following command in the debuggee.

HyperDbg> .debug prepare serial 115200 com2

If you want to disconnect from the debuggee, then you should run the following command.

HyperDbg> .debug close

IOCTL

See here to see the design of the kernel debugger connectin.

Remarks

  1. The following values are valid baud rates for serial connections.
Baud rate
110
300
600
1200
2400
4800
9600
14400
19200
38400
56000
57600
115200
128000
256000

The following COM ports are valid for debugging.

COM Port
com1
com2
com3
com4

Requirements

None

Related

Attach to a remote machine