diff --git a/.gitignore b/.gitignore index 065a0ae93..d3feaac5a 100644 --- a/.gitignore +++ b/.gitignore @@ -1,9 +1,8 @@ -log.log .idea -reset git.cmd *.json *.pdb *.exp *.lib -cmake-build-debug -Stdout.log \ No newline at end of file +*.log +reset git.cmd +cmake-build-debug \ No newline at end of file diff --git a/bin/debug/SDK/Headers/BasicTypes.h b/bin/debug/SDK/Headers/BasicTypes.h index ea153fbef..3395412e7 100644 --- a/bin/debug/SDK/Headers/BasicTypes.h +++ b/bin/debug/SDK/Headers/BasicTypes.h @@ -129,19 +129,19 @@ typedef struct _SCRIPT_ENGINE_VARIABLES_LIST * @brief CR3 Structure * */ -//typedef struct _CR3_TYPE -//{ -// union -// { -// UINT64 Flags; -// -// struct -// { -// UINT64 Pcid : 12; -// UINT64 PageFrameNumber : 36; -// UINT64 Reserved1 : 12; -// UINT64 Reserved_2 : 3; -// UINT64 PcidInvalidate : 1; -// } Fields; -// }; -//} CR3_TYPE, *PCR3_TYPE; +typedef struct _CR3_TYPE +{ + union + { + UINT64 Flags; + + struct + { + UINT64 Pcid : 12; + UINT64 PageFrameNumber : 36; + UINT64 Reserved1 : 12; + UINT64 Reserved_2 : 3; + UINT64 PcidInvalidate : 1; + } Fields; + }; +} CR3_TYPE, *PCR3_TYPE; diff --git a/bin/debug/SDK/Headers/BasicTypes.h.go b/bin/debug/SDK/Headers/BasicTypes.h.go deleted file mode 100644 index 188cae789..000000000 --- a/bin/debug/SDK/Headers/BasicTypes.h.go +++ /dev/null @@ -1,3907 +0,0 @@ -// Code generated by gengo. DO NOT EDIT. -package HPRDBGCTRL - -import ( - "unsafe" - "github.com/can1357/gengo/gengort" -) - -const GengoLibraryName = "HPRDBGCTRL" - -var GengoLibrary = gengort.NewLibrary(GengoLibraryName) - -type _CrtLocaleDataPublic struct { - _LocalePctype *uint16 - _LocaleMbCurMax int32 - _LocaleLcCodepage uint32 -} -type _CrtLocalePointers struct { - Locinfo unsafe.Pointer - Mbcinfo unsafe.Pointer -} -type MbstateT struct { - _Wchar uint64 - _Byte uint16 - _State uint16 -} -type _Wfinddata32T struct { - Attrib uint32 - TimeCreate _Time32T - TimeAccess _Time32T - TimeWrite _Time32T - Size _FsizeT - Name [260]WcharT -} -type _Wfinddata32i64T struct { - Attrib uint32 - TimeCreate _Time32T - TimeAccess _Time32T - TimeWrite _Time32T - Size int64 - Name [260]WcharT -} -type _Wfinddata64i32T struct { - Attrib uint32 - TimeCreate TimeT - TimeAccess TimeT - TimeWrite TimeT - Size _FsizeT - Name [260]WcharT -} -type _Wfinddata64T struct { - Attrib uint32 - TimeCreate TimeT - TimeAccess TimeT - TimeWrite TimeT - Size int64 - Name [260]WcharT -} -type File struct { - _Placeholder unsafe.Pointer -} -type Tm struct { - TmSec int32 - TmMin int32 - TmHour int32 - TmMday int32 - TmMon int32 - TmYear int32 - TmWday int32 - TmYday int32 - TmIsdst int32 -} -type _Stat32 struct { - StDev DevT - StIno InoT - StMode uint16 - StNlink int16 - StUid int16 - StGid int16 - StRdev DevT - StSize OffT - StAtime _Time32T - StMtime _Time32T - StCtime _Time32T -} -type _Stat32i64 struct { - StDev DevT - StIno InoT - StMode uint16 - StNlink int16 - StUid int16 - StGid int16 - StRdev DevT - StSize int64 - StAtime _Time32T - StMtime _Time32T - StCtime _Time32T -} -type _Stat64i32 struct { - StDev DevT - StIno InoT - StMode uint16 - StNlink int16 - StUid int16 - StGid int16 - StRdev DevT - StSize OffT - StAtime TimeT - StMtime TimeT - StCtime TimeT -} -type _Stat64 struct { - StDev DevT - StIno InoT - StMode uint16 - StNlink int16 - StUid int16 - StGid int16 - StRdev DevT - StSize int64 - StAtime TimeT - StMtime TimeT - StCtime TimeT -} -type Stat struct { - StDev DevT - StIno InoT - StMode uint16 - StNlink int16 - StUid int16 - StGid int16 - StRdev DevT - StSize OffT - StAtime TimeT - StMtime TimeT - StCtime TimeT -} -type GuestRegs struct { - Rax Uint64 - Rcx Uint64 - Rdx Uint64 - Rbx Uint64 - Rsp Uint64 - Rbp Uint64 - Rsi Uint64 - Rdi Uint64 - R8 Uint64 - R9 Uint64 - R10 Uint64 - R11 Uint64 - R12 Uint64 - R13 Uint64 - R14 Uint64 - R15 Uint64 -} -type GuestExtraRegisters struct { - Cs Uint16 - Ds Uint16 - Fs Uint16 - Gs Uint16 - Es Uint16 - Ss Uint16 - Rflags Uint64 - Rip Uint64 -} -type ScriptEngineVariablesList struct { - TempList *Uint64 - GlobalVariablesList *Uint64 - LocalVariablesList *Uint64 -} -type _Int128T = any -type _Uint128T = any -type __NSConstantString = any -type SizeT = uint64 -type _BuiltinMsVaList = *byte -type _BuiltinVaList = *byte -type UintptrT = uint64 -type VaList = *byte -type SizeT = uint64 -type PtrdiffT = int64 -type IntptrT = int64 -type _VcrtBool = bool -type WcharT = uint16 -type _CrtBool = bool -type ErrnoT = int32 -type WintT = uint16 -type WctypeT = uint16 -type _Time32T = int64 -type TimeT = int64 -type _LocaleT = *_CrtLocalePointers -type RsizeT = uint -type _FsizeT = uint64 -type InoT = uint16 -type DevT = uint32 -type OffT = int64 -type _Wint_t = WcharT -type Qword = uint64 -type Uint64 = uint64 -type Puint64 = *uint64 -type Dword = uint64 -type Bool = int32 -type Byte = uint8 -type Word = uint16 -type Int = int32 -type Uint = uint32 -type Puint = *uint32 -type Ulong64 = uint64 -type Pulong64 = *uint64 -type Dword64 = uint64 -type Pdword64 = *uint64 -type Char = byte -type Wchar = WcharT -type Uchar = uint8 -type Ushort = uint16 -type Ulong = uint64 -type Boolean = Uchar -type Pboolean = *Boolean -type Int8 = int8 -type Pint8 = *int8 -type Int16 = int16 -type Pint16 = *int16 -type Int32 = int32 -type Pint32 = *int32 -type Int64 = int64 -type Pint64 = *int64 -type Uint8 = uint8 -type Puint8 = *uint8 -type Uint16 = uint16 -type Puint16 = *uint16 -type Uint32 = uint32 -type Puint32 = *uint32 -type Uint64 = uint64 -type Puint64 = *uint64 -type GuestRegs = GuestRegs -type PguestRegs = *GuestRegs - -// @brief struct for extra registers -type GuestExtraRegisters = GuestExtraRegisters - -// @brief struct for extra registers -type PguestExtraRegisters = *GuestExtraRegisters - -// @brief List of different variables -type PscriptEngineVariablesList = *ScriptEngineVariablesList - -var __imp___va_start gengort.PreloadProc - -// Gengo init function. -func init() { - __imp___va_start = GengoLibrary.ImportNow("__va_start") - __imp___va_start = GengoLibrary.ImportNow("__va_start") - __imp___security_init_cookie = GengoLibrary.ImportNow("__security_init_cookie") - __imp___security_check_cookie = GengoLibrary.ImportNow("__security_check_cookie") - __imp___report_gsfailure = GengoLibrary.ImportNow("__report_gsfailure") - __imp__invalid_parameter_noinfo = GengoLibrary.ImportNow("_invalid_parameter_noinfo") - __imp__invalid_parameter_noinfo_noreturn = GengoLibrary.ImportNow("_invalid_parameter_noinfo_noreturn") - __imp__invoke_watson = GengoLibrary.ImportNow("_invoke_watson") - __imp__errno = GengoLibrary.ImportNow("_errno") - __imp__set_errno = GengoLibrary.ImportNow("_set_errno") - __imp__get_errno = GengoLibrary.ImportNow("_get_errno") - __imp___doserrno = GengoLibrary.ImportNow("__doserrno") - __imp__set_doserrno = GengoLibrary.ImportNow("_set_doserrno") - __imp__get_doserrno = GengoLibrary.ImportNow("_get_doserrno") - __imp_memchr = GengoLibrary.ImportNow("memchr") - __imp_memchr = GengoLibrary.ImportNow("memchr") - __imp_memcmp = GengoLibrary.ImportNow("memcmp") - __imp_memcmp = GengoLibrary.ImportNow("memcmp") - __imp_memcpy = GengoLibrary.ImportNow("memcpy") - __imp_memcpy = GengoLibrary.ImportNow("memcpy") - __imp_memmove = GengoLibrary.ImportNow("memmove") - __imp_memmove = GengoLibrary.ImportNow("memmove") - __imp_memset = GengoLibrary.ImportNow("memset") - __imp_memset = GengoLibrary.ImportNow("memset") - __imp_strchr = GengoLibrary.ImportNow("strchr") - __imp_strchr = GengoLibrary.ImportNow("strchr") - __imp_strrchr = GengoLibrary.ImportNow("strrchr") - __imp_strrchr = GengoLibrary.ImportNow("strrchr") - __imp_strstr = GengoLibrary.ImportNow("strstr") - __imp_strstr = GengoLibrary.ImportNow("strstr") - __imp_wcschr = GengoLibrary.ImportNow("wcschr") - __imp_wcschr = GengoLibrary.ImportNow("wcschr") - __imp_wcsrchr = GengoLibrary.ImportNow("wcsrchr") - __imp_wcsstr = GengoLibrary.ImportNow("wcsstr") - __imp_memcpy_s = GengoLibrary.ImportNow("memcpy_s") - __imp_memmove_s = GengoLibrary.ImportNow("memmove_s") - __imp___local_stdio_printf_options = GengoLibrary.ImportNow("__local_stdio_printf_options") - __imp___local_stdio_scanf_options = GengoLibrary.ImportNow("__local_stdio_scanf_options") - __imp__cgetws_s = GengoLibrary.ImportNow("_cgetws_s") - __imp__cputws = GengoLibrary.ImportNow("_cputws") - __imp__getwch = GengoLibrary.ImportNow("_getwch") - __imp__getwche = GengoLibrary.ImportNow("_getwche") - __imp__putwch = GengoLibrary.ImportNow("_putwch") - __imp__ungetwch = GengoLibrary.ImportNow("_ungetwch") - __imp__getwch_nolock = GengoLibrary.ImportNow("_getwch_nolock") - __imp__getwche_nolock = GengoLibrary.ImportNow("_getwche_nolock") - __imp__putwch_nolock = GengoLibrary.ImportNow("_putwch_nolock") - __imp__ungetwch_nolock = GengoLibrary.ImportNow("_ungetwch_nolock") - __imp___conio_common_vcwprintf = GengoLibrary.ImportNow("__conio_common_vcwprintf") - __imp___conio_common_vcwprintf_s = GengoLibrary.ImportNow("__conio_common_vcwprintf_s") - __imp___conio_common_vcwprintf_p = GengoLibrary.ImportNow("__conio_common_vcwprintf_p") - __imp__vcwprintf_l = GengoLibrary.ImportNow("_vcwprintf_l") - __imp__vcwprintf = GengoLibrary.ImportNow("_vcwprintf") - __imp__vcwprintf_s_l = GengoLibrary.ImportNow("_vcwprintf_s_l") - __imp__vcwprintf_s = GengoLibrary.ImportNow("_vcwprintf_s") - __imp__vcwprintf_p_l = GengoLibrary.ImportNow("_vcwprintf_p_l") - __imp__vcwprintf_p = GengoLibrary.ImportNow("_vcwprintf_p") - __imp__cwprintf_l = GengoLibrary.ImportNow("_cwprintf_l") - __imp__cwprintf = GengoLibrary.ImportNow("_cwprintf") - __imp__cwprintf_s_l = GengoLibrary.ImportNow("_cwprintf_s_l") - __imp__cwprintf_s = GengoLibrary.ImportNow("_cwprintf_s") - __imp__cwprintf_p_l = GengoLibrary.ImportNow("_cwprintf_p_l") - __imp__cwprintf_p = GengoLibrary.ImportNow("_cwprintf_p") - __imp___conio_common_vcwscanf = GengoLibrary.ImportNow("__conio_common_vcwscanf") - __imp__vcwscanf_l = GengoLibrary.ImportNow("_vcwscanf_l") - __imp__vcwscanf = GengoLibrary.ImportNow("_vcwscanf") - __imp__vcwscanf_s_l = GengoLibrary.ImportNow("_vcwscanf_s_l") - __imp__vcwscanf_s = GengoLibrary.ImportNow("_vcwscanf_s") - __imp__cwscanf_l = GengoLibrary.ImportNow("_cwscanf_l") - __imp__cwscanf = GengoLibrary.ImportNow("_cwscanf") - __imp__cwscanf_s_l = GengoLibrary.ImportNow("_cwscanf_s_l") - __imp__cwscanf_s = GengoLibrary.ImportNow("_cwscanf_s") - __imp___pctype_func = GengoLibrary.ImportNow("__pctype_func") - __imp___pwctype_func = GengoLibrary.ImportNow("__pwctype_func") - __imp_iswalnum = GengoLibrary.ImportNow("iswalnum") - __imp_iswalpha = GengoLibrary.ImportNow("iswalpha") - __imp_iswascii = GengoLibrary.ImportNow("iswascii") - __imp_iswblank = GengoLibrary.ImportNow("iswblank") - __imp_iswcntrl = GengoLibrary.ImportNow("iswcntrl") - __imp_iswdigit = GengoLibrary.ImportNow("iswdigit") - __imp_iswgraph = GengoLibrary.ImportNow("iswgraph") - __imp_iswlower = GengoLibrary.ImportNow("iswlower") - __imp_iswprint = GengoLibrary.ImportNow("iswprint") - __imp_iswpunct = GengoLibrary.ImportNow("iswpunct") - __imp_iswspace = GengoLibrary.ImportNow("iswspace") - __imp_iswupper = GengoLibrary.ImportNow("iswupper") - __imp_iswxdigit = GengoLibrary.ImportNow("iswxdigit") - __imp___iswcsymf = GengoLibrary.ImportNow("__iswcsymf") - __imp___iswcsym = GengoLibrary.ImportNow("__iswcsym") - __imp__iswalnum_l = GengoLibrary.ImportNow("_iswalnum_l") - __imp__iswalpha_l = GengoLibrary.ImportNow("_iswalpha_l") - __imp__iswblank_l = GengoLibrary.ImportNow("_iswblank_l") - __imp__iswcntrl_l = GengoLibrary.ImportNow("_iswcntrl_l") - __imp__iswdigit_l = GengoLibrary.ImportNow("_iswdigit_l") - __imp__iswgraph_l = GengoLibrary.ImportNow("_iswgraph_l") - __imp__iswlower_l = GengoLibrary.ImportNow("_iswlower_l") - __imp__iswprint_l = GengoLibrary.ImportNow("_iswprint_l") - __imp__iswpunct_l = GengoLibrary.ImportNow("_iswpunct_l") - __imp__iswspace_l = GengoLibrary.ImportNow("_iswspace_l") - __imp__iswupper_l = GengoLibrary.ImportNow("_iswupper_l") - __imp__iswxdigit_l = GengoLibrary.ImportNow("_iswxdigit_l") - __imp__iswcsymf_l = GengoLibrary.ImportNow("_iswcsymf_l") - __imp__iswcsym_l = GengoLibrary.ImportNow("_iswcsym_l") - __imp_towupper = GengoLibrary.ImportNow("towupper") - __imp_towlower = GengoLibrary.ImportNow("towlower") - __imp_iswctype = GengoLibrary.ImportNow("iswctype") - __imp__towupper_l = GengoLibrary.ImportNow("_towupper_l") - __imp__towlower_l = GengoLibrary.ImportNow("_towlower_l") - __imp__iswctype_l = GengoLibrary.ImportNow("_iswctype_l") - __imp_isleadbyte = GengoLibrary.ImportNow("isleadbyte") - __imp__isleadbyte_l = GengoLibrary.ImportNow("_isleadbyte_l") - __imp_is_wctype = GengoLibrary.ImportNow("is_wctype") - __imp__wgetcwd = GengoLibrary.ImportNow("_wgetcwd") - __imp__wgetdcwd = GengoLibrary.ImportNow("_wgetdcwd") - __imp__wchdir = GengoLibrary.ImportNow("_wchdir") - __imp__wmkdir = GengoLibrary.ImportNow("_wmkdir") - __imp__wrmdir = GengoLibrary.ImportNow("_wrmdir") - __imp__waccess = GengoLibrary.ImportNow("_waccess") - __imp__waccess_s = GengoLibrary.ImportNow("_waccess_s") - __imp__wchmod = GengoLibrary.ImportNow("_wchmod") - __imp__wcreat = GengoLibrary.ImportNow("_wcreat") - __imp__wfindfirst32 = GengoLibrary.ImportNow("_wfindfirst32") - __imp__wfindnext32 = GengoLibrary.ImportNow("_wfindnext32") - __imp__wunlink = GengoLibrary.ImportNow("_wunlink") - __imp__wrename = GengoLibrary.ImportNow("_wrename") - __imp__wmktemp_s = GengoLibrary.ImportNow("_wmktemp_s") - __imp__wmktemp = GengoLibrary.ImportNow("_wmktemp") - __imp__wfindfirst32i64 = GengoLibrary.ImportNow("_wfindfirst32i64") - __imp__wfindfirst64i32 = GengoLibrary.ImportNow("_wfindfirst64i32") - __imp__wfindfirst64 = GengoLibrary.ImportNow("_wfindfirst64") - __imp__wfindnext32i64 = GengoLibrary.ImportNow("_wfindnext32i64") - __imp__wfindnext64i32 = GengoLibrary.ImportNow("_wfindnext64i32") - __imp__wfindnext64 = GengoLibrary.ImportNow("_wfindnext64") - __imp__wsopen_s = GengoLibrary.ImportNow("_wsopen_s") - __imp__wsopen_dispatch = GengoLibrary.ImportNow("_wsopen_dispatch") - __imp__wopen = GengoLibrary.ImportNow("_wopen") - __imp__wsopen = GengoLibrary.ImportNow("_wsopen") - __imp__wexecl = GengoLibrary.ImportNow("_wexecl") - __imp__wexecle = GengoLibrary.ImportNow("_wexecle") - __imp__wexeclp = GengoLibrary.ImportNow("_wexeclp") - __imp__wexeclpe = GengoLibrary.ImportNow("_wexeclpe") - __imp__wexecv = GengoLibrary.ImportNow("_wexecv") - __imp__wexecve = GengoLibrary.ImportNow("_wexecve") - __imp__wexecvp = GengoLibrary.ImportNow("_wexecvp") - __imp__wexecvpe = GengoLibrary.ImportNow("_wexecvpe") - __imp__wspawnl = GengoLibrary.ImportNow("_wspawnl") - __imp__wspawnle = GengoLibrary.ImportNow("_wspawnle") - __imp__wspawnlp = GengoLibrary.ImportNow("_wspawnlp") - __imp__wspawnlpe = GengoLibrary.ImportNow("_wspawnlpe") - __imp__wspawnv = GengoLibrary.ImportNow("_wspawnv") - __imp__wspawnve = GengoLibrary.ImportNow("_wspawnve") - __imp__wspawnvp = GengoLibrary.ImportNow("_wspawnvp") - __imp__wspawnvpe = GengoLibrary.ImportNow("_wspawnvpe") - __imp__wsystem = GengoLibrary.ImportNow("_wsystem") - __imp___acrt_iob_func = GengoLibrary.ImportNow("__acrt_iob_func") - __imp_fgetwc = GengoLibrary.ImportNow("fgetwc") - __imp__fgetwchar = GengoLibrary.ImportNow("_fgetwchar") - __imp_fputwc = GengoLibrary.ImportNow("fputwc") - __imp__fputwchar = GengoLibrary.ImportNow("_fputwchar") - __imp_getwc = GengoLibrary.ImportNow("getwc") - __imp_getwchar = GengoLibrary.ImportNow("getwchar") - __imp_fgetws = GengoLibrary.ImportNow("fgetws") - __imp_fputws = GengoLibrary.ImportNow("fputws") - __imp__getws_s = GengoLibrary.ImportNow("_getws_s") - __imp_putwc = GengoLibrary.ImportNow("putwc") - __imp_putwchar = GengoLibrary.ImportNow("putwchar") - __imp__putws = GengoLibrary.ImportNow("_putws") - __imp_ungetwc = GengoLibrary.ImportNow("ungetwc") - __imp__wfdopen = GengoLibrary.ImportNow("_wfdopen") - __imp__wfopen = GengoLibrary.ImportNow("_wfopen") - __imp__wfopen_s = GengoLibrary.ImportNow("_wfopen_s") - __imp__wfreopen = GengoLibrary.ImportNow("_wfreopen") - __imp__wfreopen_s = GengoLibrary.ImportNow("_wfreopen_s") - __imp__wfsopen = GengoLibrary.ImportNow("_wfsopen") - __imp__wperror = GengoLibrary.ImportNow("_wperror") - __imp__wpopen = GengoLibrary.ImportNow("_wpopen") - __imp__wremove = GengoLibrary.ImportNow("_wremove") - __imp__wtempnam = GengoLibrary.ImportNow("_wtempnam") - __imp__wtmpnam_s = GengoLibrary.ImportNow("_wtmpnam_s") - __imp__wtmpnam = GengoLibrary.ImportNow("_wtmpnam") - __imp__fgetwc_nolock = GengoLibrary.ImportNow("_fgetwc_nolock") - __imp__fputwc_nolock = GengoLibrary.ImportNow("_fputwc_nolock") - __imp__getwc_nolock = GengoLibrary.ImportNow("_getwc_nolock") - __imp__putwc_nolock = GengoLibrary.ImportNow("_putwc_nolock") - __imp__ungetwc_nolock = GengoLibrary.ImportNow("_ungetwc_nolock") - __imp___stdio_common_vfwprintf = GengoLibrary.ImportNow("__stdio_common_vfwprintf") - __imp___stdio_common_vfwprintf_s = GengoLibrary.ImportNow("__stdio_common_vfwprintf_s") - __imp___stdio_common_vfwprintf_p = GengoLibrary.ImportNow("__stdio_common_vfwprintf_p") - __imp__vfwprintf_l = GengoLibrary.ImportNow("_vfwprintf_l") - __imp_vfwprintf = GengoLibrary.ImportNow("vfwprintf") - __imp__vfwprintf_s_l = GengoLibrary.ImportNow("_vfwprintf_s_l") - __imp_vfwprintf_s = GengoLibrary.ImportNow("vfwprintf_s") - __imp__vfwprintf_p_l = GengoLibrary.ImportNow("_vfwprintf_p_l") - __imp__vfwprintf_p = GengoLibrary.ImportNow("_vfwprintf_p") - __imp__vwprintf_l = GengoLibrary.ImportNow("_vwprintf_l") - __imp_vwprintf = GengoLibrary.ImportNow("vwprintf") - __imp__vwprintf_s_l = GengoLibrary.ImportNow("_vwprintf_s_l") - __imp_vwprintf_s = GengoLibrary.ImportNow("vwprintf_s") - __imp__vwprintf_p_l = GengoLibrary.ImportNow("_vwprintf_p_l") - __imp__vwprintf_p = GengoLibrary.ImportNow("_vwprintf_p") - __imp__fwprintf_l = GengoLibrary.ImportNow("_fwprintf_l") - __imp_fwprintf = GengoLibrary.ImportNow("fwprintf") - __imp__fwprintf_s_l = GengoLibrary.ImportNow("_fwprintf_s_l") - __imp_fwprintf_s = GengoLibrary.ImportNow("fwprintf_s") - __imp__fwprintf_p_l = GengoLibrary.ImportNow("_fwprintf_p_l") - __imp__fwprintf_p = GengoLibrary.ImportNow("_fwprintf_p") - __imp__wprintf_l = GengoLibrary.ImportNow("_wprintf_l") - __imp_wprintf = GengoLibrary.ImportNow("wprintf") - __imp__wprintf_s_l = GengoLibrary.ImportNow("_wprintf_s_l") - __imp_wprintf_s = GengoLibrary.ImportNow("wprintf_s") - __imp__wprintf_p_l = GengoLibrary.ImportNow("_wprintf_p_l") - __imp__wprintf_p = GengoLibrary.ImportNow("_wprintf_p") - __imp___stdio_common_vfwscanf = GengoLibrary.ImportNow("__stdio_common_vfwscanf") - __imp__vfwscanf_l = GengoLibrary.ImportNow("_vfwscanf_l") - __imp_vfwscanf = GengoLibrary.ImportNow("vfwscanf") - __imp__vfwscanf_s_l = GengoLibrary.ImportNow("_vfwscanf_s_l") - __imp_vfwscanf_s = GengoLibrary.ImportNow("vfwscanf_s") - __imp__vwscanf_l = GengoLibrary.ImportNow("_vwscanf_l") - __imp_vwscanf = GengoLibrary.ImportNow("vwscanf") - __imp__vwscanf_s_l = GengoLibrary.ImportNow("_vwscanf_s_l") - __imp_vwscanf_s = GengoLibrary.ImportNow("vwscanf_s") - __imp__fwscanf_l = GengoLibrary.ImportNow("_fwscanf_l") - __imp_fwscanf = GengoLibrary.ImportNow("fwscanf") - __imp__fwscanf_s_l = GengoLibrary.ImportNow("_fwscanf_s_l") - __imp_fwscanf_s = GengoLibrary.ImportNow("fwscanf_s") - __imp__wscanf_l = GengoLibrary.ImportNow("_wscanf_l") - __imp_wscanf = GengoLibrary.ImportNow("wscanf") - __imp__wscanf_s_l = GengoLibrary.ImportNow("_wscanf_s_l") - __imp_wscanf_s = GengoLibrary.ImportNow("wscanf_s") - __imp___stdio_common_vswprintf = GengoLibrary.ImportNow("__stdio_common_vswprintf") - __imp___stdio_common_vswprintf_s = GengoLibrary.ImportNow("__stdio_common_vswprintf_s") - __imp___stdio_common_vsnwprintf_s = GengoLibrary.ImportNow("__stdio_common_vsnwprintf_s") - __imp___stdio_common_vswprintf_p = GengoLibrary.ImportNow("__stdio_common_vswprintf_p") - __imp__vsnwprintf_l = GengoLibrary.ImportNow("_vsnwprintf_l") - __imp__vsnwprintf_s_l = GengoLibrary.ImportNow("_vsnwprintf_s_l") - __imp__vsnwprintf_s = GengoLibrary.ImportNow("_vsnwprintf_s") - __imp__snwprintf = GengoLibrary.ImportNow("_snwprintf") - __imp__vsnwprintf = GengoLibrary.ImportNow("_vsnwprintf") - __imp__vsnwprintf = GengoLibrary.ImportNow("_vsnwprintf") - __imp__vswprintf_c_l = GengoLibrary.ImportNow("_vswprintf_c_l") - __imp__vswprintf_c = GengoLibrary.ImportNow("_vswprintf_c") - __imp__vswprintf_l = GengoLibrary.ImportNow("_vswprintf_l") - __imp___vswprintf_l = GengoLibrary.ImportNow("__vswprintf_l") - __imp__vswprintf = GengoLibrary.ImportNow("_vswprintf") - __imp_vswprintf = GengoLibrary.ImportNow("vswprintf") - __imp__vswprintf_s_l = GengoLibrary.ImportNow("_vswprintf_s_l") - __imp_vswprintf_s = GengoLibrary.ImportNow("vswprintf_s") - __imp__vswprintf_p_l = GengoLibrary.ImportNow("_vswprintf_p_l") - __imp__vswprintf_p = GengoLibrary.ImportNow("_vswprintf_p") - __imp__vscwprintf_l = GengoLibrary.ImportNow("_vscwprintf_l") - __imp__vscwprintf = GengoLibrary.ImportNow("_vscwprintf") - __imp__vscwprintf_p_l = GengoLibrary.ImportNow("_vscwprintf_p_l") - __imp__vscwprintf_p = GengoLibrary.ImportNow("_vscwprintf_p") - __imp___swprintf_l = GengoLibrary.ImportNow("__swprintf_l") - __imp__swprintf_l = GengoLibrary.ImportNow("_swprintf_l") - __imp__swprintf = GengoLibrary.ImportNow("_swprintf") - __imp_swprintf = GengoLibrary.ImportNow("swprintf") - __imp___swprintf_l = GengoLibrary.ImportNow("__swprintf_l") - __imp___vswprintf_l = GengoLibrary.ImportNow("__vswprintf_l") - __imp__swprintf = GengoLibrary.ImportNow("_swprintf") - __imp__vswprintf = GengoLibrary.ImportNow("_vswprintf") - __imp__swprintf_s_l = GengoLibrary.ImportNow("_swprintf_s_l") - __imp_swprintf_s = GengoLibrary.ImportNow("swprintf_s") - __imp__swprintf_p_l = GengoLibrary.ImportNow("_swprintf_p_l") - __imp__swprintf_p = GengoLibrary.ImportNow("_swprintf_p") - __imp__swprintf_c_l = GengoLibrary.ImportNow("_swprintf_c_l") - __imp__swprintf_c = GengoLibrary.ImportNow("_swprintf_c") - __imp__snwprintf_l = GengoLibrary.ImportNow("_snwprintf_l") - __imp__snwprintf = GengoLibrary.ImportNow("_snwprintf") - __imp__snwprintf_s_l = GengoLibrary.ImportNow("_snwprintf_s_l") - __imp__snwprintf_s = GengoLibrary.ImportNow("_snwprintf_s") - __imp__scwprintf_l = GengoLibrary.ImportNow("_scwprintf_l") - __imp__scwprintf = GengoLibrary.ImportNow("_scwprintf") - __imp__scwprintf_p_l = GengoLibrary.ImportNow("_scwprintf_p_l") - __imp__scwprintf_p = GengoLibrary.ImportNow("_scwprintf_p") - __imp___stdio_common_vswscanf = GengoLibrary.ImportNow("__stdio_common_vswscanf") - __imp__vswscanf_l = GengoLibrary.ImportNow("_vswscanf_l") - __imp_vswscanf = GengoLibrary.ImportNow("vswscanf") - __imp__vswscanf_s_l = GengoLibrary.ImportNow("_vswscanf_s_l") - __imp_vswscanf_s = GengoLibrary.ImportNow("vswscanf_s") - __imp__vsnwscanf_l = GengoLibrary.ImportNow("_vsnwscanf_l") - __imp__vsnwscanf_s_l = GengoLibrary.ImportNow("_vsnwscanf_s_l") - __imp__swscanf_l = GengoLibrary.ImportNow("_swscanf_l") - __imp_swscanf = GengoLibrary.ImportNow("swscanf") - __imp__swscanf_s_l = GengoLibrary.ImportNow("_swscanf_s_l") - __imp_swscanf_s = GengoLibrary.ImportNow("swscanf_s") - __imp__snwscanf_l = GengoLibrary.ImportNow("_snwscanf_l") - __imp__snwscanf = GengoLibrary.ImportNow("_snwscanf") - __imp__snwscanf_s_l = GengoLibrary.ImportNow("_snwscanf_s_l") - __imp__snwscanf_s = GengoLibrary.ImportNow("_snwscanf_s") - __imp__itow_s = GengoLibrary.ImportNow("_itow_s") - __imp__itow = GengoLibrary.ImportNow("_itow") - __imp__ltow_s = GengoLibrary.ImportNow("_ltow_s") - __imp__ltow = GengoLibrary.ImportNow("_ltow") - __imp__ultow_s = GengoLibrary.ImportNow("_ultow_s") - __imp__ultow = GengoLibrary.ImportNow("_ultow") - __imp_wcstod = GengoLibrary.ImportNow("wcstod") - __imp__wcstod_l = GengoLibrary.ImportNow("_wcstod_l") - __imp_wcstol = GengoLibrary.ImportNow("wcstol") - __imp__wcstol_l = GengoLibrary.ImportNow("_wcstol_l") - __imp_wcstoll = GengoLibrary.ImportNow("wcstoll") - __imp__wcstoll_l = GengoLibrary.ImportNow("_wcstoll_l") - __imp_wcstoul = GengoLibrary.ImportNow("wcstoul") - __imp__wcstoul_l = GengoLibrary.ImportNow("_wcstoul_l") - __imp_wcstoull = GengoLibrary.ImportNow("wcstoull") - __imp__wcstoull_l = GengoLibrary.ImportNow("_wcstoull_l") - __imp_wcstold = GengoLibrary.ImportNow("wcstold") - __imp__wcstold_l = GengoLibrary.ImportNow("_wcstold_l") - __imp_wcstof = GengoLibrary.ImportNow("wcstof") - __imp__wcstof_l = GengoLibrary.ImportNow("_wcstof_l") - __imp__wtof = GengoLibrary.ImportNow("_wtof") - __imp__wtof_l = GengoLibrary.ImportNow("_wtof_l") - __imp__wtoi = GengoLibrary.ImportNow("_wtoi") - __imp__wtoi_l = GengoLibrary.ImportNow("_wtoi_l") - __imp__wtol = GengoLibrary.ImportNow("_wtol") - __imp__wtol_l = GengoLibrary.ImportNow("_wtol_l") - __imp__wtoll = GengoLibrary.ImportNow("_wtoll") - __imp__wtoll_l = GengoLibrary.ImportNow("_wtoll_l") - __imp__i64tow_s = GengoLibrary.ImportNow("_i64tow_s") - __imp__i64tow = GengoLibrary.ImportNow("_i64tow") - __imp__ui64tow_s = GengoLibrary.ImportNow("_ui64tow_s") - __imp__ui64tow = GengoLibrary.ImportNow("_ui64tow") - __imp__wtoi64 = GengoLibrary.ImportNow("_wtoi64") - __imp__wtoi64_l = GengoLibrary.ImportNow("_wtoi64_l") - __imp__wcstoi64 = GengoLibrary.ImportNow("_wcstoi64") - __imp__wcstoi64_l = GengoLibrary.ImportNow("_wcstoi64_l") - __imp__wcstoui64 = GengoLibrary.ImportNow("_wcstoui64") - __imp__wcstoui64_l = GengoLibrary.ImportNow("_wcstoui64_l") - __imp__wfullpath = GengoLibrary.ImportNow("_wfullpath") - __imp__wmakepath_s = GengoLibrary.ImportNow("_wmakepath_s") - __imp__wmakepath = GengoLibrary.ImportNow("_wmakepath") - __imp__wperror = GengoLibrary.ImportNow("_wperror") - __imp__wsplitpath = GengoLibrary.ImportNow("_wsplitpath") - __imp__wsplitpath_s = GengoLibrary.ImportNow("_wsplitpath_s") - __imp__wdupenv_s = GengoLibrary.ImportNow("_wdupenv_s") - __imp__wgetenv = GengoLibrary.ImportNow("_wgetenv") - __imp__wgetenv_s = GengoLibrary.ImportNow("_wgetenv_s") - __imp__wputenv = GengoLibrary.ImportNow("_wputenv") - __imp__wputenv_s = GengoLibrary.ImportNow("_wputenv_s") - __imp__wsearchenv_s = GengoLibrary.ImportNow("_wsearchenv_s") - __imp__wsearchenv = GengoLibrary.ImportNow("_wsearchenv") - __imp__wsystem = GengoLibrary.ImportNow("_wsystem") - __imp_wcscat_s = GengoLibrary.ImportNow("wcscat_s") - __imp_wcscpy_s = GengoLibrary.ImportNow("wcscpy_s") - __imp_wcsncat_s = GengoLibrary.ImportNow("wcsncat_s") - __imp_wcsncpy_s = GengoLibrary.ImportNow("wcsncpy_s") - __imp_wcstok_s = GengoLibrary.ImportNow("wcstok_s") - __imp__wcsdup = GengoLibrary.ImportNow("_wcsdup") - __imp_wcscat = GengoLibrary.ImportNow("wcscat") - __imp_wcscmp = GengoLibrary.ImportNow("wcscmp") - __imp_wcscmp = GengoLibrary.ImportNow("wcscmp") - __imp_wcscpy = GengoLibrary.ImportNow("wcscpy") - __imp_wcscspn = GengoLibrary.ImportNow("wcscspn") - __imp_wcslen = GengoLibrary.ImportNow("wcslen") - __imp_wcslen = GengoLibrary.ImportNow("wcslen") - __imp_wcsnlen = GengoLibrary.ImportNow("wcsnlen") - __imp_wcsnlen_s = GengoLibrary.ImportNow("wcsnlen_s") - __imp_wcsncat = GengoLibrary.ImportNow("wcsncat") - __imp_wcsncmp = GengoLibrary.ImportNow("wcsncmp") - __imp_wcsncmp = GengoLibrary.ImportNow("wcsncmp") - __imp_wcsncpy = GengoLibrary.ImportNow("wcsncpy") - __imp_wcspbrk = GengoLibrary.ImportNow("wcspbrk") - __imp_wcsspn = GengoLibrary.ImportNow("wcsspn") - __imp_wcstok = GengoLibrary.ImportNow("wcstok") - __imp__wcstok = GengoLibrary.ImportNow("_wcstok") - __imp__wcserror = GengoLibrary.ImportNow("_wcserror") - __imp__wcserror_s = GengoLibrary.ImportNow("_wcserror_s") - __imp___wcserror = GengoLibrary.ImportNow("__wcserror") - __imp___wcserror_s = GengoLibrary.ImportNow("__wcserror_s") - __imp__wcsicmp = GengoLibrary.ImportNow("_wcsicmp") - __imp__wcsicmp_l = GengoLibrary.ImportNow("_wcsicmp_l") - __imp__wcsnicmp = GengoLibrary.ImportNow("_wcsnicmp") - __imp__wcsnicmp_l = GengoLibrary.ImportNow("_wcsnicmp_l") - __imp__wcsnset_s = GengoLibrary.ImportNow("_wcsnset_s") - __imp__wcsnset = GengoLibrary.ImportNow("_wcsnset") - __imp__wcsrev = GengoLibrary.ImportNow("_wcsrev") - __imp__wcsset_s = GengoLibrary.ImportNow("_wcsset_s") - __imp__wcsset = GengoLibrary.ImportNow("_wcsset") - __imp__wcslwr_s = GengoLibrary.ImportNow("_wcslwr_s") - __imp__wcslwr = GengoLibrary.ImportNow("_wcslwr") - __imp__wcslwr_s_l = GengoLibrary.ImportNow("_wcslwr_s_l") - __imp__wcslwr_l = GengoLibrary.ImportNow("_wcslwr_l") - __imp__wcsupr_s = GengoLibrary.ImportNow("_wcsupr_s") - __imp__wcsupr = GengoLibrary.ImportNow("_wcsupr") - __imp__wcsupr_s_l = GengoLibrary.ImportNow("_wcsupr_s_l") - __imp__wcsupr_l = GengoLibrary.ImportNow("_wcsupr_l") - __imp_wcsxfrm = GengoLibrary.ImportNow("wcsxfrm") - __imp__wcsxfrm_l = GengoLibrary.ImportNow("_wcsxfrm_l") - __imp_wcscoll = GengoLibrary.ImportNow("wcscoll") - __imp__wcscoll_l = GengoLibrary.ImportNow("_wcscoll_l") - __imp__wcsicoll = GengoLibrary.ImportNow("_wcsicoll") - __imp__wcsicoll_l = GengoLibrary.ImportNow("_wcsicoll_l") - __imp__wcsncoll = GengoLibrary.ImportNow("_wcsncoll") - __imp__wcsncoll_l = GengoLibrary.ImportNow("_wcsncoll_l") - __imp__wcsnicoll = GengoLibrary.ImportNow("_wcsnicoll") - __imp__wcsnicoll_l = GengoLibrary.ImportNow("_wcsnicoll_l") - __imp_wcsdup = GengoLibrary.ImportNow("wcsdup") - __imp_wcsicmp = GengoLibrary.ImportNow("wcsicmp") - __imp_wcsnicmp = GengoLibrary.ImportNow("wcsnicmp") - __imp_wcsnset = GengoLibrary.ImportNow("wcsnset") - __imp_wcsrev = GengoLibrary.ImportNow("wcsrev") - __imp_wcsset = GengoLibrary.ImportNow("wcsset") - __imp_wcslwr = GengoLibrary.ImportNow("wcslwr") - __imp_wcsupr = GengoLibrary.ImportNow("wcsupr") - __imp_wcsicoll = GengoLibrary.ImportNow("wcsicoll") - __imp__wasctime = GengoLibrary.ImportNow("_wasctime") - __imp__wasctime_s = GengoLibrary.ImportNow("_wasctime_s") - __imp_wcsftime = GengoLibrary.ImportNow("wcsftime") - __imp__wcsftime_l = GengoLibrary.ImportNow("_wcsftime_l") - __imp__wctime32 = GengoLibrary.ImportNow("_wctime32") - __imp__wctime32_s = GengoLibrary.ImportNow("_wctime32_s") - __imp__wctime64 = GengoLibrary.ImportNow("_wctime64") - __imp__wctime64_s = GengoLibrary.ImportNow("_wctime64_s") - __imp__wstrdate_s = GengoLibrary.ImportNow("_wstrdate_s") - __imp__wstrdate = GengoLibrary.ImportNow("_wstrdate") - __imp__wstrtime_s = GengoLibrary.ImportNow("_wstrtime_s") - __imp__wstrtime = GengoLibrary.ImportNow("_wstrtime") - __imp__wctime = GengoLibrary.ImportNow("_wctime") - __imp__wctime_s = GengoLibrary.ImportNow("_wctime_s") - __imp__fstat32 = GengoLibrary.ImportNow("_fstat32") - __imp__fstat32i64 = GengoLibrary.ImportNow("_fstat32i64") - __imp__fstat64i32 = GengoLibrary.ImportNow("_fstat64i32") - __imp__fstat64 = GengoLibrary.ImportNow("_fstat64") - __imp__stat32 = GengoLibrary.ImportNow("_stat32") - __imp__stat32i64 = GengoLibrary.ImportNow("_stat32i64") - __imp__stat64i32 = GengoLibrary.ImportNow("_stat64i32") - __imp__stat64 = GengoLibrary.ImportNow("_stat64") - __imp__wstat32 = GengoLibrary.ImportNow("_wstat32") - __imp__wstat32i64 = GengoLibrary.ImportNow("_wstat32i64") - __imp__wstat64i32 = GengoLibrary.ImportNow("_wstat64i32") - __imp__wstat64 = GengoLibrary.ImportNow("_wstat64") - __imp_fstat = GengoLibrary.ImportNow("fstat") - __imp_stat = GengoLibrary.ImportNow("stat") - __imp__wsetlocale = GengoLibrary.ImportNow("_wsetlocale") - __imp__wcreate_locale = GengoLibrary.ImportNow("_wcreate_locale") - __imp_btowc = GengoLibrary.ImportNow("btowc") - __imp_mbrlen = GengoLibrary.ImportNow("mbrlen") - __imp_mbrtowc = GengoLibrary.ImportNow("mbrtowc") - __imp_mbsrtowcs_s = GengoLibrary.ImportNow("mbsrtowcs_s") - __imp_mbsrtowcs = GengoLibrary.ImportNow("mbsrtowcs") - __imp_wcrtomb_s = GengoLibrary.ImportNow("wcrtomb_s") - __imp_wcrtomb = GengoLibrary.ImportNow("wcrtomb") - __imp_wcsrtombs_s = GengoLibrary.ImportNow("wcsrtombs_s") - __imp_wcsrtombs = GengoLibrary.ImportNow("wcsrtombs") - __imp_wctob = GengoLibrary.ImportNow("wctob") - __imp_wmemcpy_s = GengoLibrary.ImportNow("wmemcpy_s") - __imp_wmemmove_s = GengoLibrary.ImportNow("wmemmove_s") - __imp_fwide = GengoLibrary.ImportNow("fwide") - __imp_mbsinit = GengoLibrary.ImportNow("mbsinit") - __imp_wmemchr = GengoLibrary.ImportNow("wmemchr") - __imp_wmemchr = GengoLibrary.ImportNow("wmemchr") - __imp_wmemcmp = GengoLibrary.ImportNow("wmemcmp") - __imp_wmemcmp = GengoLibrary.ImportNow("wmemcmp") - __imp_wmemcpy = GengoLibrary.ImportNow("wmemcpy") - __imp_wmemcpy = GengoLibrary.ImportNow("wmemcpy") - __imp_wmemmove = GengoLibrary.ImportNow("wmemmove") - __imp_wmemmove = GengoLibrary.ImportNow("wmemmove") - __imp_wmemset = GengoLibrary.ImportNow("wmemset") - gengort.Validate((*_CrtLocaleDataPublic)(nil), 0x10, 0x8, "_LocalePctype", 0x0, "_LocaleMbCurMax", 0x8, "_LocaleLcCodepage", 0xc) - gengort.Validate((*_CrtLocalePointers)(nil), 0x10, 0x8, "Locinfo", 0x0, "Mbcinfo", 0x8) - gengort.Validate((*MbstateT)(nil), 0x8, 0x4, "_Wchar", 0x0, "_Byte", 0x4, "_State", 0x6) - gengort.Validate((*_Wfinddata32T)(nil), 0x21c, 0x4, "Attrib", 0x0, "TimeCreate", 0x4, "TimeAccess", 0x8, "TimeWrite", 0xc, "Size", 0x10, "Name", 0x14) - gengort.Validate((*_Wfinddata32i64T)(nil), 0x220, 0x8, "Attrib", 0x0, "TimeCreate", 0x4, "TimeAccess", 0x8, "TimeWrite", 0xc, "Size", 0x10, "Name", 0x18) - gengort.Validate((*_Wfinddata64i32T)(nil), 0x230, 0x8, "Attrib", 0x0, "TimeCreate", 0x8, "TimeAccess", 0x10, "TimeWrite", 0x18, "Size", 0x20, "Name", 0x24) - gengort.Validate((*_Wfinddata64T)(nil), 0x230, 0x8, "Attrib", 0x0, "TimeCreate", 0x8, "TimeAccess", 0x10, "TimeWrite", 0x18, "Size", 0x20, "Name", 0x28) - gengort.Validate((*File)(nil), 0x8, 0x8, "_Placeholder", 0x0) - gengort.Validate((*Tm)(nil), 0x24, 0x4, "TmSec", 0x0, "TmMin", 0x4, "TmHour", 0x8, "TmMday", 0xc, "TmMon", 0x10, "TmYear", 0x14, "TmWday", 0x18, "TmYday", 0x1c, "TmIsdst", 0x20) - gengort.Validate((*_Stat32)(nil), 0x24, 0x4, "StDev", 0x0, "StIno", 0x4, "StMode", 0x6, "StNlink", 0x8, "StUid", 0xa, "StGid", 0xc, "StRdev", 0x10, "StSize", 0x14, "StAtime", 0x18, "StMtime", 0x1c, "StCtime", 0x20) - gengort.Validate((*_Stat32i64)(nil), 0x30, 0x8, "StDev", 0x0, "StIno", 0x4, "StMode", 0x6, "StNlink", 0x8, "StUid", 0xa, "StGid", 0xc, "StRdev", 0x10, "StSize", 0x18, "StAtime", 0x20, "StMtime", 0x24, "StCtime", 0x28) - gengort.Validate((*_Stat64i32)(nil), 0x30, 0x8, "StDev", 0x0, "StIno", 0x4, "StMode", 0x6, "StNlink", 0x8, "StUid", 0xa, "StGid", 0xc, "StRdev", 0x10, "StSize", 0x14, "StAtime", 0x18, "StMtime", 0x20, "StCtime", 0x28) - gengort.Validate((*_Stat64)(nil), 0x38, 0x8, "StDev", 0x0, "StIno", 0x4, "StMode", 0x6, "StNlink", 0x8, "StUid", 0xa, "StGid", 0xc, "StRdev", 0x10, "StSize", 0x18, "StAtime", 0x20, "StMtime", 0x28, "StCtime", 0x30) - gengort.Validate((*Stat)(nil), 0x30, 0x8, "StDev", 0x0, "StIno", 0x4, "StMode", 0x6, "StNlink", 0x8, "StUid", 0xa, "StGid", 0xc, "StRdev", 0x10, "StSize", 0x14, "StAtime", 0x18, "StMtime", 0x20, "StCtime", 0x28) - gengort.Validate((*GuestRegs)(nil), 0x80, 0x8, "Rax", 0x0, "Rcx", 0x8, "Rdx", 0x10, "Rbx", 0x18, "Rsp", 0x20, "Rbp", 0x28, "Rsi", 0x30, "Rdi", 0x38, "R8", 0x40, "R9", 0x48, "R10", 0x50, "R11", 0x58, "R12", 0x60, "R13", 0x68, "R14", 0x70, "R15", 0x78) - gengort.Validate((*GuestExtraRegisters)(nil), 0x20, 0x8, "Cs", 0x0, "Ds", 0x2, "Fs", 0x4, "Gs", 0x6, "Es", 0x8, "Ss", 0xa, "Rflags", 0x10, "Rip", 0x18) - gengort.Validate((*ScriptEngineVariablesList)(nil), 0x18, 0x8, "TempList", 0x0, "GlobalVariablesList", 0x8, "LocalVariablesList", 0x10) -} -func _VaStart( **byte) { gengort.CCall1(__imp___va_start.Addr(), gengort.MarshallSyscall()) } - -var __imp___va_start gengort.PreloadProc - -func _VaStart( *VaList) { gengort.CCall1(__imp___va_start.Addr(), gengort.MarshallSyscall()) } - -var __imp___security_init_cookie gengort.PreloadProc - -func _SecurityInitCookie() { gengort.CCall0(__imp___security_init_cookie.Addr()) } - -var __imp___security_check_cookie gengort.PreloadProc - -func _SecurityCheckCookie(_StackCookie uintptr) { - gengort.CCall1(__imp___security_check_cookie.Addr(), gengort.MarshallSyscall(_StackCookie)) -} - -var __imp___report_gsfailure gengort.PreloadProc - -func _ReportGsfailure(_StackCookie uintptr) { - gengort.CCall1(__imp___report_gsfailure.Addr(), gengort.MarshallSyscall(_StackCookie)) -} - -var __imp__invalid_parameter_noinfo gengort.PreloadProc - -func _InvalidParameterNoinfo() { gengort.CCall0(__imp__invalid_parameter_noinfo.Addr()) } - -var __imp__invalid_parameter_noinfo_noreturn gengort.PreloadProc - -func _InvalidParameterNoinfoNoreturn() { - gengort.CCall0(__imp__invalid_parameter_noinfo_noreturn.Addr()) -} - -var __imp__invoke_watson gengort.PreloadProc - -func _InvokeWatson(_Expression *WcharT, _FunctionName *WcharT, _FileName *WcharT, _LineNo uint32, _Reserved uintptr) { - gengort.CCall5(__imp__invoke_watson.Addr(), gengort.MarshallSyscall(_Expression), gengort.MarshallSyscall(_FunctionName), gengort.MarshallSyscall(_FileName), gengort.MarshallSyscall(_LineNo), gengort.MarshallSyscall(_Reserved)) -} - -var __imp__errno gengort.PreloadProc - -func _Errno() *int32 { - __res := gengort.CCall0(__imp__errno.Addr()) - return gengort.UnmarshallSyscall[*int32](__res) -} - -var __imp__set_errno gengort.PreloadProc - -func _SetErrno(_Value int32) ErrnoT { - __res := gengort.CCall1(__imp__set_errno.Addr(), gengort.MarshallSyscall(_Value)) - return gengort.UnmarshallSyscall[ErrnoT](__res) -} - -var __imp__get_errno gengort.PreloadProc - -func _GetErrno(_Value *int32) ErrnoT { - __res := gengort.CCall1(__imp__get_errno.Addr(), gengort.MarshallSyscall(_Value)) - return gengort.UnmarshallSyscall[ErrnoT](__res) -} - -var __imp___doserrno gengort.PreloadProc - -func _Doserrno() *uint64 { - __res := gengort.CCall0(__imp___doserrno.Addr()) - return gengort.UnmarshallSyscall[*uint64](__res) -} - -var __imp__set_doserrno gengort.PreloadProc - -func _SetDoserrno(_Value uint64) ErrnoT { - __res := gengort.CCall1(__imp__set_doserrno.Addr(), gengort.MarshallSyscall(_Value)) - return gengort.UnmarshallSyscall[ErrnoT](__res) -} - -var __imp__get_doserrno gengort.PreloadProc - -func _GetDoserrno(_Value *uint64) ErrnoT { - __res := gengort.CCall1(__imp__get_doserrno.Addr(), gengort.MarshallSyscall(_Value)) - return gengort.UnmarshallSyscall[ErrnoT](__res) -} - -var __imp_memchr gengort.PreloadProc - -func Memchr( unsafe.Pointer, int32, uint64) unsafe.Pointer { - __res := gengort.CCall3(__imp_memchr.Addr(), gengort.MarshallSyscall(), gengort.MarshallSyscall(), gengort.MarshallSyscall()) - return gengort.UnmarshallSyscall[unsafe.Pointer](__res) -} - -var __imp_memchr gengort.PreloadProc - -func Memchr(_Buf unsafe.Pointer, _Val int32, _MaxCount uint) unsafe.Pointer { - __res := gengort.CCall3(__imp_memchr.Addr(), gengort.MarshallSyscall(_Buf), gengort.MarshallSyscall(_Val), gengort.MarshallSyscall(_MaxCount)) - return gengort.UnmarshallSyscall[unsafe.Pointer](__res) -} - -var __imp_memcmp gengort.PreloadProc - -func Memcmp( unsafe.Pointer, unsafe.Pointer, uint64) int32 { - __res := gengort.CCall3(__imp_memcmp.Addr(), gengort.MarshallSyscall(), gengort.MarshallSyscall(), gengort.MarshallSyscall()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_memcmp gengort.PreloadProc - -func Memcmp(_Buf1 unsafe.Pointer, _Buf2 unsafe.Pointer, _Size uint) int32 { - __res := gengort.CCall3(__imp_memcmp.Addr(), gengort.MarshallSyscall(_Buf1), gengort.MarshallSyscall(_Buf2), gengort.MarshallSyscall(_Size)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_memcpy gengort.PreloadProc - -func Memcpy( unsafe.Pointer, unsafe.Pointer, uint64) unsafe.Pointer { - __res := gengort.CCall3(__imp_memcpy.Addr(), gengort.MarshallSyscall(), gengort.MarshallSyscall(), gengort.MarshallSyscall()) - return gengort.UnmarshallSyscall[unsafe.Pointer](__res) -} - -var __imp_memcpy gengort.PreloadProc - -func Memcpy(_Dst unsafe.Pointer, _Src unsafe.Pointer, _Size uint) unsafe.Pointer { - __res := gengort.CCall3(__imp_memcpy.Addr(), gengort.MarshallSyscall(_Dst), gengort.MarshallSyscall(_Src), gengort.MarshallSyscall(_Size)) - return gengort.UnmarshallSyscall[unsafe.Pointer](__res) -} - -var __imp_memmove gengort.PreloadProc - -func Memmove( unsafe.Pointer, unsafe.Pointer, uint64) unsafe.Pointer { - __res := gengort.CCall3(__imp_memmove.Addr(), gengort.MarshallSyscall(), gengort.MarshallSyscall(), gengort.MarshallSyscall()) - return gengort.UnmarshallSyscall[unsafe.Pointer](__res) -} - -var __imp_memmove gengort.PreloadProc - -func Memmove(_Dst unsafe.Pointer, _Src unsafe.Pointer, _Size uint) unsafe.Pointer { - __res := gengort.CCall3(__imp_memmove.Addr(), gengort.MarshallSyscall(_Dst), gengort.MarshallSyscall(_Src), gengort.MarshallSyscall(_Size)) - return gengort.UnmarshallSyscall[unsafe.Pointer](__res) -} - -var __imp_memset gengort.PreloadProc - -func Memset( unsafe.Pointer, int32, uint64) unsafe.Pointer { - __res := gengort.CCall3(__imp_memset.Addr(), gengort.MarshallSyscall(), gengort.MarshallSyscall(), gengort.MarshallSyscall()) - return gengort.UnmarshallSyscall[unsafe.Pointer](__res) -} - -var __imp_memset gengort.PreloadProc - -func Memset(_Dst unsafe.Pointer, _Val int32, _Size uint) unsafe.Pointer { - __res := gengort.CCall3(__imp_memset.Addr(), gengort.MarshallSyscall(_Dst), gengort.MarshallSyscall(_Val), gengort.MarshallSyscall(_Size)) - return gengort.UnmarshallSyscall[unsafe.Pointer](__res) -} - -var __imp_strchr gengort.PreloadProc - -func Strchr( *byte, int32) *byte { - __res := gengort.CCall2(__imp_strchr.Addr(), gengort.MarshallSyscall(), gengort.MarshallSyscall()) - return gengort.UnmarshallSyscall[*byte](__res) -} - -var __imp_strchr gengort.PreloadProc - -func Strchr(_Str *byte, _Val int32) *byte { - __res := gengort.CCall2(__imp_strchr.Addr(), gengort.MarshallSyscall(_Str), gengort.MarshallSyscall(_Val)) - return gengort.UnmarshallSyscall[*byte](__res) -} - -var __imp_strrchr gengort.PreloadProc - -func Strrchr( *byte, int32) *byte { - __res := gengort.CCall2(__imp_strrchr.Addr(), gengort.MarshallSyscall(), gengort.MarshallSyscall()) - return gengort.UnmarshallSyscall[*byte](__res) -} - -var __imp_strrchr gengort.PreloadProc - -func Strrchr(_Str *byte, _Ch int32) *byte { - __res := gengort.CCall2(__imp_strrchr.Addr(), gengort.MarshallSyscall(_Str), gengort.MarshallSyscall(_Ch)) - return gengort.UnmarshallSyscall[*byte](__res) -} - -var __imp_strstr gengort.PreloadProc - -func Strstr( *byte, *byte) *byte { - __res := gengort.CCall2(__imp_strstr.Addr(), gengort.MarshallSyscall(), gengort.MarshallSyscall()) - return gengort.UnmarshallSyscall[*byte](__res) -} - -var __imp_strstr gengort.PreloadProc - -func Strstr(_Str *byte, _SubStr *byte) *byte { - __res := gengort.CCall2(__imp_strstr.Addr(), gengort.MarshallSyscall(_Str), gengort.MarshallSyscall(_SubStr)) - return gengort.UnmarshallSyscall[*byte](__res) -} - -var __imp_wcschr gengort.PreloadProc - -func Wcschr( *uint16, uint16) *uint16 { - __res := gengort.CCall2(__imp_wcschr.Addr(), gengort.MarshallSyscall(), gengort.MarshallSyscall()) - return gengort.UnmarshallSyscall[*uint16](__res) -} - -var __imp_wcschr gengort.PreloadProc - -func Wcschr(_Str *WcharT, _Ch WcharT) *uint16 { - __res := gengort.CCall2(__imp_wcschr.Addr(), gengort.MarshallSyscall(_Str), gengort.MarshallSyscall(_Ch)) - return gengort.UnmarshallSyscall[*uint16](__res) -} - -var __imp_wcsrchr gengort.PreloadProc - -func Wcsrchr(_Str *WcharT, _Ch WcharT) *WcharT { - __res := gengort.CCall2(__imp_wcsrchr.Addr(), gengort.MarshallSyscall(_Str), gengort.MarshallSyscall(_Ch)) - return gengort.UnmarshallSyscall[*WcharT](__res) -} - -var __imp_wcsstr gengort.PreloadProc - -func Wcsstr(_Str *WcharT, _SubStr *WcharT) *WcharT { - __res := gengort.CCall2(__imp_wcsstr.Addr(), gengort.MarshallSyscall(_Str), gengort.MarshallSyscall(_SubStr)) - return gengort.UnmarshallSyscall[*WcharT](__res) -} - -var __imp_memcpy_s gengort.PreloadProc - -func MemcpyS(_Destination any, _DestinationSize RsizeT, _Source any, _SourceSize RsizeT) ErrnoT { - __res := gengort.CCall4(__imp_memcpy_s.Addr(), gengort.MarshallSyscall(_Destination), gengort.MarshallSyscall(_DestinationSize), gengort.MarshallSyscall(_Source), gengort.MarshallSyscall(_SourceSize)) - return gengort.UnmarshallSyscall[ErrnoT](__res) -} - -var __imp_memmove_s gengort.PreloadProc - -func MemmoveS(_Destination any, _DestinationSize RsizeT, _Source any, _SourceSize RsizeT) ErrnoT { - __res := gengort.CCall4(__imp_memmove_s.Addr(), gengort.MarshallSyscall(_Destination), gengort.MarshallSyscall(_DestinationSize), gengort.MarshallSyscall(_Source), gengort.MarshallSyscall(_SourceSize)) - return gengort.UnmarshallSyscall[ErrnoT](__res) -} - -var __imp___local_stdio_printf_options gengort.PreloadProc - -func _LocalStdioPrintfOptions() *uint64 { - __res := gengort.CCall0(__imp___local_stdio_printf_options.Addr()) - return gengort.UnmarshallSyscall[*uint64](__res) -} - -var __imp___local_stdio_scanf_options gengort.PreloadProc - -func _LocalStdioScanfOptions() *uint64 { - __res := gengort.CCall0(__imp___local_stdio_scanf_options.Addr()) - return gengort.UnmarshallSyscall[*uint64](__res) -} - -var __imp__cgetws_s gengort.PreloadProc - -func _CgetwsS(_Buffer *WcharT, _BufferCount uint, _SizeRead *uint) ErrnoT { - __res := gengort.CCall3(__imp__cgetws_s.Addr(), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_BufferCount), gengort.MarshallSyscall(_SizeRead)) - return gengort.UnmarshallSyscall[ErrnoT](__res) -} - -var __imp__cputws gengort.PreloadProc - -func _Cputws(_Buffer *WcharT) int32 { - __res := gengort.CCall1(__imp__cputws.Addr(), gengort.MarshallSyscall(_Buffer)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__getwch gengort.PreloadProc - -func _Getwch() WintT { - __res := gengort.CCall0(__imp__getwch.Addr()) - return gengort.UnmarshallSyscall[WintT](__res) -} - -var __imp__getwche gengort.PreloadProc - -func _Getwche() WintT { - __res := gengort.CCall0(__imp__getwche.Addr()) - return gengort.UnmarshallSyscall[WintT](__res) -} - -var __imp__putwch gengort.PreloadProc - -func _Putwch(_Character WcharT) WintT { - __res := gengort.CCall1(__imp__putwch.Addr(), gengort.MarshallSyscall(_Character)) - return gengort.UnmarshallSyscall[WintT](__res) -} - -var __imp__ungetwch gengort.PreloadProc - -func _Ungetwch(_Character WintT) WintT { - __res := gengort.CCall1(__imp__ungetwch.Addr(), gengort.MarshallSyscall(_Character)) - return gengort.UnmarshallSyscall[WintT](__res) -} - -var __imp__getwch_nolock gengort.PreloadProc - -func _GetwchNolock() WintT { - __res := gengort.CCall0(__imp__getwch_nolock.Addr()) - return gengort.UnmarshallSyscall[WintT](__res) -} - -var __imp__getwche_nolock gengort.PreloadProc - -func _GetwcheNolock() WintT { - __res := gengort.CCall0(__imp__getwche_nolock.Addr()) - return gengort.UnmarshallSyscall[WintT](__res) -} - -var __imp__putwch_nolock gengort.PreloadProc - -func _PutwchNolock(_Character WcharT) WintT { - __res := gengort.CCall1(__imp__putwch_nolock.Addr(), gengort.MarshallSyscall(_Character)) - return gengort.UnmarshallSyscall[WintT](__res) -} - -var __imp__ungetwch_nolock gengort.PreloadProc - -func _UngetwchNolock(_Character WintT) WintT { - __res := gengort.CCall1(__imp__ungetwch_nolock.Addr(), gengort.MarshallSyscall(_Character)) - return gengort.UnmarshallSyscall[WintT](__res) -} - -var __imp___conio_common_vcwprintf gengort.PreloadProc - -func _ConioCommonVcwprintf(_Options uint64, _Format *WcharT, _Locale _LocaleT, _ArgList VaList) int32 { - __res := gengort.CCall4(__imp___conio_common_vcwprintf.Addr(), gengort.MarshallSyscall(_Options), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_Locale), gengort.MarshallSyscall(_ArgList)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp___conio_common_vcwprintf_s gengort.PreloadProc - -func _ConioCommonVcwprintfS(_Options uint64, _Format *WcharT, _Locale _LocaleT, _ArgList VaList) int32 { - __res := gengort.CCall4(__imp___conio_common_vcwprintf_s.Addr(), gengort.MarshallSyscall(_Options), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_Locale), gengort.MarshallSyscall(_ArgList)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp___conio_common_vcwprintf_p gengort.PreloadProc - -func _ConioCommonVcwprintfP(_Options uint64, _Format *WcharT, _Locale _LocaleT, _ArgList VaList) int32 { - __res := gengort.CCall4(__imp___conio_common_vcwprintf_p.Addr(), gengort.MarshallSyscall(_Options), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_Locale), gengort.MarshallSyscall(_ArgList)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__vcwprintf_l gengort.PreloadProc - -func _VcwprintfL(_Format any, _Locale _LocaleT, _ArgList VaList) int32 { - __res := gengort.CCall3(__imp__vcwprintf_l.Addr(), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_Locale), gengort.MarshallSyscall(_ArgList)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__vcwprintf gengort.PreloadProc - -func _Vcwprintf(_Format any, _ArgList VaList) int32 { - __res := gengort.CCall2(__imp__vcwprintf.Addr(), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_ArgList)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__vcwprintf_s_l gengort.PreloadProc - -func _VcwprintfSL(_Format any, _Locale _LocaleT, _ArgList VaList) int32 { - __res := gengort.CCall3(__imp__vcwprintf_s_l.Addr(), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_Locale), gengort.MarshallSyscall(_ArgList)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__vcwprintf_s gengort.PreloadProc - -func _VcwprintfS(_Format any, _ArgList VaList) int32 { - __res := gengort.CCall2(__imp__vcwprintf_s.Addr(), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_ArgList)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__vcwprintf_p_l gengort.PreloadProc - -func _VcwprintfPL(_Format any, _Locale _LocaleT, _ArgList VaList) int32 { - __res := gengort.CCall3(__imp__vcwprintf_p_l.Addr(), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_Locale), gengort.MarshallSyscall(_ArgList)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__vcwprintf_p gengort.PreloadProc - -func _VcwprintfP(_Format any, _ArgList VaList) int32 { - __res := gengort.CCall2(__imp__vcwprintf_p.Addr(), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_ArgList)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__cwprintf_l gengort.PreloadProc - -func _CwprintfL(_Format any, _Locale _LocaleT) int32 { - __res := gengort.CCall2(__imp__cwprintf_l.Addr(), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_Locale)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__cwprintf gengort.PreloadProc - -func _Cwprintf(_Format any) int32 { - __res := gengort.CCall1(__imp__cwprintf.Addr(), gengort.MarshallSyscall(_Format)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__cwprintf_s_l gengort.PreloadProc - -func _CwprintfSL(_Format any, _Locale _LocaleT) int32 { - __res := gengort.CCall2(__imp__cwprintf_s_l.Addr(), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_Locale)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__cwprintf_s gengort.PreloadProc - -func _CwprintfS(_Format any) int32 { - __res := gengort.CCall1(__imp__cwprintf_s.Addr(), gengort.MarshallSyscall(_Format)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__cwprintf_p_l gengort.PreloadProc - -func _CwprintfPL(_Format any, _Locale _LocaleT) int32 { - __res := gengort.CCall2(__imp__cwprintf_p_l.Addr(), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_Locale)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__cwprintf_p gengort.PreloadProc - -func _CwprintfP(_Format any) int32 { - __res := gengort.CCall1(__imp__cwprintf_p.Addr(), gengort.MarshallSyscall(_Format)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp___conio_common_vcwscanf gengort.PreloadProc - -func _ConioCommonVcwscanf(_Options uint64, _Format *WcharT, _Locale _LocaleT, _ArgList VaList) int32 { - __res := gengort.CCall4(__imp___conio_common_vcwscanf.Addr(), gengort.MarshallSyscall(_Options), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_Locale), gengort.MarshallSyscall(_ArgList)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__vcwscanf_l gengort.PreloadProc - -func _VcwscanfL(_Format any, _Locale _LocaleT, _ArgList VaList) int32 { - __res := gengort.CCall3(__imp__vcwscanf_l.Addr(), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_Locale), gengort.MarshallSyscall(_ArgList)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__vcwscanf gengort.PreloadProc - -func _Vcwscanf(_Format any, _ArgList VaList) int32 { - __res := gengort.CCall2(__imp__vcwscanf.Addr(), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_ArgList)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__vcwscanf_s_l gengort.PreloadProc - -func _VcwscanfSL(_Format any, _Locale _LocaleT, _ArgList VaList) int32 { - __res := gengort.CCall3(__imp__vcwscanf_s_l.Addr(), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_Locale), gengort.MarshallSyscall(_ArgList)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__vcwscanf_s gengort.PreloadProc - -func _VcwscanfS(_Format any, _ArgList VaList) int32 { - __res := gengort.CCall2(__imp__vcwscanf_s.Addr(), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_ArgList)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__cwscanf_l gengort.PreloadProc - -func _CwscanfL(_Format any, _Locale _LocaleT) int32 { - __res := gengort.CCall2(__imp__cwscanf_l.Addr(), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_Locale)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__cwscanf gengort.PreloadProc - -func _Cwscanf(_Format any) int32 { - __res := gengort.CCall1(__imp__cwscanf.Addr(), gengort.MarshallSyscall(_Format)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__cwscanf_s_l gengort.PreloadProc - -func _CwscanfSL(_Format any, _Locale _LocaleT) int32 { - __res := gengort.CCall2(__imp__cwscanf_s_l.Addr(), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_Locale)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__cwscanf_s gengort.PreloadProc - -func _CwscanfS(_Format any) int32 { - __res := gengort.CCall1(__imp__cwscanf_s.Addr(), gengort.MarshallSyscall(_Format)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp___pctype_func gengort.PreloadProc - -func _PctypeFunc() *uint16 { - __res := gengort.CCall0(__imp___pctype_func.Addr()) - return gengort.UnmarshallSyscall[*uint16](__res) -} - -var __imp___pwctype_func gengort.PreloadProc - -func _PwctypeFunc() *WctypeT { - __res := gengort.CCall0(__imp___pwctype_func.Addr()) - return gengort.UnmarshallSyscall[*WctypeT](__res) -} - -var __imp_iswalnum gengort.PreloadProc - -func Iswalnum(_C WintT) int32 { - __res := gengort.CCall1(__imp_iswalnum.Addr(), gengort.MarshallSyscall(_C)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_iswalpha gengort.PreloadProc - -func Iswalpha(_C WintT) int32 { - __res := gengort.CCall1(__imp_iswalpha.Addr(), gengort.MarshallSyscall(_C)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_iswascii gengort.PreloadProc - -func Iswascii(_C WintT) int32 { - __res := gengort.CCall1(__imp_iswascii.Addr(), gengort.MarshallSyscall(_C)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_iswblank gengort.PreloadProc - -func Iswblank(_C WintT) int32 { - __res := gengort.CCall1(__imp_iswblank.Addr(), gengort.MarshallSyscall(_C)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_iswcntrl gengort.PreloadProc - -func Iswcntrl(_C WintT) int32 { - __res := gengort.CCall1(__imp_iswcntrl.Addr(), gengort.MarshallSyscall(_C)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_iswdigit gengort.PreloadProc - -func Iswdigit(_C WintT) int32 { - __res := gengort.CCall1(__imp_iswdigit.Addr(), gengort.MarshallSyscall(_C)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_iswgraph gengort.PreloadProc - -func Iswgraph(_C WintT) int32 { - __res := gengort.CCall1(__imp_iswgraph.Addr(), gengort.MarshallSyscall(_C)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_iswlower gengort.PreloadProc - -func Iswlower(_C WintT) int32 { - __res := gengort.CCall1(__imp_iswlower.Addr(), gengort.MarshallSyscall(_C)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_iswprint gengort.PreloadProc - -func Iswprint(_C WintT) int32 { - __res := gengort.CCall1(__imp_iswprint.Addr(), gengort.MarshallSyscall(_C)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_iswpunct gengort.PreloadProc - -func Iswpunct(_C WintT) int32 { - __res := gengort.CCall1(__imp_iswpunct.Addr(), gengort.MarshallSyscall(_C)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_iswspace gengort.PreloadProc - -func Iswspace(_C WintT) int32 { - __res := gengort.CCall1(__imp_iswspace.Addr(), gengort.MarshallSyscall(_C)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_iswupper gengort.PreloadProc - -func Iswupper(_C WintT) int32 { - __res := gengort.CCall1(__imp_iswupper.Addr(), gengort.MarshallSyscall(_C)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_iswxdigit gengort.PreloadProc - -func Iswxdigit(_C WintT) int32 { - __res := gengort.CCall1(__imp_iswxdigit.Addr(), gengort.MarshallSyscall(_C)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp___iswcsymf gengort.PreloadProc - -func _Iswcsymf(_C WintT) int32 { - __res := gengort.CCall1(__imp___iswcsymf.Addr(), gengort.MarshallSyscall(_C)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp___iswcsym gengort.PreloadProc - -func _Iswcsym(_C WintT) int32 { - __res := gengort.CCall1(__imp___iswcsym.Addr(), gengort.MarshallSyscall(_C)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__iswalnum_l gengort.PreloadProc - -func _IswalnumL(_C WintT, _Locale _LocaleT) int32 { - __res := gengort.CCall2(__imp__iswalnum_l.Addr(), gengort.MarshallSyscall(_C), gengort.MarshallSyscall(_Locale)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__iswalpha_l gengort.PreloadProc - -func _IswalphaL(_C WintT, _Locale _LocaleT) int32 { - __res := gengort.CCall2(__imp__iswalpha_l.Addr(), gengort.MarshallSyscall(_C), gengort.MarshallSyscall(_Locale)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__iswblank_l gengort.PreloadProc - -func _IswblankL(_C WintT, _Locale _LocaleT) int32 { - __res := gengort.CCall2(__imp__iswblank_l.Addr(), gengort.MarshallSyscall(_C), gengort.MarshallSyscall(_Locale)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__iswcntrl_l gengort.PreloadProc - -func _IswcntrlL(_C WintT, _Locale _LocaleT) int32 { - __res := gengort.CCall2(__imp__iswcntrl_l.Addr(), gengort.MarshallSyscall(_C), gengort.MarshallSyscall(_Locale)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__iswdigit_l gengort.PreloadProc - -func _IswdigitL(_C WintT, _Locale _LocaleT) int32 { - __res := gengort.CCall2(__imp__iswdigit_l.Addr(), gengort.MarshallSyscall(_C), gengort.MarshallSyscall(_Locale)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__iswgraph_l gengort.PreloadProc - -func _IswgraphL(_C WintT, _Locale _LocaleT) int32 { - __res := gengort.CCall2(__imp__iswgraph_l.Addr(), gengort.MarshallSyscall(_C), gengort.MarshallSyscall(_Locale)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__iswlower_l gengort.PreloadProc - -func _IswlowerL(_C WintT, _Locale _LocaleT) int32 { - __res := gengort.CCall2(__imp__iswlower_l.Addr(), gengort.MarshallSyscall(_C), gengort.MarshallSyscall(_Locale)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__iswprint_l gengort.PreloadProc - -func _IswprintL(_C WintT, _Locale _LocaleT) int32 { - __res := gengort.CCall2(__imp__iswprint_l.Addr(), gengort.MarshallSyscall(_C), gengort.MarshallSyscall(_Locale)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__iswpunct_l gengort.PreloadProc - -func _IswpunctL(_C WintT, _Locale _LocaleT) int32 { - __res := gengort.CCall2(__imp__iswpunct_l.Addr(), gengort.MarshallSyscall(_C), gengort.MarshallSyscall(_Locale)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__iswspace_l gengort.PreloadProc - -func _IswspaceL(_C WintT, _Locale _LocaleT) int32 { - __res := gengort.CCall2(__imp__iswspace_l.Addr(), gengort.MarshallSyscall(_C), gengort.MarshallSyscall(_Locale)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__iswupper_l gengort.PreloadProc - -func _IswupperL(_C WintT, _Locale _LocaleT) int32 { - __res := gengort.CCall2(__imp__iswupper_l.Addr(), gengort.MarshallSyscall(_C), gengort.MarshallSyscall(_Locale)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__iswxdigit_l gengort.PreloadProc - -func _IswxdigitL(_C WintT, _Locale _LocaleT) int32 { - __res := gengort.CCall2(__imp__iswxdigit_l.Addr(), gengort.MarshallSyscall(_C), gengort.MarshallSyscall(_Locale)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__iswcsymf_l gengort.PreloadProc - -func _IswcsymfL(_C WintT, _Locale _LocaleT) int32 { - __res := gengort.CCall2(__imp__iswcsymf_l.Addr(), gengort.MarshallSyscall(_C), gengort.MarshallSyscall(_Locale)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__iswcsym_l gengort.PreloadProc - -func _IswcsymL(_C WintT, _Locale _LocaleT) int32 { - __res := gengort.CCall2(__imp__iswcsym_l.Addr(), gengort.MarshallSyscall(_C), gengort.MarshallSyscall(_Locale)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_towupper gengort.PreloadProc - -func Towupper(_C WintT) WintT { - __res := gengort.CCall1(__imp_towupper.Addr(), gengort.MarshallSyscall(_C)) - return gengort.UnmarshallSyscall[WintT](__res) -} - -var __imp_towlower gengort.PreloadProc - -func Towlower(_C WintT) WintT { - __res := gengort.CCall1(__imp_towlower.Addr(), gengort.MarshallSyscall(_C)) - return gengort.UnmarshallSyscall[WintT](__res) -} - -var __imp_iswctype gengort.PreloadProc - -func Iswctype(_C WintT, _Type WctypeT) int32 { - __res := gengort.CCall2(__imp_iswctype.Addr(), gengort.MarshallSyscall(_C), gengort.MarshallSyscall(_Type)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__towupper_l gengort.PreloadProc - -func _TowupperL(_C WintT, _Locale _LocaleT) WintT { - __res := gengort.CCall2(__imp__towupper_l.Addr(), gengort.MarshallSyscall(_C), gengort.MarshallSyscall(_Locale)) - return gengort.UnmarshallSyscall[WintT](__res) -} - -var __imp__towlower_l gengort.PreloadProc - -func _TowlowerL(_C WintT, _Locale _LocaleT) WintT { - __res := gengort.CCall2(__imp__towlower_l.Addr(), gengort.MarshallSyscall(_C), gengort.MarshallSyscall(_Locale)) - return gengort.UnmarshallSyscall[WintT](__res) -} - -var __imp__iswctype_l gengort.PreloadProc - -func _IswctypeL(_C WintT, _Type WctypeT, _Locale _LocaleT) int32 { - __res := gengort.CCall3(__imp__iswctype_l.Addr(), gengort.MarshallSyscall(_C), gengort.MarshallSyscall(_Type), gengort.MarshallSyscall(_Locale)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_isleadbyte gengort.PreloadProc - -func Isleadbyte(_C int32) int32 { - __res := gengort.CCall1(__imp_isleadbyte.Addr(), gengort.MarshallSyscall(_C)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__isleadbyte_l gengort.PreloadProc - -func _IsleadbyteL(_C int32, _Locale _LocaleT) int32 { - __res := gengort.CCall2(__imp__isleadbyte_l.Addr(), gengort.MarshallSyscall(_C), gengort.MarshallSyscall(_Locale)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_is_wctype gengort.PreloadProc - -func IsWctype(_C WintT, _Type WctypeT) int32 { - __res := gengort.CCall2(__imp_is_wctype.Addr(), gengort.MarshallSyscall(_C), gengort.MarshallSyscall(_Type)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__wgetcwd gengort.PreloadProc - -func _Wgetcwd(_DstBuf *WcharT, _SizeInWords int32) *WcharT { - __res := gengort.CCall2(__imp__wgetcwd.Addr(), gengort.MarshallSyscall(_DstBuf), gengort.MarshallSyscall(_SizeInWords)) - return gengort.UnmarshallSyscall[*WcharT](__res) -} - -var __imp__wgetdcwd gengort.PreloadProc - -func _Wgetdcwd(_Drive int32, _DstBuf *WcharT, _SizeInWords int32) *WcharT { - __res := gengort.CCall3(__imp__wgetdcwd.Addr(), gengort.MarshallSyscall(_Drive), gengort.MarshallSyscall(_DstBuf), gengort.MarshallSyscall(_SizeInWords)) - return gengort.UnmarshallSyscall[*WcharT](__res) -} - -var __imp__wchdir gengort.PreloadProc - -func _Wchdir(_Path *WcharT) int32 { - __res := gengort.CCall1(__imp__wchdir.Addr(), gengort.MarshallSyscall(_Path)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__wmkdir gengort.PreloadProc - -func _Wmkdir(_Path *WcharT) int32 { - __res := gengort.CCall1(__imp__wmkdir.Addr(), gengort.MarshallSyscall(_Path)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__wrmdir gengort.PreloadProc - -func _Wrmdir(_Path *WcharT) int32 { - __res := gengort.CCall1(__imp__wrmdir.Addr(), gengort.MarshallSyscall(_Path)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__waccess gengort.PreloadProc - -func _Waccess(_FileName *WcharT, _AccessMode int32) int32 { - __res := gengort.CCall2(__imp__waccess.Addr(), gengort.MarshallSyscall(_FileName), gengort.MarshallSyscall(_AccessMode)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__waccess_s gengort.PreloadProc - -func _WaccessS(_FileName *WcharT, _AccessMode int32) ErrnoT { - __res := gengort.CCall2(__imp__waccess_s.Addr(), gengort.MarshallSyscall(_FileName), gengort.MarshallSyscall(_AccessMode)) - return gengort.UnmarshallSyscall[ErrnoT](__res) -} - -var __imp__wchmod gengort.PreloadProc - -func _Wchmod(_FileName *WcharT, _Mode int32) int32 { - __res := gengort.CCall2(__imp__wchmod.Addr(), gengort.MarshallSyscall(_FileName), gengort.MarshallSyscall(_Mode)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__wcreat gengort.PreloadProc - -func _Wcreat(_FileName *WcharT, _PermissionMode int32) int32 { - __res := gengort.CCall2(__imp__wcreat.Addr(), gengort.MarshallSyscall(_FileName), gengort.MarshallSyscall(_PermissionMode)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__wfindfirst32 gengort.PreloadProc - -func _Wfindfirst32(_FileName *WcharT, _FindData *_Wfinddata32T) int { - __res := gengort.CCall2(__imp__wfindfirst32.Addr(), gengort.MarshallSyscall(_FileName), gengort.MarshallSyscall(_FindData)) - return gengort.UnmarshallSyscall[int](__res) -} - -var __imp__wfindnext32 gengort.PreloadProc - -func _Wfindnext32(_FindHandle int, _FindData *_Wfinddata32T) int32 { - __res := gengort.CCall2(__imp__wfindnext32.Addr(), gengort.MarshallSyscall(_FindHandle), gengort.MarshallSyscall(_FindData)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__wunlink gengort.PreloadProc - -func _Wunlink(_FileName *WcharT) int32 { - __res := gengort.CCall1(__imp__wunlink.Addr(), gengort.MarshallSyscall(_FileName)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__wrename gengort.PreloadProc - -func _Wrename(_OldFileName *WcharT, _NewFileName *WcharT) int32 { - __res := gengort.CCall2(__imp__wrename.Addr(), gengort.MarshallSyscall(_OldFileName), gengort.MarshallSyscall(_NewFileName)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__wmktemp_s gengort.PreloadProc - -func _WmktempS(_TemplateName *WcharT, _SizeInWords uint) ErrnoT { - __res := gengort.CCall2(__imp__wmktemp_s.Addr(), gengort.MarshallSyscall(_TemplateName), gengort.MarshallSyscall(_SizeInWords)) - return gengort.UnmarshallSyscall[ErrnoT](__res) -} - -var __imp__wmktemp gengort.PreloadProc - -func _Wmktemp(_TemplateName *WcharT) *WcharT { - __res := gengort.CCall1(__imp__wmktemp.Addr(), gengort.MarshallSyscall(_TemplateName)) - return gengort.UnmarshallSyscall[*WcharT](__res) -} - -var __imp__wfindfirst32i64 gengort.PreloadProc - -func _Wfindfirst32i64(_FileName *WcharT, _FindData *_Wfinddata32i64T) int { - __res := gengort.CCall2(__imp__wfindfirst32i64.Addr(), gengort.MarshallSyscall(_FileName), gengort.MarshallSyscall(_FindData)) - return gengort.UnmarshallSyscall[int](__res) -} - -var __imp__wfindfirst64i32 gengort.PreloadProc - -func _Wfindfirst64i32(_FileName *WcharT, _FindData *_Wfinddata64i32T) int { - __res := gengort.CCall2(__imp__wfindfirst64i32.Addr(), gengort.MarshallSyscall(_FileName), gengort.MarshallSyscall(_FindData)) - return gengort.UnmarshallSyscall[int](__res) -} - -var __imp__wfindfirst64 gengort.PreloadProc - -func _Wfindfirst64(_FileName *WcharT, _FindData *_Wfinddata64T) int { - __res := gengort.CCall2(__imp__wfindfirst64.Addr(), gengort.MarshallSyscall(_FileName), gengort.MarshallSyscall(_FindData)) - return gengort.UnmarshallSyscall[int](__res) -} - -var __imp__wfindnext32i64 gengort.PreloadProc - -func _Wfindnext32i64(_FindHandle int, _FindData *_Wfinddata32i64T) int32 { - __res := gengort.CCall2(__imp__wfindnext32i64.Addr(), gengort.MarshallSyscall(_FindHandle), gengort.MarshallSyscall(_FindData)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__wfindnext64i32 gengort.PreloadProc - -func _Wfindnext64i32(_FindHandle int, _FindData *_Wfinddata64i32T) int32 { - __res := gengort.CCall2(__imp__wfindnext64i32.Addr(), gengort.MarshallSyscall(_FindHandle), gengort.MarshallSyscall(_FindData)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__wfindnext64 gengort.PreloadProc - -func _Wfindnext64(_FindHandle int, _FindData *_Wfinddata64T) int32 { - __res := gengort.CCall2(__imp__wfindnext64.Addr(), gengort.MarshallSyscall(_FindHandle), gengort.MarshallSyscall(_FindData)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__wsopen_s gengort.PreloadProc - -func _WsopenS(_FileHandle *int32, _FileName *WcharT, _OpenFlag int32, _ShareFlag int32, _PermissionFlag int32) ErrnoT { - __res := gengort.CCall5(__imp__wsopen_s.Addr(), gengort.MarshallSyscall(_FileHandle), gengort.MarshallSyscall(_FileName), gengort.MarshallSyscall(_OpenFlag), gengort.MarshallSyscall(_ShareFlag), gengort.MarshallSyscall(_PermissionFlag)) - return gengort.UnmarshallSyscall[ErrnoT](__res) -} - -var __imp__wsopen_dispatch gengort.PreloadProc - -func _WsopenDispatch(_FileName *WcharT, _OFlag int32, _ShFlag int32, _PMode int32, _PFileHandle *int32, _BSecure int32) ErrnoT { - __res := gengort.CCall6(__imp__wsopen_dispatch.Addr(), gengort.MarshallSyscall(_FileName), gengort.MarshallSyscall(_OFlag), gengort.MarshallSyscall(_ShFlag), gengort.MarshallSyscall(_PMode), gengort.MarshallSyscall(_PFileHandle), gengort.MarshallSyscall(_BSecure)) - return gengort.UnmarshallSyscall[ErrnoT](__res) -} - -var __imp__wopen gengort.PreloadProc - -func _Wopen(_FileName *WcharT, _OpenFlag int32) int32 { - __res := gengort.CCall2(__imp__wopen.Addr(), gengort.MarshallSyscall(_FileName), gengort.MarshallSyscall(_OpenFlag)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__wsopen gengort.PreloadProc - -func _Wsopen(_FileName *WcharT, _OpenFlag int32, _ShareFlag int32) int32 { - __res := gengort.CCall3(__imp__wsopen.Addr(), gengort.MarshallSyscall(_FileName), gengort.MarshallSyscall(_OpenFlag), gengort.MarshallSyscall(_ShareFlag)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__wexecl gengort.PreloadProc - -func _Wexecl(_FileName *WcharT, _ArgList *WcharT) int { - __res := gengort.CCall2(__imp__wexecl.Addr(), gengort.MarshallSyscall(_FileName), gengort.MarshallSyscall(_ArgList)) - return gengort.UnmarshallSyscall[int](__res) -} - -var __imp__wexecle gengort.PreloadProc - -func _Wexecle(_FileName *WcharT, _ArgList *WcharT) int { - __res := gengort.CCall2(__imp__wexecle.Addr(), gengort.MarshallSyscall(_FileName), gengort.MarshallSyscall(_ArgList)) - return gengort.UnmarshallSyscall[int](__res) -} - -var __imp__wexeclp gengort.PreloadProc - -func _Wexeclp(_FileName *WcharT, _ArgList *WcharT) int { - __res := gengort.CCall2(__imp__wexeclp.Addr(), gengort.MarshallSyscall(_FileName), gengort.MarshallSyscall(_ArgList)) - return gengort.UnmarshallSyscall[int](__res) -} - -var __imp__wexeclpe gengort.PreloadProc - -func _Wexeclpe(_FileName *WcharT, _ArgList *WcharT) int { - __res := gengort.CCall2(__imp__wexeclpe.Addr(), gengort.MarshallSyscall(_FileName), gengort.MarshallSyscall(_ArgList)) - return gengort.UnmarshallSyscall[int](__res) -} - -var __imp__wexecv gengort.PreloadProc - -func _Wexecv(_FileName *WcharT, _ArgList **WcharT) int { - __res := gengort.CCall2(__imp__wexecv.Addr(), gengort.MarshallSyscall(_FileName), gengort.MarshallSyscall(_ArgList)) - return gengort.UnmarshallSyscall[int](__res) -} - -var __imp__wexecve gengort.PreloadProc - -func _Wexecve(_FileName *WcharT, _ArgList **WcharT, _Env **WcharT) int { - __res := gengort.CCall3(__imp__wexecve.Addr(), gengort.MarshallSyscall(_FileName), gengort.MarshallSyscall(_ArgList), gengort.MarshallSyscall(_Env)) - return gengort.UnmarshallSyscall[int](__res) -} - -var __imp__wexecvp gengort.PreloadProc - -func _Wexecvp(_FileName *WcharT, _ArgList **WcharT) int { - __res := gengort.CCall2(__imp__wexecvp.Addr(), gengort.MarshallSyscall(_FileName), gengort.MarshallSyscall(_ArgList)) - return gengort.UnmarshallSyscall[int](__res) -} - -var __imp__wexecvpe gengort.PreloadProc - -func _Wexecvpe(_FileName *WcharT, _ArgList **WcharT, _Env **WcharT) int { - __res := gengort.CCall3(__imp__wexecvpe.Addr(), gengort.MarshallSyscall(_FileName), gengort.MarshallSyscall(_ArgList), gengort.MarshallSyscall(_Env)) - return gengort.UnmarshallSyscall[int](__res) -} - -var __imp__wspawnl gengort.PreloadProc - -func _Wspawnl(_Mode int32, _FileName *WcharT, _ArgList *WcharT) int { - __res := gengort.CCall3(__imp__wspawnl.Addr(), gengort.MarshallSyscall(_Mode), gengort.MarshallSyscall(_FileName), gengort.MarshallSyscall(_ArgList)) - return gengort.UnmarshallSyscall[int](__res) -} - -var __imp__wspawnle gengort.PreloadProc - -func _Wspawnle(_Mode int32, _FileName *WcharT, _ArgList *WcharT) int { - __res := gengort.CCall3(__imp__wspawnle.Addr(), gengort.MarshallSyscall(_Mode), gengort.MarshallSyscall(_FileName), gengort.MarshallSyscall(_ArgList)) - return gengort.UnmarshallSyscall[int](__res) -} - -var __imp__wspawnlp gengort.PreloadProc - -func _Wspawnlp(_Mode int32, _FileName *WcharT, _ArgList *WcharT) int { - __res := gengort.CCall3(__imp__wspawnlp.Addr(), gengort.MarshallSyscall(_Mode), gengort.MarshallSyscall(_FileName), gengort.MarshallSyscall(_ArgList)) - return gengort.UnmarshallSyscall[int](__res) -} - -var __imp__wspawnlpe gengort.PreloadProc - -func _Wspawnlpe(_Mode int32, _FileName *WcharT, _ArgList *WcharT) int { - __res := gengort.CCall3(__imp__wspawnlpe.Addr(), gengort.MarshallSyscall(_Mode), gengort.MarshallSyscall(_FileName), gengort.MarshallSyscall(_ArgList)) - return gengort.UnmarshallSyscall[int](__res) -} - -var __imp__wspawnv gengort.PreloadProc - -func _Wspawnv(_Mode int32, _FileName *WcharT, _ArgList **WcharT) int { - __res := gengort.CCall3(__imp__wspawnv.Addr(), gengort.MarshallSyscall(_Mode), gengort.MarshallSyscall(_FileName), gengort.MarshallSyscall(_ArgList)) - return gengort.UnmarshallSyscall[int](__res) -} - -var __imp__wspawnve gengort.PreloadProc - -func _Wspawnve(_Mode int32, _FileName *WcharT, _ArgList **WcharT, _Env **WcharT) int { - __res := gengort.CCall4(__imp__wspawnve.Addr(), gengort.MarshallSyscall(_Mode), gengort.MarshallSyscall(_FileName), gengort.MarshallSyscall(_ArgList), gengort.MarshallSyscall(_Env)) - return gengort.UnmarshallSyscall[int](__res) -} - -var __imp__wspawnvp gengort.PreloadProc - -func _Wspawnvp(_Mode int32, _FileName *WcharT, _ArgList **WcharT) int { - __res := gengort.CCall3(__imp__wspawnvp.Addr(), gengort.MarshallSyscall(_Mode), gengort.MarshallSyscall(_FileName), gengort.MarshallSyscall(_ArgList)) - return gengort.UnmarshallSyscall[int](__res) -} - -var __imp__wspawnvpe gengort.PreloadProc - -func _Wspawnvpe(_Mode int32, _FileName *WcharT, _ArgList **WcharT, _Env **WcharT) int { - __res := gengort.CCall4(__imp__wspawnvpe.Addr(), gengort.MarshallSyscall(_Mode), gengort.MarshallSyscall(_FileName), gengort.MarshallSyscall(_ArgList), gengort.MarshallSyscall(_Env)) - return gengort.UnmarshallSyscall[int](__res) -} - -var __imp__wsystem gengort.PreloadProc - -func _Wsystem(_Command *WcharT) int32 { - __res := gengort.CCall1(__imp__wsystem.Addr(), gengort.MarshallSyscall(_Command)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp___acrt_iob_func gengort.PreloadProc - -func _AcrtIobFunc(_Ix uint32) *File { - __res := gengort.CCall1(__imp___acrt_iob_func.Addr(), gengort.MarshallSyscall(_Ix)) - return gengort.UnmarshallSyscall[*File](__res) -} - -var __imp_fgetwc gengort.PreloadProc - -func Fgetwc(_Stream *File) WintT { - __res := gengort.CCall1(__imp_fgetwc.Addr(), gengort.MarshallSyscall(_Stream)) - return gengort.UnmarshallSyscall[WintT](__res) -} - -var __imp__fgetwchar gengort.PreloadProc - -func _Fgetwchar() WintT { - __res := gengort.CCall0(__imp__fgetwchar.Addr()) - return gengort.UnmarshallSyscall[WintT](__res) -} - -var __imp_fputwc gengort.PreloadProc - -func Fputwc(_Character WcharT, _Stream *File) WintT { - __res := gengort.CCall2(__imp_fputwc.Addr(), gengort.MarshallSyscall(_Character), gengort.MarshallSyscall(_Stream)) - return gengort.UnmarshallSyscall[WintT](__res) -} - -var __imp__fputwchar gengort.PreloadProc - -func _Fputwchar(_Character WcharT) WintT { - __res := gengort.CCall1(__imp__fputwchar.Addr(), gengort.MarshallSyscall(_Character)) - return gengort.UnmarshallSyscall[WintT](__res) -} - -var __imp_getwc gengort.PreloadProc - -func Getwc(_Stream *File) WintT { - __res := gengort.CCall1(__imp_getwc.Addr(), gengort.MarshallSyscall(_Stream)) - return gengort.UnmarshallSyscall[WintT](__res) -} - -var __imp_getwchar gengort.PreloadProc - -func Getwchar() WintT { - __res := gengort.CCall0(__imp_getwchar.Addr()) - return gengort.UnmarshallSyscall[WintT](__res) -} - -var __imp_fgetws gengort.PreloadProc - -func Fgetws(_Buffer *WcharT, _BufferCount int32, _Stream *File) *WcharT { - __res := gengort.CCall3(__imp_fgetws.Addr(), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_BufferCount), gengort.MarshallSyscall(_Stream)) - return gengort.UnmarshallSyscall[*WcharT](__res) -} - -var __imp_fputws gengort.PreloadProc - -func Fputws(_Buffer *WcharT, _Stream *File) int32 { - __res := gengort.CCall2(__imp_fputws.Addr(), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_Stream)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__getws_s gengort.PreloadProc - -func _GetwsS(_Buffer *WcharT, _BufferCount uint) *WcharT { - __res := gengort.CCall2(__imp__getws_s.Addr(), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_BufferCount)) - return gengort.UnmarshallSyscall[*WcharT](__res) -} - -var __imp_putwc gengort.PreloadProc - -func Putwc(_Character WcharT, _Stream *File) WintT { - __res := gengort.CCall2(__imp_putwc.Addr(), gengort.MarshallSyscall(_Character), gengort.MarshallSyscall(_Stream)) - return gengort.UnmarshallSyscall[WintT](__res) -} - -var __imp_putwchar gengort.PreloadProc - -func Putwchar(_Character WcharT) WintT { - __res := gengort.CCall1(__imp_putwchar.Addr(), gengort.MarshallSyscall(_Character)) - return gengort.UnmarshallSyscall[WintT](__res) -} - -var __imp__putws gengort.PreloadProc - -func _Putws(_Buffer *WcharT) int32 { - __res := gengort.CCall1(__imp__putws.Addr(), gengort.MarshallSyscall(_Buffer)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_ungetwc gengort.PreloadProc - -func Ungetwc(_Character WintT, _Stream *File) WintT { - __res := gengort.CCall2(__imp_ungetwc.Addr(), gengort.MarshallSyscall(_Character), gengort.MarshallSyscall(_Stream)) - return gengort.UnmarshallSyscall[WintT](__res) -} - -var __imp__wfdopen gengort.PreloadProc - -func _Wfdopen(_FileHandle int32, _Mode *WcharT) *File { - __res := gengort.CCall2(__imp__wfdopen.Addr(), gengort.MarshallSyscall(_FileHandle), gengort.MarshallSyscall(_Mode)) - return gengort.UnmarshallSyscall[*File](__res) -} - -var __imp__wfopen gengort.PreloadProc - -func _Wfopen(_FileName *WcharT, _Mode *WcharT) *File { - __res := gengort.CCall2(__imp__wfopen.Addr(), gengort.MarshallSyscall(_FileName), gengort.MarshallSyscall(_Mode)) - return gengort.UnmarshallSyscall[*File](__res) -} - -var __imp__wfopen_s gengort.PreloadProc - -func _WfopenS(_Stream **File, _FileName *WcharT, _Mode *WcharT) ErrnoT { - __res := gengort.CCall3(__imp__wfopen_s.Addr(), gengort.MarshallSyscall(_Stream), gengort.MarshallSyscall(_FileName), gengort.MarshallSyscall(_Mode)) - return gengort.UnmarshallSyscall[ErrnoT](__res) -} - -var __imp__wfreopen gengort.PreloadProc - -func _Wfreopen(_FileName *WcharT, _Mode *WcharT, _OldStream *File) *File { - __res := gengort.CCall3(__imp__wfreopen.Addr(), gengort.MarshallSyscall(_FileName), gengort.MarshallSyscall(_Mode), gengort.MarshallSyscall(_OldStream)) - return gengort.UnmarshallSyscall[*File](__res) -} - -var __imp__wfreopen_s gengort.PreloadProc - -func _WfreopenS(_Stream **File, _FileName *WcharT, _Mode *WcharT, _OldStream *File) ErrnoT { - __res := gengort.CCall4(__imp__wfreopen_s.Addr(), gengort.MarshallSyscall(_Stream), gengort.MarshallSyscall(_FileName), gengort.MarshallSyscall(_Mode), gengort.MarshallSyscall(_OldStream)) - return gengort.UnmarshallSyscall[ErrnoT](__res) -} - -var __imp__wfsopen gengort.PreloadProc - -func _Wfsopen(_FileName *WcharT, _Mode *WcharT, _ShFlag int32) *File { - __res := gengort.CCall3(__imp__wfsopen.Addr(), gengort.MarshallSyscall(_FileName), gengort.MarshallSyscall(_Mode), gengort.MarshallSyscall(_ShFlag)) - return gengort.UnmarshallSyscall[*File](__res) -} - -var __imp__wperror gengort.PreloadProc - -func _Wperror(_ErrorMessage *WcharT) { - gengort.CCall1(__imp__wperror.Addr(), gengort.MarshallSyscall(_ErrorMessage)) -} - -var __imp__wpopen gengort.PreloadProc - -func _Wpopen(_Command *WcharT, _Mode *WcharT) *File { - __res := gengort.CCall2(__imp__wpopen.Addr(), gengort.MarshallSyscall(_Command), gengort.MarshallSyscall(_Mode)) - return gengort.UnmarshallSyscall[*File](__res) -} - -var __imp__wremove gengort.PreloadProc - -func _Wremove(_FileName *WcharT) int32 { - __res := gengort.CCall1(__imp__wremove.Addr(), gengort.MarshallSyscall(_FileName)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__wtempnam gengort.PreloadProc - -func _Wtempnam(_Directory *WcharT, _FilePrefix *WcharT) *WcharT { - __res := gengort.CCall2(__imp__wtempnam.Addr(), gengort.MarshallSyscall(_Directory), gengort.MarshallSyscall(_FilePrefix)) - return gengort.UnmarshallSyscall[*WcharT](__res) -} - -var __imp__wtmpnam_s gengort.PreloadProc - -func _WtmpnamS(_Buffer *WcharT, _BufferCount uint) ErrnoT { - __res := gengort.CCall2(__imp__wtmpnam_s.Addr(), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_BufferCount)) - return gengort.UnmarshallSyscall[ErrnoT](__res) -} - -var __imp__wtmpnam gengort.PreloadProc - -func _Wtmpnam(_Buffer *WcharT) *WcharT { - __res := gengort.CCall1(__imp__wtmpnam.Addr(), gengort.MarshallSyscall(_Buffer)) - return gengort.UnmarshallSyscall[*WcharT](__res) -} - -var __imp__fgetwc_nolock gengort.PreloadProc - -func _FgetwcNolock(_Stream *File) WintT { - __res := gengort.CCall1(__imp__fgetwc_nolock.Addr(), gengort.MarshallSyscall(_Stream)) - return gengort.UnmarshallSyscall[WintT](__res) -} - -var __imp__fputwc_nolock gengort.PreloadProc - -func _FputwcNolock(_Character WcharT, _Stream *File) WintT { - __res := gengort.CCall2(__imp__fputwc_nolock.Addr(), gengort.MarshallSyscall(_Character), gengort.MarshallSyscall(_Stream)) - return gengort.UnmarshallSyscall[WintT](__res) -} - -var __imp__getwc_nolock gengort.PreloadProc - -func _GetwcNolock(_Stream *File) WintT { - __res := gengort.CCall1(__imp__getwc_nolock.Addr(), gengort.MarshallSyscall(_Stream)) - return gengort.UnmarshallSyscall[WintT](__res) -} - -var __imp__putwc_nolock gengort.PreloadProc - -func _PutwcNolock(_Character WcharT, _Stream *File) WintT { - __res := gengort.CCall2(__imp__putwc_nolock.Addr(), gengort.MarshallSyscall(_Character), gengort.MarshallSyscall(_Stream)) - return gengort.UnmarshallSyscall[WintT](__res) -} - -var __imp__ungetwc_nolock gengort.PreloadProc - -func _UngetwcNolock(_Character WintT, _Stream *File) WintT { - __res := gengort.CCall2(__imp__ungetwc_nolock.Addr(), gengort.MarshallSyscall(_Character), gengort.MarshallSyscall(_Stream)) - return gengort.UnmarshallSyscall[WintT](__res) -} - -var __imp___stdio_common_vfwprintf gengort.PreloadProc - -func _StdioCommonVfwprintf(_Options uint64, _Stream *File, _Format *WcharT, _Locale _LocaleT, _ArgList VaList) int32 { - __res := gengort.CCall5(__imp___stdio_common_vfwprintf.Addr(), gengort.MarshallSyscall(_Options), gengort.MarshallSyscall(_Stream), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_Locale), gengort.MarshallSyscall(_ArgList)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp___stdio_common_vfwprintf_s gengort.PreloadProc - -func _StdioCommonVfwprintfS(_Options uint64, _Stream *File, _Format *WcharT, _Locale _LocaleT, _ArgList VaList) int32 { - __res := gengort.CCall5(__imp___stdio_common_vfwprintf_s.Addr(), gengort.MarshallSyscall(_Options), gengort.MarshallSyscall(_Stream), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_Locale), gengort.MarshallSyscall(_ArgList)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp___stdio_common_vfwprintf_p gengort.PreloadProc - -func _StdioCommonVfwprintfP(_Options uint64, _Stream *File, _Format *WcharT, _Locale _LocaleT, _ArgList VaList) int32 { - __res := gengort.CCall5(__imp___stdio_common_vfwprintf_p.Addr(), gengort.MarshallSyscall(_Options), gengort.MarshallSyscall(_Stream), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_Locale), gengort.MarshallSyscall(_ArgList)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__vfwprintf_l gengort.PreloadProc - -func _VfwprintfL(_Stream any, _Format any, _Locale _LocaleT, _ArgList VaList) int32 { - __res := gengort.CCall4(__imp__vfwprintf_l.Addr(), gengort.MarshallSyscall(_Stream), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_Locale), gengort.MarshallSyscall(_ArgList)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_vfwprintf gengort.PreloadProc - -func Vfwprintf(_Stream any, _Format any, _ArgList VaList) int32 { - __res := gengort.CCall3(__imp_vfwprintf.Addr(), gengort.MarshallSyscall(_Stream), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_ArgList)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__vfwprintf_s_l gengort.PreloadProc - -func _VfwprintfSL(_Stream any, _Format any, _Locale _LocaleT, _ArgList VaList) int32 { - __res := gengort.CCall4(__imp__vfwprintf_s_l.Addr(), gengort.MarshallSyscall(_Stream), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_Locale), gengort.MarshallSyscall(_ArgList)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_vfwprintf_s gengort.PreloadProc - -func VfwprintfS(_Stream any, _Format any, _ArgList VaList) int32 { - __res := gengort.CCall3(__imp_vfwprintf_s.Addr(), gengort.MarshallSyscall(_Stream), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_ArgList)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__vfwprintf_p_l gengort.PreloadProc - -func _VfwprintfPL(_Stream any, _Format any, _Locale _LocaleT, _ArgList VaList) int32 { - __res := gengort.CCall4(__imp__vfwprintf_p_l.Addr(), gengort.MarshallSyscall(_Stream), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_Locale), gengort.MarshallSyscall(_ArgList)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__vfwprintf_p gengort.PreloadProc - -func _VfwprintfP(_Stream any, _Format any, _ArgList VaList) int32 { - __res := gengort.CCall3(__imp__vfwprintf_p.Addr(), gengort.MarshallSyscall(_Stream), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_ArgList)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__vwprintf_l gengort.PreloadProc - -func _VwprintfL(_Format any, _Locale _LocaleT, _ArgList VaList) int32 { - __res := gengort.CCall3(__imp__vwprintf_l.Addr(), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_Locale), gengort.MarshallSyscall(_ArgList)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_vwprintf gengort.PreloadProc - -func Vwprintf(_Format any, _ArgList VaList) int32 { - __res := gengort.CCall2(__imp_vwprintf.Addr(), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_ArgList)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__vwprintf_s_l gengort.PreloadProc - -func _VwprintfSL(_Format any, _Locale _LocaleT, _ArgList VaList) int32 { - __res := gengort.CCall3(__imp__vwprintf_s_l.Addr(), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_Locale), gengort.MarshallSyscall(_ArgList)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_vwprintf_s gengort.PreloadProc - -func VwprintfS(_Format any, _ArgList VaList) int32 { - __res := gengort.CCall2(__imp_vwprintf_s.Addr(), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_ArgList)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__vwprintf_p_l gengort.PreloadProc - -func _VwprintfPL(_Format any, _Locale _LocaleT, _ArgList VaList) int32 { - __res := gengort.CCall3(__imp__vwprintf_p_l.Addr(), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_Locale), gengort.MarshallSyscall(_ArgList)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__vwprintf_p gengort.PreloadProc - -func _VwprintfP(_Format any, _ArgList VaList) int32 { - __res := gengort.CCall2(__imp__vwprintf_p.Addr(), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_ArgList)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__fwprintf_l gengort.PreloadProc - -func _FwprintfL(_Stream any, _Format any, _Locale _LocaleT) int32 { - __res := gengort.CCall3(__imp__fwprintf_l.Addr(), gengort.MarshallSyscall(_Stream), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_Locale)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_fwprintf gengort.PreloadProc - -func Fwprintf(_Stream any, _Format any) int32 { - __res := gengort.CCall2(__imp_fwprintf.Addr(), gengort.MarshallSyscall(_Stream), gengort.MarshallSyscall(_Format)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__fwprintf_s_l gengort.PreloadProc - -func _FwprintfSL(_Stream any, _Format any, _Locale _LocaleT) int32 { - __res := gengort.CCall3(__imp__fwprintf_s_l.Addr(), gengort.MarshallSyscall(_Stream), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_Locale)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_fwprintf_s gengort.PreloadProc - -func FwprintfS(_Stream any, _Format any) int32 { - __res := gengort.CCall2(__imp_fwprintf_s.Addr(), gengort.MarshallSyscall(_Stream), gengort.MarshallSyscall(_Format)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__fwprintf_p_l gengort.PreloadProc - -func _FwprintfPL(_Stream any, _Format any, _Locale _LocaleT) int32 { - __res := gengort.CCall3(__imp__fwprintf_p_l.Addr(), gengort.MarshallSyscall(_Stream), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_Locale)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__fwprintf_p gengort.PreloadProc - -func _FwprintfP(_Stream any, _Format any) int32 { - __res := gengort.CCall2(__imp__fwprintf_p.Addr(), gengort.MarshallSyscall(_Stream), gengort.MarshallSyscall(_Format)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__wprintf_l gengort.PreloadProc - -func _WprintfL(_Format any, _Locale _LocaleT) int32 { - __res := gengort.CCall2(__imp__wprintf_l.Addr(), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_Locale)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_wprintf gengort.PreloadProc - -func Wprintf(_Format any) int32 { - __res := gengort.CCall1(__imp_wprintf.Addr(), gengort.MarshallSyscall(_Format)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__wprintf_s_l gengort.PreloadProc - -func _WprintfSL(_Format any, _Locale _LocaleT) int32 { - __res := gengort.CCall2(__imp__wprintf_s_l.Addr(), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_Locale)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_wprintf_s gengort.PreloadProc - -func WprintfS(_Format any) int32 { - __res := gengort.CCall1(__imp_wprintf_s.Addr(), gengort.MarshallSyscall(_Format)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__wprintf_p_l gengort.PreloadProc - -func _WprintfPL(_Format any, _Locale _LocaleT) int32 { - __res := gengort.CCall2(__imp__wprintf_p_l.Addr(), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_Locale)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__wprintf_p gengort.PreloadProc - -func _WprintfP(_Format any) int32 { - __res := gengort.CCall1(__imp__wprintf_p.Addr(), gengort.MarshallSyscall(_Format)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp___stdio_common_vfwscanf gengort.PreloadProc - -func _StdioCommonVfwscanf(_Options uint64, _Stream *File, _Format *WcharT, _Locale _LocaleT, _ArgList VaList) int32 { - __res := gengort.CCall5(__imp___stdio_common_vfwscanf.Addr(), gengort.MarshallSyscall(_Options), gengort.MarshallSyscall(_Stream), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_Locale), gengort.MarshallSyscall(_ArgList)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__vfwscanf_l gengort.PreloadProc - -func _VfwscanfL(_Stream any, _Format any, _Locale _LocaleT, _ArgList VaList) int32 { - __res := gengort.CCall4(__imp__vfwscanf_l.Addr(), gengort.MarshallSyscall(_Stream), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_Locale), gengort.MarshallSyscall(_ArgList)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_vfwscanf gengort.PreloadProc - -func Vfwscanf(_Stream any, _Format any, _ArgList VaList) int32 { - __res := gengort.CCall3(__imp_vfwscanf.Addr(), gengort.MarshallSyscall(_Stream), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_ArgList)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__vfwscanf_s_l gengort.PreloadProc - -func _VfwscanfSL(_Stream any, _Format any, _Locale _LocaleT, _ArgList VaList) int32 { - __res := gengort.CCall4(__imp__vfwscanf_s_l.Addr(), gengort.MarshallSyscall(_Stream), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_Locale), gengort.MarshallSyscall(_ArgList)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_vfwscanf_s gengort.PreloadProc - -func VfwscanfS(_Stream any, _Format any, _ArgList VaList) int32 { - __res := gengort.CCall3(__imp_vfwscanf_s.Addr(), gengort.MarshallSyscall(_Stream), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_ArgList)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__vwscanf_l gengort.PreloadProc - -func _VwscanfL(_Format any, _Locale _LocaleT, _ArgList VaList) int32 { - __res := gengort.CCall3(__imp__vwscanf_l.Addr(), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_Locale), gengort.MarshallSyscall(_ArgList)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_vwscanf gengort.PreloadProc - -func Vwscanf(_Format any, _ArgList VaList) int32 { - __res := gengort.CCall2(__imp_vwscanf.Addr(), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_ArgList)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__vwscanf_s_l gengort.PreloadProc - -func _VwscanfSL(_Format any, _Locale _LocaleT, _ArgList VaList) int32 { - __res := gengort.CCall3(__imp__vwscanf_s_l.Addr(), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_Locale), gengort.MarshallSyscall(_ArgList)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_vwscanf_s gengort.PreloadProc - -func VwscanfS(_Format any, _ArgList VaList) int32 { - __res := gengort.CCall2(__imp_vwscanf_s.Addr(), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_ArgList)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__fwscanf_l gengort.PreloadProc - -func _FwscanfL(_Stream any, _Format any, _Locale _LocaleT) int32 { - __res := gengort.CCall3(__imp__fwscanf_l.Addr(), gengort.MarshallSyscall(_Stream), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_Locale)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_fwscanf gengort.PreloadProc - -func Fwscanf(_Stream any, _Format any) int32 { - __res := gengort.CCall2(__imp_fwscanf.Addr(), gengort.MarshallSyscall(_Stream), gengort.MarshallSyscall(_Format)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__fwscanf_s_l gengort.PreloadProc - -func _FwscanfSL(_Stream any, _Format any, _Locale _LocaleT) int32 { - __res := gengort.CCall3(__imp__fwscanf_s_l.Addr(), gengort.MarshallSyscall(_Stream), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_Locale)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_fwscanf_s gengort.PreloadProc - -func FwscanfS(_Stream any, _Format any) int32 { - __res := gengort.CCall2(__imp_fwscanf_s.Addr(), gengort.MarshallSyscall(_Stream), gengort.MarshallSyscall(_Format)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__wscanf_l gengort.PreloadProc - -func _WscanfL(_Format any, _Locale _LocaleT) int32 { - __res := gengort.CCall2(__imp__wscanf_l.Addr(), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_Locale)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_wscanf gengort.PreloadProc - -func Wscanf(_Format any) int32 { - __res := gengort.CCall1(__imp_wscanf.Addr(), gengort.MarshallSyscall(_Format)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__wscanf_s_l gengort.PreloadProc - -func _WscanfSL(_Format any, _Locale _LocaleT) int32 { - __res := gengort.CCall2(__imp__wscanf_s_l.Addr(), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_Locale)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_wscanf_s gengort.PreloadProc - -func WscanfS(_Format any) int32 { - __res := gengort.CCall1(__imp_wscanf_s.Addr(), gengort.MarshallSyscall(_Format)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp___stdio_common_vswprintf gengort.PreloadProc - -func _StdioCommonVswprintf(_Options uint64, _Buffer *WcharT, _BufferCount uint, _Format *WcharT, _Locale _LocaleT, _ArgList VaList) int32 { - __res := gengort.CCall6(__imp___stdio_common_vswprintf.Addr(), gengort.MarshallSyscall(_Options), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_BufferCount), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_Locale), gengort.MarshallSyscall(_ArgList)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp___stdio_common_vswprintf_s gengort.PreloadProc - -func _StdioCommonVswprintfS(_Options uint64, _Buffer *WcharT, _BufferCount uint, _Format *WcharT, _Locale _LocaleT, _ArgList VaList) int32 { - __res := gengort.CCall6(__imp___stdio_common_vswprintf_s.Addr(), gengort.MarshallSyscall(_Options), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_BufferCount), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_Locale), gengort.MarshallSyscall(_ArgList)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp___stdio_common_vsnwprintf_s gengort.PreloadProc - -func _StdioCommonVsnwprintfS(_Options uint64, _Buffer *WcharT, _BufferCount uint, _MaxCount uint, _Format *WcharT, _Locale _LocaleT, _ArgList VaList) int32 { - __res := gengort.CCall7(__imp___stdio_common_vsnwprintf_s.Addr(), gengort.MarshallSyscall(_Options), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_BufferCount), gengort.MarshallSyscall(_MaxCount), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_Locale), gengort.MarshallSyscall(_ArgList)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp___stdio_common_vswprintf_p gengort.PreloadProc - -func _StdioCommonVswprintfP(_Options uint64, _Buffer *WcharT, _BufferCount uint, _Format *WcharT, _Locale _LocaleT, _ArgList VaList) int32 { - __res := gengort.CCall6(__imp___stdio_common_vswprintf_p.Addr(), gengort.MarshallSyscall(_Options), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_BufferCount), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_Locale), gengort.MarshallSyscall(_ArgList)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__vsnwprintf_l gengort.PreloadProc - -func _VsnwprintfL(_Buffer any, _BufferCount uint, _Format any, _Locale _LocaleT, _ArgList VaList) int32 { - __res := gengort.CCall5(__imp__vsnwprintf_l.Addr(), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_BufferCount), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_Locale), gengort.MarshallSyscall(_ArgList)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__vsnwprintf_s_l gengort.PreloadProc - -func _VsnwprintfSL(_Buffer any, _BufferCount uint, _MaxCount uint, _Format any, _Locale _LocaleT, _ArgList VaList) int32 { - __res := gengort.CCall6(__imp__vsnwprintf_s_l.Addr(), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_BufferCount), gengort.MarshallSyscall(_MaxCount), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_Locale), gengort.MarshallSyscall(_ArgList)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__vsnwprintf_s gengort.PreloadProc - -func _VsnwprintfS(_Buffer any, _BufferCount uint, _MaxCount uint, _Format any, _ArgList VaList) int32 { - __res := gengort.CCall5(__imp__vsnwprintf_s.Addr(), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_BufferCount), gengort.MarshallSyscall(_MaxCount), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_ArgList)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__snwprintf gengort.PreloadProc - -func _Snwprintf(_Buffer *WcharT, _BufferCount uint, _Format *WcharT) int32 { - __res := gengort.CCall3(__imp__snwprintf.Addr(), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_BufferCount), gengort.MarshallSyscall(_Format)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__vsnwprintf gengort.PreloadProc - -func _Vsnwprintf(_Buffer *WcharT, _BufferCount uint, _Format *WcharT, _Args VaList) int32 { - __res := gengort.CCall4(__imp__vsnwprintf.Addr(), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_BufferCount), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_Args)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__vsnwprintf gengort.PreloadProc - -func _Vsnwprintf(_Buffer *WcharT, _BufferCount uint, _Format *WcharT, _ArgList VaList) int32 { - __res := gengort.CCall4(__imp__vsnwprintf.Addr(), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_BufferCount), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_ArgList)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__vswprintf_c_l gengort.PreloadProc - -func _VswprintfCL(_Buffer any, _BufferCount uint, _Format any, _Locale _LocaleT, _ArgList VaList) int32 { - __res := gengort.CCall5(__imp__vswprintf_c_l.Addr(), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_BufferCount), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_Locale), gengort.MarshallSyscall(_ArgList)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__vswprintf_c gengort.PreloadProc - -func _VswprintfC(_Buffer any, _BufferCount uint, _Format any, _ArgList VaList) int32 { - __res := gengort.CCall4(__imp__vswprintf_c.Addr(), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_BufferCount), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_ArgList)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__vswprintf_l gengort.PreloadProc - -func _VswprintfL(_Buffer any, _BufferCount uint, _Format any, _Locale _LocaleT, _ArgList VaList) int32 { - __res := gengort.CCall5(__imp__vswprintf_l.Addr(), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_BufferCount), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_Locale), gengort.MarshallSyscall(_ArgList)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp___vswprintf_l gengort.PreloadProc - -func _VswprintfL(_Buffer any, _Format any, _Locale _LocaleT, _ArgList VaList) int32 { - __res := gengort.CCall4(__imp___vswprintf_l.Addr(), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_Locale), gengort.MarshallSyscall(_ArgList)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__vswprintf gengort.PreloadProc - -func _Vswprintf(_Buffer any, _Format any, _ArgList VaList) int32 { - __res := gengort.CCall3(__imp__vswprintf.Addr(), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_ArgList)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_vswprintf gengort.PreloadProc - -func Vswprintf(_Buffer any, _BufferCount uint, _Format any, _ArgList VaList) int32 { - __res := gengort.CCall4(__imp_vswprintf.Addr(), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_BufferCount), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_ArgList)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__vswprintf_s_l gengort.PreloadProc - -func _VswprintfSL(_Buffer any, _BufferCount uint, _Format any, _Locale _LocaleT, _ArgList VaList) int32 { - __res := gengort.CCall5(__imp__vswprintf_s_l.Addr(), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_BufferCount), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_Locale), gengort.MarshallSyscall(_ArgList)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_vswprintf_s gengort.PreloadProc - -func VswprintfS(_Buffer any, _BufferCount uint, _Format any, _ArgList VaList) int32 { - __res := gengort.CCall4(__imp_vswprintf_s.Addr(), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_BufferCount), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_ArgList)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__vswprintf_p_l gengort.PreloadProc - -func _VswprintfPL(_Buffer any, _BufferCount uint, _Format any, _Locale _LocaleT, _ArgList VaList) int32 { - __res := gengort.CCall5(__imp__vswprintf_p_l.Addr(), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_BufferCount), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_Locale), gengort.MarshallSyscall(_ArgList)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__vswprintf_p gengort.PreloadProc - -func _VswprintfP(_Buffer any, _BufferCount uint, _Format any, _ArgList VaList) int32 { - __res := gengort.CCall4(__imp__vswprintf_p.Addr(), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_BufferCount), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_ArgList)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__vscwprintf_l gengort.PreloadProc - -func _VscwprintfL(_Format any, _Locale _LocaleT, _ArgList VaList) int32 { - __res := gengort.CCall3(__imp__vscwprintf_l.Addr(), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_Locale), gengort.MarshallSyscall(_ArgList)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__vscwprintf gengort.PreloadProc - -func _Vscwprintf(_Format any, _ArgList VaList) int32 { - __res := gengort.CCall2(__imp__vscwprintf.Addr(), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_ArgList)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__vscwprintf_p_l gengort.PreloadProc - -func _VscwprintfPL(_Format any, _Locale _LocaleT, _ArgList VaList) int32 { - __res := gengort.CCall3(__imp__vscwprintf_p_l.Addr(), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_Locale), gengort.MarshallSyscall(_ArgList)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__vscwprintf_p gengort.PreloadProc - -func _VscwprintfP(_Format any, _ArgList VaList) int32 { - __res := gengort.CCall2(__imp__vscwprintf_p.Addr(), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_ArgList)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp___swprintf_l gengort.PreloadProc - -func _SwprintfL(_Buffer any, _Format any, _Locale _LocaleT) int32 { - __res := gengort.CCall3(__imp___swprintf_l.Addr(), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_Locale)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__swprintf_l gengort.PreloadProc - -func _SwprintfL(_Buffer any, _BufferCount uint, _Format any, _Locale _LocaleT) int32 { - __res := gengort.CCall4(__imp__swprintf_l.Addr(), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_BufferCount), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_Locale)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__swprintf gengort.PreloadProc - -func _Swprintf(_Buffer any, _Format any) int32 { - __res := gengort.CCall2(__imp__swprintf.Addr(), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_Format)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_swprintf gengort.PreloadProc - -func Swprintf(_Buffer any, _BufferCount uint, _Format any) int32 { - __res := gengort.CCall3(__imp_swprintf.Addr(), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_BufferCount), gengort.MarshallSyscall(_Format)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp___swprintf_l gengort.PreloadProc - -func _SwprintfL(_Buffer *WcharT, _Format *WcharT, _Locale _LocaleT) int32 { - __res := gengort.CCall3(__imp___swprintf_l.Addr(), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_Locale)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp___vswprintf_l gengort.PreloadProc - -func _VswprintfL(_Buffer *WcharT, _Format *WcharT, _Locale _LocaleT, _Args VaList) int32 { - __res := gengort.CCall4(__imp___vswprintf_l.Addr(), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_Locale), gengort.MarshallSyscall(_Args)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__swprintf gengort.PreloadProc - -func _Swprintf(_Buffer *WcharT, _Format *WcharT) int32 { - __res := gengort.CCall2(__imp__swprintf.Addr(), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_Format)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__vswprintf gengort.PreloadProc - -func _Vswprintf(_Buffer *WcharT, _Format *WcharT, _Args VaList) int32 { - __res := gengort.CCall3(__imp__vswprintf.Addr(), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_Args)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__swprintf_s_l gengort.PreloadProc - -func _SwprintfSL(_Buffer any, _BufferCount uint, _Format any, _Locale _LocaleT) int32 { - __res := gengort.CCall4(__imp__swprintf_s_l.Addr(), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_BufferCount), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_Locale)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_swprintf_s gengort.PreloadProc - -func SwprintfS(_Buffer any, _BufferCount uint, _Format any) int32 { - __res := gengort.CCall3(__imp_swprintf_s.Addr(), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_BufferCount), gengort.MarshallSyscall(_Format)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__swprintf_p_l gengort.PreloadProc - -func _SwprintfPL(_Buffer any, _BufferCount uint, _Format any, _Locale _LocaleT) int32 { - __res := gengort.CCall4(__imp__swprintf_p_l.Addr(), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_BufferCount), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_Locale)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__swprintf_p gengort.PreloadProc - -func _SwprintfP(_Buffer any, _BufferCount uint, _Format any) int32 { - __res := gengort.CCall3(__imp__swprintf_p.Addr(), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_BufferCount), gengort.MarshallSyscall(_Format)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__swprintf_c_l gengort.PreloadProc - -func _SwprintfCL(_Buffer any, _BufferCount uint, _Format any, _Locale _LocaleT) int32 { - __res := gengort.CCall4(__imp__swprintf_c_l.Addr(), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_BufferCount), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_Locale)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__swprintf_c gengort.PreloadProc - -func _SwprintfC(_Buffer any, _BufferCount uint, _Format any) int32 { - __res := gengort.CCall3(__imp__swprintf_c.Addr(), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_BufferCount), gengort.MarshallSyscall(_Format)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__snwprintf_l gengort.PreloadProc - -func _SnwprintfL(_Buffer any, _BufferCount uint, _Format any, _Locale _LocaleT) int32 { - __res := gengort.CCall4(__imp__snwprintf_l.Addr(), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_BufferCount), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_Locale)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__snwprintf gengort.PreloadProc - -func _Snwprintf(_Buffer *WcharT, _BufferCount uint, _Format *WcharT) int32 { - __res := gengort.CCall3(__imp__snwprintf.Addr(), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_BufferCount), gengort.MarshallSyscall(_Format)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__snwprintf_s_l gengort.PreloadProc - -func _SnwprintfSL(_Buffer any, _BufferCount uint, _MaxCount uint, _Format any, _Locale _LocaleT) int32 { - __res := gengort.CCall5(__imp__snwprintf_s_l.Addr(), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_BufferCount), gengort.MarshallSyscall(_MaxCount), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_Locale)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__snwprintf_s gengort.PreloadProc - -func _SnwprintfS(_Buffer any, _BufferCount uint, _MaxCount uint, _Format any) int32 { - __res := gengort.CCall4(__imp__snwprintf_s.Addr(), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_BufferCount), gengort.MarshallSyscall(_MaxCount), gengort.MarshallSyscall(_Format)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__scwprintf_l gengort.PreloadProc - -func _ScwprintfL(_Format any, _Locale _LocaleT) int32 { - __res := gengort.CCall2(__imp__scwprintf_l.Addr(), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_Locale)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__scwprintf gengort.PreloadProc - -func _Scwprintf(_Format any) int32 { - __res := gengort.CCall1(__imp__scwprintf.Addr(), gengort.MarshallSyscall(_Format)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__scwprintf_p_l gengort.PreloadProc - -func _ScwprintfPL(_Format any, _Locale _LocaleT) int32 { - __res := gengort.CCall2(__imp__scwprintf_p_l.Addr(), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_Locale)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__scwprintf_p gengort.PreloadProc - -func _ScwprintfP(_Format any) int32 { - __res := gengort.CCall1(__imp__scwprintf_p.Addr(), gengort.MarshallSyscall(_Format)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp___stdio_common_vswscanf gengort.PreloadProc - -func _StdioCommonVswscanf(_Options uint64, _Buffer *WcharT, _BufferCount uint, _Format *WcharT, _Locale _LocaleT, _ArgList VaList) int32 { - __res := gengort.CCall6(__imp___stdio_common_vswscanf.Addr(), gengort.MarshallSyscall(_Options), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_BufferCount), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_Locale), gengort.MarshallSyscall(_ArgList)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__vswscanf_l gengort.PreloadProc - -func _VswscanfL(_Buffer any, _Format any, _Locale _LocaleT, _ArgList VaList) int32 { - __res := gengort.CCall4(__imp__vswscanf_l.Addr(), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_Locale), gengort.MarshallSyscall(_ArgList)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_vswscanf gengort.PreloadProc - -func Vswscanf(_Buffer *WcharT, _Format *WcharT, _ArgList VaList) int32 { - __res := gengort.CCall3(__imp_vswscanf.Addr(), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_ArgList)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__vswscanf_s_l gengort.PreloadProc - -func _VswscanfSL(_Buffer any, _Format any, _Locale _LocaleT, _ArgList VaList) int32 { - __res := gengort.CCall4(__imp__vswscanf_s_l.Addr(), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_Locale), gengort.MarshallSyscall(_ArgList)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_vswscanf_s gengort.PreloadProc - -func VswscanfS(_Buffer any, _Format any, _ArgList VaList) int32 { - __res := gengort.CCall3(__imp_vswscanf_s.Addr(), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_ArgList)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__vsnwscanf_l gengort.PreloadProc - -func _VsnwscanfL(_Buffer any, _BufferCount uint, _Format any, _Locale _LocaleT, _ArgList VaList) int32 { - __res := gengort.CCall5(__imp__vsnwscanf_l.Addr(), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_BufferCount), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_Locale), gengort.MarshallSyscall(_ArgList)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__vsnwscanf_s_l gengort.PreloadProc - -func _VsnwscanfSL(_Buffer any, _BufferCount uint, _Format any, _Locale _LocaleT, _ArgList VaList) int32 { - __res := gengort.CCall5(__imp__vsnwscanf_s_l.Addr(), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_BufferCount), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_Locale), gengort.MarshallSyscall(_ArgList)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__swscanf_l gengort.PreloadProc - -func _SwscanfL(_Buffer any, _Format any, _Locale _LocaleT) int32 { - __res := gengort.CCall3(__imp__swscanf_l.Addr(), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_Locale)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_swscanf gengort.PreloadProc - -func Swscanf(_Buffer any, _Format any) int32 { - __res := gengort.CCall2(__imp_swscanf.Addr(), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_Format)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__swscanf_s_l gengort.PreloadProc - -func _SwscanfSL(_Buffer any, _Format any, _Locale _LocaleT) int32 { - __res := gengort.CCall3(__imp__swscanf_s_l.Addr(), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_Locale)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_swscanf_s gengort.PreloadProc - -func SwscanfS(_Buffer any, _Format any) int32 { - __res := gengort.CCall2(__imp_swscanf_s.Addr(), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_Format)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__snwscanf_l gengort.PreloadProc - -func _SnwscanfL(_Buffer any, _BufferCount uint, _Format any, _Locale _LocaleT) int32 { - __res := gengort.CCall4(__imp__snwscanf_l.Addr(), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_BufferCount), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_Locale)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__snwscanf gengort.PreloadProc - -func _Snwscanf(_Buffer any, _BufferCount uint, _Format any) int32 { - __res := gengort.CCall3(__imp__snwscanf.Addr(), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_BufferCount), gengort.MarshallSyscall(_Format)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__snwscanf_s_l gengort.PreloadProc - -func _SnwscanfSL(_Buffer any, _BufferCount uint, _Format any, _Locale _LocaleT) int32 { - __res := gengort.CCall4(__imp__snwscanf_s_l.Addr(), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_BufferCount), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_Locale)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__snwscanf_s gengort.PreloadProc - -func _SnwscanfS(_Buffer any, _BufferCount uint, _Format any) int32 { - __res := gengort.CCall3(__imp__snwscanf_s.Addr(), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_BufferCount), gengort.MarshallSyscall(_Format)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__itow_s gengort.PreloadProc - -func _ItowS(_Value int32, _Buffer *WcharT, _BufferCount uint, _Radix int32) ErrnoT { - __res := gengort.CCall4(__imp__itow_s.Addr(), gengort.MarshallSyscall(_Value), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_BufferCount), gengort.MarshallSyscall(_Radix)) - return gengort.UnmarshallSyscall[ErrnoT](__res) -} - -var __imp__itow gengort.PreloadProc - -func _Itow(_Value int32, _Buffer *WcharT, _Radix int32) *WcharT { - __res := gengort.CCall3(__imp__itow.Addr(), gengort.MarshallSyscall(_Value), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_Radix)) - return gengort.UnmarshallSyscall[*WcharT](__res) -} - -var __imp__ltow_s gengort.PreloadProc - -func _LtowS(_Value int64, _Buffer *WcharT, _BufferCount uint, _Radix int32) ErrnoT { - __res := gengort.CCall4(__imp__ltow_s.Addr(), gengort.MarshallSyscall(_Value), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_BufferCount), gengort.MarshallSyscall(_Radix)) - return gengort.UnmarshallSyscall[ErrnoT](__res) -} - -var __imp__ltow gengort.PreloadProc - -func _Ltow(_Value int64, _Buffer *WcharT, _Radix int32) *WcharT { - __res := gengort.CCall3(__imp__ltow.Addr(), gengort.MarshallSyscall(_Value), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_Radix)) - return gengort.UnmarshallSyscall[*WcharT](__res) -} - -var __imp__ultow_s gengort.PreloadProc - -func _UltowS(_Value uint64, _Buffer *WcharT, _BufferCount uint, _Radix int32) ErrnoT { - __res := gengort.CCall4(__imp__ultow_s.Addr(), gengort.MarshallSyscall(_Value), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_BufferCount), gengort.MarshallSyscall(_Radix)) - return gengort.UnmarshallSyscall[ErrnoT](__res) -} - -var __imp__ultow gengort.PreloadProc - -func _Ultow(_Value uint64, _Buffer *WcharT, _Radix int32) *WcharT { - __res := gengort.CCall3(__imp__ultow.Addr(), gengort.MarshallSyscall(_Value), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_Radix)) - return gengort.UnmarshallSyscall[*WcharT](__res) -} - -var __imp_wcstod gengort.PreloadProc - -func Wcstod(_String *WcharT, _EndPtr **WcharT) float64 { - __res := gengort.CCall2(__imp_wcstod.Addr(), gengort.MarshallSyscall(_String), gengort.MarshallSyscall(_EndPtr)) - return gengort.UnmarshallSyscall[float64](__res) -} - -var __imp__wcstod_l gengort.PreloadProc - -func _WcstodL(_String *WcharT, _EndPtr **WcharT, _Locale _LocaleT) float64 { - __res := gengort.CCall3(__imp__wcstod_l.Addr(), gengort.MarshallSyscall(_String), gengort.MarshallSyscall(_EndPtr), gengort.MarshallSyscall(_Locale)) - return gengort.UnmarshallSyscall[float64](__res) -} - -var __imp_wcstol gengort.PreloadProc - -func Wcstol(_String *WcharT, _EndPtr **WcharT, _Radix int32) int64 { - __res := gengort.CCall3(__imp_wcstol.Addr(), gengort.MarshallSyscall(_String), gengort.MarshallSyscall(_EndPtr), gengort.MarshallSyscall(_Radix)) - return gengort.UnmarshallSyscall[int64](__res) -} - -var __imp__wcstol_l gengort.PreloadProc - -func _WcstolL(_String *WcharT, _EndPtr **WcharT, _Radix int32, _Locale _LocaleT) int64 { - __res := gengort.CCall4(__imp__wcstol_l.Addr(), gengort.MarshallSyscall(_String), gengort.MarshallSyscall(_EndPtr), gengort.MarshallSyscall(_Radix), gengort.MarshallSyscall(_Locale)) - return gengort.UnmarshallSyscall[int64](__res) -} - -var __imp_wcstoll gengort.PreloadProc - -func Wcstoll(_String *WcharT, _EndPtr **WcharT, _Radix int32) int64 { - __res := gengort.CCall3(__imp_wcstoll.Addr(), gengort.MarshallSyscall(_String), gengort.MarshallSyscall(_EndPtr), gengort.MarshallSyscall(_Radix)) - return gengort.UnmarshallSyscall[int64](__res) -} - -var __imp__wcstoll_l gengort.PreloadProc - -func _WcstollL(_String *WcharT, _EndPtr **WcharT, _Radix int32, _Locale _LocaleT) int64 { - __res := gengort.CCall4(__imp__wcstoll_l.Addr(), gengort.MarshallSyscall(_String), gengort.MarshallSyscall(_EndPtr), gengort.MarshallSyscall(_Radix), gengort.MarshallSyscall(_Locale)) - return gengort.UnmarshallSyscall[int64](__res) -} - -var __imp_wcstoul gengort.PreloadProc - -func Wcstoul(_String *WcharT, _EndPtr **WcharT, _Radix int32) uint64 { - __res := gengort.CCall3(__imp_wcstoul.Addr(), gengort.MarshallSyscall(_String), gengort.MarshallSyscall(_EndPtr), gengort.MarshallSyscall(_Radix)) - return gengort.UnmarshallSyscall[uint64](__res) -} - -var __imp__wcstoul_l gengort.PreloadProc - -func _WcstoulL(_String *WcharT, _EndPtr **WcharT, _Radix int32, _Locale _LocaleT) uint64 { - __res := gengort.CCall4(__imp__wcstoul_l.Addr(), gengort.MarshallSyscall(_String), gengort.MarshallSyscall(_EndPtr), gengort.MarshallSyscall(_Radix), gengort.MarshallSyscall(_Locale)) - return gengort.UnmarshallSyscall[uint64](__res) -} - -var __imp_wcstoull gengort.PreloadProc - -func Wcstoull(_String *WcharT, _EndPtr **WcharT, _Radix int32) uint64 { - __res := gengort.CCall3(__imp_wcstoull.Addr(), gengort.MarshallSyscall(_String), gengort.MarshallSyscall(_EndPtr), gengort.MarshallSyscall(_Radix)) - return gengort.UnmarshallSyscall[uint64](__res) -} - -var __imp__wcstoull_l gengort.PreloadProc - -func _WcstoullL(_String *WcharT, _EndPtr **WcharT, _Radix int32, _Locale _LocaleT) uint64 { - __res := gengort.CCall4(__imp__wcstoull_l.Addr(), gengort.MarshallSyscall(_String), gengort.MarshallSyscall(_EndPtr), gengort.MarshallSyscall(_Radix), gengort.MarshallSyscall(_Locale)) - return gengort.UnmarshallSyscall[uint64](__res) -} - -var __imp_wcstold gengort.PreloadProc - -func Wcstold(_String *WcharT, _EndPtr **WcharT) float64 { - __res := gengort.CCall2(__imp_wcstold.Addr(), gengort.MarshallSyscall(_String), gengort.MarshallSyscall(_EndPtr)) - return gengort.UnmarshallSyscall[float64](__res) -} - -var __imp__wcstold_l gengort.PreloadProc - -func _WcstoldL(_String *WcharT, _EndPtr **WcharT, _Locale _LocaleT) float64 { - __res := gengort.CCall3(__imp__wcstold_l.Addr(), gengort.MarshallSyscall(_String), gengort.MarshallSyscall(_EndPtr), gengort.MarshallSyscall(_Locale)) - return gengort.UnmarshallSyscall[float64](__res) -} - -var __imp_wcstof gengort.PreloadProc - -func Wcstof(_String *WcharT, _EndPtr **WcharT) float32 { - __res := gengort.CCall2(__imp_wcstof.Addr(), gengort.MarshallSyscall(_String), gengort.MarshallSyscall(_EndPtr)) - return gengort.UnmarshallSyscall[float32](__res) -} - -var __imp__wcstof_l gengort.PreloadProc - -func _WcstofL(_String *WcharT, _EndPtr **WcharT, _Locale _LocaleT) float32 { - __res := gengort.CCall3(__imp__wcstof_l.Addr(), gengort.MarshallSyscall(_String), gengort.MarshallSyscall(_EndPtr), gengort.MarshallSyscall(_Locale)) - return gengort.UnmarshallSyscall[float32](__res) -} - -var __imp__wtof gengort.PreloadProc - -func _Wtof(_String *WcharT) float64 { - __res := gengort.CCall1(__imp__wtof.Addr(), gengort.MarshallSyscall(_String)) - return gengort.UnmarshallSyscall[float64](__res) -} - -var __imp__wtof_l gengort.PreloadProc - -func _WtofL(_String *WcharT, _Locale _LocaleT) float64 { - __res := gengort.CCall2(__imp__wtof_l.Addr(), gengort.MarshallSyscall(_String), gengort.MarshallSyscall(_Locale)) - return gengort.UnmarshallSyscall[float64](__res) -} - -var __imp__wtoi gengort.PreloadProc - -func _Wtoi(_String *WcharT) int32 { - __res := gengort.CCall1(__imp__wtoi.Addr(), gengort.MarshallSyscall(_String)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__wtoi_l gengort.PreloadProc - -func _WtoiL(_String *WcharT, _Locale _LocaleT) int32 { - __res := gengort.CCall2(__imp__wtoi_l.Addr(), gengort.MarshallSyscall(_String), gengort.MarshallSyscall(_Locale)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__wtol gengort.PreloadProc - -func _Wtol(_String *WcharT) int64 { - __res := gengort.CCall1(__imp__wtol.Addr(), gengort.MarshallSyscall(_String)) - return gengort.UnmarshallSyscall[int64](__res) -} - -var __imp__wtol_l gengort.PreloadProc - -func _WtolL(_String *WcharT, _Locale _LocaleT) int64 { - __res := gengort.CCall2(__imp__wtol_l.Addr(), gengort.MarshallSyscall(_String), gengort.MarshallSyscall(_Locale)) - return gengort.UnmarshallSyscall[int64](__res) -} - -var __imp__wtoll gengort.PreloadProc - -func _Wtoll(_String *WcharT) int64 { - __res := gengort.CCall1(__imp__wtoll.Addr(), gengort.MarshallSyscall(_String)) - return gengort.UnmarshallSyscall[int64](__res) -} - -var __imp__wtoll_l gengort.PreloadProc - -func _WtollL(_String *WcharT, _Locale _LocaleT) int64 { - __res := gengort.CCall2(__imp__wtoll_l.Addr(), gengort.MarshallSyscall(_String), gengort.MarshallSyscall(_Locale)) - return gengort.UnmarshallSyscall[int64](__res) -} - -var __imp__i64tow_s gengort.PreloadProc - -func _I64towS(_Value int64, _Buffer *WcharT, _BufferCount uint, _Radix int32) ErrnoT { - __res := gengort.CCall4(__imp__i64tow_s.Addr(), gengort.MarshallSyscall(_Value), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_BufferCount), gengort.MarshallSyscall(_Radix)) - return gengort.UnmarshallSyscall[ErrnoT](__res) -} - -var __imp__i64tow gengort.PreloadProc - -func _I64tow(_Value int64, _Buffer *WcharT, _Radix int32) *WcharT { - __res := gengort.CCall3(__imp__i64tow.Addr(), gengort.MarshallSyscall(_Value), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_Radix)) - return gengort.UnmarshallSyscall[*WcharT](__res) -} - -var __imp__ui64tow_s gengort.PreloadProc - -func _Ui64towS(_Value uint64, _Buffer *WcharT, _BufferCount uint, _Radix int32) ErrnoT { - __res := gengort.CCall4(__imp__ui64tow_s.Addr(), gengort.MarshallSyscall(_Value), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_BufferCount), gengort.MarshallSyscall(_Radix)) - return gengort.UnmarshallSyscall[ErrnoT](__res) -} - -var __imp__ui64tow gengort.PreloadProc - -func _Ui64tow(_Value uint64, _Buffer *WcharT, _Radix int32) *WcharT { - __res := gengort.CCall3(__imp__ui64tow.Addr(), gengort.MarshallSyscall(_Value), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_Radix)) - return gengort.UnmarshallSyscall[*WcharT](__res) -} - -var __imp__wtoi64 gengort.PreloadProc - -func _Wtoi64(_String *WcharT) int64 { - __res := gengort.CCall1(__imp__wtoi64.Addr(), gengort.MarshallSyscall(_String)) - return gengort.UnmarshallSyscall[int64](__res) -} - -var __imp__wtoi64_l gengort.PreloadProc - -func _Wtoi64L(_String *WcharT, _Locale _LocaleT) int64 { - __res := gengort.CCall2(__imp__wtoi64_l.Addr(), gengort.MarshallSyscall(_String), gengort.MarshallSyscall(_Locale)) - return gengort.UnmarshallSyscall[int64](__res) -} - -var __imp__wcstoi64 gengort.PreloadProc - -func _Wcstoi64(_String *WcharT, _EndPtr **WcharT, _Radix int32) int64 { - __res := gengort.CCall3(__imp__wcstoi64.Addr(), gengort.MarshallSyscall(_String), gengort.MarshallSyscall(_EndPtr), gengort.MarshallSyscall(_Radix)) - return gengort.UnmarshallSyscall[int64](__res) -} - -var __imp__wcstoi64_l gengort.PreloadProc - -func _Wcstoi64L(_String *WcharT, _EndPtr **WcharT, _Radix int32, _Locale _LocaleT) int64 { - __res := gengort.CCall4(__imp__wcstoi64_l.Addr(), gengort.MarshallSyscall(_String), gengort.MarshallSyscall(_EndPtr), gengort.MarshallSyscall(_Radix), gengort.MarshallSyscall(_Locale)) - return gengort.UnmarshallSyscall[int64](__res) -} - -var __imp__wcstoui64 gengort.PreloadProc - -func _Wcstoui64(_String *WcharT, _EndPtr **WcharT, _Radix int32) uint64 { - __res := gengort.CCall3(__imp__wcstoui64.Addr(), gengort.MarshallSyscall(_String), gengort.MarshallSyscall(_EndPtr), gengort.MarshallSyscall(_Radix)) - return gengort.UnmarshallSyscall[uint64](__res) -} - -var __imp__wcstoui64_l gengort.PreloadProc - -func _Wcstoui64L(_String *WcharT, _EndPtr **WcharT, _Radix int32, _Locale _LocaleT) uint64 { - __res := gengort.CCall4(__imp__wcstoui64_l.Addr(), gengort.MarshallSyscall(_String), gengort.MarshallSyscall(_EndPtr), gengort.MarshallSyscall(_Radix), gengort.MarshallSyscall(_Locale)) - return gengort.UnmarshallSyscall[uint64](__res) -} - -var __imp__wfullpath gengort.PreloadProc - -func _Wfullpath(_Buffer *WcharT, _Path *WcharT, _BufferCount uint) *WcharT { - __res := gengort.CCall3(__imp__wfullpath.Addr(), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_Path), gengort.MarshallSyscall(_BufferCount)) - return gengort.UnmarshallSyscall[*WcharT](__res) -} - -var __imp__wmakepath_s gengort.PreloadProc - -func _WmakepathS(_Buffer *WcharT, _BufferCount uint, _Drive *WcharT, _Dir *WcharT, _Filename *WcharT, _Ext *WcharT) ErrnoT { - __res := gengort.CCall6(__imp__wmakepath_s.Addr(), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_BufferCount), gengort.MarshallSyscall(_Drive), gengort.MarshallSyscall(_Dir), gengort.MarshallSyscall(_Filename), gengort.MarshallSyscall(_Ext)) - return gengort.UnmarshallSyscall[ErrnoT](__res) -} - -var __imp__wmakepath gengort.PreloadProc - -func _Wmakepath(_Buffer *WcharT, _Drive *WcharT, _Dir *WcharT, _Filename *WcharT, _Ext *WcharT) { - gengort.CCall5(__imp__wmakepath.Addr(), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_Drive), gengort.MarshallSyscall(_Dir), gengort.MarshallSyscall(_Filename), gengort.MarshallSyscall(_Ext)) -} - -var __imp__wperror gengort.PreloadProc - -func _Wperror(_ErrorMessage *WcharT) { - gengort.CCall1(__imp__wperror.Addr(), gengort.MarshallSyscall(_ErrorMessage)) -} - -var __imp__wsplitpath gengort.PreloadProc - -func _Wsplitpath(_FullPath *WcharT, _Drive *WcharT, _Dir *WcharT, _Filename *WcharT, _Ext *WcharT) { - gengort.CCall5(__imp__wsplitpath.Addr(), gengort.MarshallSyscall(_FullPath), gengort.MarshallSyscall(_Drive), gengort.MarshallSyscall(_Dir), gengort.MarshallSyscall(_Filename), gengort.MarshallSyscall(_Ext)) -} - -var __imp__wsplitpath_s gengort.PreloadProc - -func _WsplitpathS(_FullPath *WcharT, _Drive *WcharT, _DriveCount uint, _Dir *WcharT, _DirCount uint, _Filename *WcharT, _FilenameCount uint, _Ext *WcharT, _ExtCount uint) ErrnoT { - __res := gengort.CCall9(__imp__wsplitpath_s.Addr(), gengort.MarshallSyscall(_FullPath), gengort.MarshallSyscall(_Drive), gengort.MarshallSyscall(_DriveCount), gengort.MarshallSyscall(_Dir), gengort.MarshallSyscall(_DirCount), gengort.MarshallSyscall(_Filename), gengort.MarshallSyscall(_FilenameCount), gengort.MarshallSyscall(_Ext), gengort.MarshallSyscall(_ExtCount)) - return gengort.UnmarshallSyscall[ErrnoT](__res) -} - -var __imp__wdupenv_s gengort.PreloadProc - -func _WdupenvS(_Buffer **WcharT, _BufferCount *uint, _VarName *WcharT) ErrnoT { - __res := gengort.CCall3(__imp__wdupenv_s.Addr(), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_BufferCount), gengort.MarshallSyscall(_VarName)) - return gengort.UnmarshallSyscall[ErrnoT](__res) -} - -var __imp__wgetenv gengort.PreloadProc - -func _Wgetenv(_VarName *WcharT) *WcharT { - __res := gengort.CCall1(__imp__wgetenv.Addr(), gengort.MarshallSyscall(_VarName)) - return gengort.UnmarshallSyscall[*WcharT](__res) -} - -var __imp__wgetenv_s gengort.PreloadProc - -func _WgetenvS(_RequiredCount *uint, _Buffer *WcharT, _BufferCount uint, _VarName *WcharT) ErrnoT { - __res := gengort.CCall4(__imp__wgetenv_s.Addr(), gengort.MarshallSyscall(_RequiredCount), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_BufferCount), gengort.MarshallSyscall(_VarName)) - return gengort.UnmarshallSyscall[ErrnoT](__res) -} - -var __imp__wputenv gengort.PreloadProc - -func _Wputenv(_EnvString *WcharT) int32 { - __res := gengort.CCall1(__imp__wputenv.Addr(), gengort.MarshallSyscall(_EnvString)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__wputenv_s gengort.PreloadProc - -func _WputenvS(_Name *WcharT, _Value *WcharT) ErrnoT { - __res := gengort.CCall2(__imp__wputenv_s.Addr(), gengort.MarshallSyscall(_Name), gengort.MarshallSyscall(_Value)) - return gengort.UnmarshallSyscall[ErrnoT](__res) -} - -var __imp__wsearchenv_s gengort.PreloadProc - -func _WsearchenvS(_Filename *WcharT, _VarName *WcharT, _Buffer *WcharT, _BufferCount uint) ErrnoT { - __res := gengort.CCall4(__imp__wsearchenv_s.Addr(), gengort.MarshallSyscall(_Filename), gengort.MarshallSyscall(_VarName), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_BufferCount)) - return gengort.UnmarshallSyscall[ErrnoT](__res) -} - -var __imp__wsearchenv gengort.PreloadProc - -func _Wsearchenv(_Filename *WcharT, _VarName *WcharT, _ResultPath *WcharT) { - gengort.CCall3(__imp__wsearchenv.Addr(), gengort.MarshallSyscall(_Filename), gengort.MarshallSyscall(_VarName), gengort.MarshallSyscall(_ResultPath)) -} - -var __imp__wsystem gengort.PreloadProc - -func _Wsystem(_Command *WcharT) int32 { - __res := gengort.CCall1(__imp__wsystem.Addr(), gengort.MarshallSyscall(_Command)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_wcscat_s gengort.PreloadProc - -func WcscatS(_Destination *WcharT, _SizeInWords RsizeT, _Source *WcharT) ErrnoT { - __res := gengort.CCall3(__imp_wcscat_s.Addr(), gengort.MarshallSyscall(_Destination), gengort.MarshallSyscall(_SizeInWords), gengort.MarshallSyscall(_Source)) - return gengort.UnmarshallSyscall[ErrnoT](__res) -} - -var __imp_wcscpy_s gengort.PreloadProc - -func WcscpyS(_Destination *WcharT, _SizeInWords RsizeT, _Source *WcharT) ErrnoT { - __res := gengort.CCall3(__imp_wcscpy_s.Addr(), gengort.MarshallSyscall(_Destination), gengort.MarshallSyscall(_SizeInWords), gengort.MarshallSyscall(_Source)) - return gengort.UnmarshallSyscall[ErrnoT](__res) -} - -var __imp_wcsncat_s gengort.PreloadProc - -func WcsncatS(_Destination *WcharT, _SizeInWords RsizeT, _Source *WcharT, _MaxCount RsizeT) ErrnoT { - __res := gengort.CCall4(__imp_wcsncat_s.Addr(), gengort.MarshallSyscall(_Destination), gengort.MarshallSyscall(_SizeInWords), gengort.MarshallSyscall(_Source), gengort.MarshallSyscall(_MaxCount)) - return gengort.UnmarshallSyscall[ErrnoT](__res) -} - -var __imp_wcsncpy_s gengort.PreloadProc - -func WcsncpyS(_Destination *WcharT, _SizeInWords RsizeT, _Source *WcharT, _MaxCount RsizeT) ErrnoT { - __res := gengort.CCall4(__imp_wcsncpy_s.Addr(), gengort.MarshallSyscall(_Destination), gengort.MarshallSyscall(_SizeInWords), gengort.MarshallSyscall(_Source), gengort.MarshallSyscall(_MaxCount)) - return gengort.UnmarshallSyscall[ErrnoT](__res) -} - -var __imp_wcstok_s gengort.PreloadProc - -func WcstokS(_String *WcharT, _Delimiter *WcharT, _Context **WcharT) *WcharT { - __res := gengort.CCall3(__imp_wcstok_s.Addr(), gengort.MarshallSyscall(_String), gengort.MarshallSyscall(_Delimiter), gengort.MarshallSyscall(_Context)) - return gengort.UnmarshallSyscall[*WcharT](__res) -} - -var __imp__wcsdup gengort.PreloadProc - -func _Wcsdup(_String *WcharT) *WcharT { - __res := gengort.CCall1(__imp__wcsdup.Addr(), gengort.MarshallSyscall(_String)) - return gengort.UnmarshallSyscall[*WcharT](__res) -} - -var __imp_wcscat gengort.PreloadProc - -func Wcscat(_Destination *WcharT, _Source *WcharT) *WcharT { - __res := gengort.CCall2(__imp_wcscat.Addr(), gengort.MarshallSyscall(_Destination), gengort.MarshallSyscall(_Source)) - return gengort.UnmarshallSyscall[*WcharT](__res) -} - -var __imp_wcscmp gengort.PreloadProc - -func Wcscmp( *uint16, *uint16) int32 { - __res := gengort.CCall2(__imp_wcscmp.Addr(), gengort.MarshallSyscall(), gengort.MarshallSyscall()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_wcscmp gengort.PreloadProc - -func Wcscmp(_String1 *WcharT, _String2 *WcharT) int32 { - __res := gengort.CCall2(__imp_wcscmp.Addr(), gengort.MarshallSyscall(_String1), gengort.MarshallSyscall(_String2)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_wcscpy gengort.PreloadProc - -func Wcscpy(_Destination *WcharT, _Source *WcharT) *WcharT { - __res := gengort.CCall2(__imp_wcscpy.Addr(), gengort.MarshallSyscall(_Destination), gengort.MarshallSyscall(_Source)) - return gengort.UnmarshallSyscall[*WcharT](__res) -} - -var __imp_wcscspn gengort.PreloadProc - -func Wcscspn(_String *WcharT, _Control *WcharT) uint { - __res := gengort.CCall2(__imp_wcscspn.Addr(), gengort.MarshallSyscall(_String), gengort.MarshallSyscall(_Control)) - return gengort.UnmarshallSyscall[uint](__res) -} - -var __imp_wcslen gengort.PreloadProc - -func Wcslen( *uint16) uint64 { - __res := gengort.CCall1(__imp_wcslen.Addr(), gengort.MarshallSyscall()) - return gengort.UnmarshallSyscall[uint64](__res) -} - -var __imp_wcslen gengort.PreloadProc - -func Wcslen(_String *WcharT) uint64 { - __res := gengort.CCall1(__imp_wcslen.Addr(), gengort.MarshallSyscall(_String)) - return gengort.UnmarshallSyscall[uint64](__res) -} - -var __imp_wcsnlen gengort.PreloadProc - -func Wcsnlen(_Source *WcharT, _MaxCount uint) uint { - __res := gengort.CCall2(__imp_wcsnlen.Addr(), gengort.MarshallSyscall(_Source), gengort.MarshallSyscall(_MaxCount)) - return gengort.UnmarshallSyscall[uint](__res) -} - -var __imp_wcsnlen_s gengort.PreloadProc - -func WcsnlenS(_Source *WcharT, _MaxCount uint) uint { - __res := gengort.CCall2(__imp_wcsnlen_s.Addr(), gengort.MarshallSyscall(_Source), gengort.MarshallSyscall(_MaxCount)) - return gengort.UnmarshallSyscall[uint](__res) -} - -var __imp_wcsncat gengort.PreloadProc - -func Wcsncat(_Destination *WcharT, _Source *WcharT, _Count uint) *WcharT { - __res := gengort.CCall3(__imp_wcsncat.Addr(), gengort.MarshallSyscall(_Destination), gengort.MarshallSyscall(_Source), gengort.MarshallSyscall(_Count)) - return gengort.UnmarshallSyscall[*WcharT](__res) -} - -var __imp_wcsncmp gengort.PreloadProc - -func Wcsncmp( *uint16, *uint16, uint64) int32 { - __res := gengort.CCall3(__imp_wcsncmp.Addr(), gengort.MarshallSyscall(), gengort.MarshallSyscall(), gengort.MarshallSyscall()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_wcsncmp gengort.PreloadProc - -func Wcsncmp(_String1 *WcharT, _String2 *WcharT, _MaxCount uint) int32 { - __res := gengort.CCall3(__imp_wcsncmp.Addr(), gengort.MarshallSyscall(_String1), gengort.MarshallSyscall(_String2), gengort.MarshallSyscall(_MaxCount)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_wcsncpy gengort.PreloadProc - -func Wcsncpy(_Destination *WcharT, _Source *WcharT, _Count uint) *WcharT { - __res := gengort.CCall3(__imp_wcsncpy.Addr(), gengort.MarshallSyscall(_Destination), gengort.MarshallSyscall(_Source), gengort.MarshallSyscall(_Count)) - return gengort.UnmarshallSyscall[*WcharT](__res) -} - -var __imp_wcspbrk gengort.PreloadProc - -func Wcspbrk(_String *WcharT, _Control *WcharT) *WcharT { - __res := gengort.CCall2(__imp_wcspbrk.Addr(), gengort.MarshallSyscall(_String), gengort.MarshallSyscall(_Control)) - return gengort.UnmarshallSyscall[*WcharT](__res) -} - -var __imp_wcsspn gengort.PreloadProc - -func Wcsspn(_String *WcharT, _Control *WcharT) uint { - __res := gengort.CCall2(__imp_wcsspn.Addr(), gengort.MarshallSyscall(_String), gengort.MarshallSyscall(_Control)) - return gengort.UnmarshallSyscall[uint](__res) -} - -var __imp_wcstok gengort.PreloadProc - -func Wcstok(_String *WcharT, _Delimiter *WcharT, _Context **WcharT) *WcharT { - __res := gengort.CCall3(__imp_wcstok.Addr(), gengort.MarshallSyscall(_String), gengort.MarshallSyscall(_Delimiter), gengort.MarshallSyscall(_Context)) - return gengort.UnmarshallSyscall[*WcharT](__res) -} - -var __imp__wcstok gengort.PreloadProc - -func _Wcstok(_String any, _Delimiter any) *WcharT { - __res := gengort.CCall2(__imp__wcstok.Addr(), gengort.MarshallSyscall(_String), gengort.MarshallSyscall(_Delimiter)) - return gengort.UnmarshallSyscall[*WcharT](__res) -} - -var __imp__wcserror gengort.PreloadProc - -func _Wcserror(_ErrorNumber int32) *WcharT { - __res := gengort.CCall1(__imp__wcserror.Addr(), gengort.MarshallSyscall(_ErrorNumber)) - return gengort.UnmarshallSyscall[*WcharT](__res) -} - -var __imp__wcserror_s gengort.PreloadProc - -func _WcserrorS(_Buffer *WcharT, _SizeInWords uint, _ErrorNumber int32) ErrnoT { - __res := gengort.CCall3(__imp__wcserror_s.Addr(), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_SizeInWords), gengort.MarshallSyscall(_ErrorNumber)) - return gengort.UnmarshallSyscall[ErrnoT](__res) -} - -var __imp___wcserror gengort.PreloadProc - -func _Wcserror(_String *WcharT) *WcharT { - __res := gengort.CCall1(__imp___wcserror.Addr(), gengort.MarshallSyscall(_String)) - return gengort.UnmarshallSyscall[*WcharT](__res) -} - -var __imp___wcserror_s gengort.PreloadProc - -func _WcserrorS(_Buffer *WcharT, _SizeInWords uint, _ErrorMessage *WcharT) ErrnoT { - __res := gengort.CCall3(__imp___wcserror_s.Addr(), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_SizeInWords), gengort.MarshallSyscall(_ErrorMessage)) - return gengort.UnmarshallSyscall[ErrnoT](__res) -} - -var __imp__wcsicmp gengort.PreloadProc - -func _Wcsicmp(_String1 *WcharT, _String2 *WcharT) int32 { - __res := gengort.CCall2(__imp__wcsicmp.Addr(), gengort.MarshallSyscall(_String1), gengort.MarshallSyscall(_String2)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__wcsicmp_l gengort.PreloadProc - -func _WcsicmpL(_String1 *WcharT, _String2 *WcharT, _Locale _LocaleT) int32 { - __res := gengort.CCall3(__imp__wcsicmp_l.Addr(), gengort.MarshallSyscall(_String1), gengort.MarshallSyscall(_String2), gengort.MarshallSyscall(_Locale)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__wcsnicmp gengort.PreloadProc - -func _Wcsnicmp(_String1 *WcharT, _String2 *WcharT, _MaxCount uint) int32 { - __res := gengort.CCall3(__imp__wcsnicmp.Addr(), gengort.MarshallSyscall(_String1), gengort.MarshallSyscall(_String2), gengort.MarshallSyscall(_MaxCount)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__wcsnicmp_l gengort.PreloadProc - -func _WcsnicmpL(_String1 *WcharT, _String2 *WcharT, _MaxCount uint, _Locale _LocaleT) int32 { - __res := gengort.CCall4(__imp__wcsnicmp_l.Addr(), gengort.MarshallSyscall(_String1), gengort.MarshallSyscall(_String2), gengort.MarshallSyscall(_MaxCount), gengort.MarshallSyscall(_Locale)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__wcsnset_s gengort.PreloadProc - -func _WcsnsetS(_Destination *WcharT, _SizeInWords uint, _Value WcharT, _MaxCount uint) ErrnoT { - __res := gengort.CCall4(__imp__wcsnset_s.Addr(), gengort.MarshallSyscall(_Destination), gengort.MarshallSyscall(_SizeInWords), gengort.MarshallSyscall(_Value), gengort.MarshallSyscall(_MaxCount)) - return gengort.UnmarshallSyscall[ErrnoT](__res) -} - -var __imp__wcsnset gengort.PreloadProc - -func _Wcsnset(_String *WcharT, _Value WcharT, _MaxCount uint) *WcharT { - __res := gengort.CCall3(__imp__wcsnset.Addr(), gengort.MarshallSyscall(_String), gengort.MarshallSyscall(_Value), gengort.MarshallSyscall(_MaxCount)) - return gengort.UnmarshallSyscall[*WcharT](__res) -} - -var __imp__wcsrev gengort.PreloadProc - -func _Wcsrev(_String *WcharT) *WcharT { - __res := gengort.CCall1(__imp__wcsrev.Addr(), gengort.MarshallSyscall(_String)) - return gengort.UnmarshallSyscall[*WcharT](__res) -} - -var __imp__wcsset_s gengort.PreloadProc - -func _WcssetS(_Destination *WcharT, _SizeInWords uint, _Value WcharT) ErrnoT { - __res := gengort.CCall3(__imp__wcsset_s.Addr(), gengort.MarshallSyscall(_Destination), gengort.MarshallSyscall(_SizeInWords), gengort.MarshallSyscall(_Value)) - return gengort.UnmarshallSyscall[ErrnoT](__res) -} - -var __imp__wcsset gengort.PreloadProc - -func _Wcsset(_String *WcharT, _Value WcharT) *WcharT { - __res := gengort.CCall2(__imp__wcsset.Addr(), gengort.MarshallSyscall(_String), gengort.MarshallSyscall(_Value)) - return gengort.UnmarshallSyscall[*WcharT](__res) -} - -var __imp__wcslwr_s gengort.PreloadProc - -func _WcslwrS(_String *WcharT, _SizeInWords uint) ErrnoT { - __res := gengort.CCall2(__imp__wcslwr_s.Addr(), gengort.MarshallSyscall(_String), gengort.MarshallSyscall(_SizeInWords)) - return gengort.UnmarshallSyscall[ErrnoT](__res) -} - -var __imp__wcslwr gengort.PreloadProc - -func _Wcslwr(_String *WcharT) *WcharT { - __res := gengort.CCall1(__imp__wcslwr.Addr(), gengort.MarshallSyscall(_String)) - return gengort.UnmarshallSyscall[*WcharT](__res) -} - -var __imp__wcslwr_s_l gengort.PreloadProc - -func _WcslwrSL(_String *WcharT, _SizeInWords uint, _Locale _LocaleT) ErrnoT { - __res := gengort.CCall3(__imp__wcslwr_s_l.Addr(), gengort.MarshallSyscall(_String), gengort.MarshallSyscall(_SizeInWords), gengort.MarshallSyscall(_Locale)) - return gengort.UnmarshallSyscall[ErrnoT](__res) -} - -var __imp__wcslwr_l gengort.PreloadProc - -func _WcslwrL(_String *WcharT, _Locale _LocaleT) *WcharT { - __res := gengort.CCall2(__imp__wcslwr_l.Addr(), gengort.MarshallSyscall(_String), gengort.MarshallSyscall(_Locale)) - return gengort.UnmarshallSyscall[*WcharT](__res) -} - -var __imp__wcsupr_s gengort.PreloadProc - -func _WcsuprS(_String *WcharT, _Size uint) ErrnoT { - __res := gengort.CCall2(__imp__wcsupr_s.Addr(), gengort.MarshallSyscall(_String), gengort.MarshallSyscall(_Size)) - return gengort.UnmarshallSyscall[ErrnoT](__res) -} - -var __imp__wcsupr gengort.PreloadProc - -func _Wcsupr(_String *WcharT) *WcharT { - __res := gengort.CCall1(__imp__wcsupr.Addr(), gengort.MarshallSyscall(_String)) - return gengort.UnmarshallSyscall[*WcharT](__res) -} - -var __imp__wcsupr_s_l gengort.PreloadProc - -func _WcsuprSL(_String *WcharT, _Size uint, _Locale _LocaleT) ErrnoT { - __res := gengort.CCall3(__imp__wcsupr_s_l.Addr(), gengort.MarshallSyscall(_String), gengort.MarshallSyscall(_Size), gengort.MarshallSyscall(_Locale)) - return gengort.UnmarshallSyscall[ErrnoT](__res) -} - -var __imp__wcsupr_l gengort.PreloadProc - -func _WcsuprL(_String *WcharT, _Locale _LocaleT) *WcharT { - __res := gengort.CCall2(__imp__wcsupr_l.Addr(), gengort.MarshallSyscall(_String), gengort.MarshallSyscall(_Locale)) - return gengort.UnmarshallSyscall[*WcharT](__res) -} - -var __imp_wcsxfrm gengort.PreloadProc - -func Wcsxfrm(_Destination *WcharT, _Source *WcharT, _MaxCount uint) uint { - __res := gengort.CCall3(__imp_wcsxfrm.Addr(), gengort.MarshallSyscall(_Destination), gengort.MarshallSyscall(_Source), gengort.MarshallSyscall(_MaxCount)) - return gengort.UnmarshallSyscall[uint](__res) -} - -var __imp__wcsxfrm_l gengort.PreloadProc - -func _WcsxfrmL(_Destination *WcharT, _Source *WcharT, _MaxCount uint, _Locale _LocaleT) uint { - __res := gengort.CCall4(__imp__wcsxfrm_l.Addr(), gengort.MarshallSyscall(_Destination), gengort.MarshallSyscall(_Source), gengort.MarshallSyscall(_MaxCount), gengort.MarshallSyscall(_Locale)) - return gengort.UnmarshallSyscall[uint](__res) -} - -var __imp_wcscoll gengort.PreloadProc - -func Wcscoll(_String1 *WcharT, _String2 *WcharT) int32 { - __res := gengort.CCall2(__imp_wcscoll.Addr(), gengort.MarshallSyscall(_String1), gengort.MarshallSyscall(_String2)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__wcscoll_l gengort.PreloadProc - -func _WcscollL(_String1 *WcharT, _String2 *WcharT, _Locale _LocaleT) int32 { - __res := gengort.CCall3(__imp__wcscoll_l.Addr(), gengort.MarshallSyscall(_String1), gengort.MarshallSyscall(_String2), gengort.MarshallSyscall(_Locale)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__wcsicoll gengort.PreloadProc - -func _Wcsicoll(_String1 *WcharT, _String2 *WcharT) int32 { - __res := gengort.CCall2(__imp__wcsicoll.Addr(), gengort.MarshallSyscall(_String1), gengort.MarshallSyscall(_String2)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__wcsicoll_l gengort.PreloadProc - -func _WcsicollL(_String1 *WcharT, _String2 *WcharT, _Locale _LocaleT) int32 { - __res := gengort.CCall3(__imp__wcsicoll_l.Addr(), gengort.MarshallSyscall(_String1), gengort.MarshallSyscall(_String2), gengort.MarshallSyscall(_Locale)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__wcsncoll gengort.PreloadProc - -func _Wcsncoll(_String1 *WcharT, _String2 *WcharT, _MaxCount uint) int32 { - __res := gengort.CCall3(__imp__wcsncoll.Addr(), gengort.MarshallSyscall(_String1), gengort.MarshallSyscall(_String2), gengort.MarshallSyscall(_MaxCount)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__wcsncoll_l gengort.PreloadProc - -func _WcsncollL(_String1 *WcharT, _String2 *WcharT, _MaxCount uint, _Locale _LocaleT) int32 { - __res := gengort.CCall4(__imp__wcsncoll_l.Addr(), gengort.MarshallSyscall(_String1), gengort.MarshallSyscall(_String2), gengort.MarshallSyscall(_MaxCount), gengort.MarshallSyscall(_Locale)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__wcsnicoll gengort.PreloadProc - -func _Wcsnicoll(_String1 *WcharT, _String2 *WcharT, _MaxCount uint) int32 { - __res := gengort.CCall3(__imp__wcsnicoll.Addr(), gengort.MarshallSyscall(_String1), gengort.MarshallSyscall(_String2), gengort.MarshallSyscall(_MaxCount)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__wcsnicoll_l gengort.PreloadProc - -func _WcsnicollL(_String1 *WcharT, _String2 *WcharT, _MaxCount uint, _Locale _LocaleT) int32 { - __res := gengort.CCall4(__imp__wcsnicoll_l.Addr(), gengort.MarshallSyscall(_String1), gengort.MarshallSyscall(_String2), gengort.MarshallSyscall(_MaxCount), gengort.MarshallSyscall(_Locale)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_wcsdup gengort.PreloadProc - -func Wcsdup(_String *WcharT) *WcharT { - __res := gengort.CCall1(__imp_wcsdup.Addr(), gengort.MarshallSyscall(_String)) - return gengort.UnmarshallSyscall[*WcharT](__res) -} - -var __imp_wcsicmp gengort.PreloadProc - -func Wcsicmp(_String1 *WcharT, _String2 *WcharT) int32 { - __res := gengort.CCall2(__imp_wcsicmp.Addr(), gengort.MarshallSyscall(_String1), gengort.MarshallSyscall(_String2)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_wcsnicmp gengort.PreloadProc - -func Wcsnicmp(_String1 *WcharT, _String2 *WcharT, _MaxCount uint) int32 { - __res := gengort.CCall3(__imp_wcsnicmp.Addr(), gengort.MarshallSyscall(_String1), gengort.MarshallSyscall(_String2), gengort.MarshallSyscall(_MaxCount)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_wcsnset gengort.PreloadProc - -func Wcsnset(_String *WcharT, _Value WcharT, _MaxCount uint) *WcharT { - __res := gengort.CCall3(__imp_wcsnset.Addr(), gengort.MarshallSyscall(_String), gengort.MarshallSyscall(_Value), gengort.MarshallSyscall(_MaxCount)) - return gengort.UnmarshallSyscall[*WcharT](__res) -} - -var __imp_wcsrev gengort.PreloadProc - -func Wcsrev(_String *WcharT) *WcharT { - __res := gengort.CCall1(__imp_wcsrev.Addr(), gengort.MarshallSyscall(_String)) - return gengort.UnmarshallSyscall[*WcharT](__res) -} - -var __imp_wcsset gengort.PreloadProc - -func Wcsset(_String *WcharT, _Value WcharT) *WcharT { - __res := gengort.CCall2(__imp_wcsset.Addr(), gengort.MarshallSyscall(_String), gengort.MarshallSyscall(_Value)) - return gengort.UnmarshallSyscall[*WcharT](__res) -} - -var __imp_wcslwr gengort.PreloadProc - -func Wcslwr(_String *WcharT) *WcharT { - __res := gengort.CCall1(__imp_wcslwr.Addr(), gengort.MarshallSyscall(_String)) - return gengort.UnmarshallSyscall[*WcharT](__res) -} - -var __imp_wcsupr gengort.PreloadProc - -func Wcsupr(_String *WcharT) *WcharT { - __res := gengort.CCall1(__imp_wcsupr.Addr(), gengort.MarshallSyscall(_String)) - return gengort.UnmarshallSyscall[*WcharT](__res) -} - -var __imp_wcsicoll gengort.PreloadProc - -func Wcsicoll(_String1 *WcharT, _String2 *WcharT) int32 { - __res := gengort.CCall2(__imp_wcsicoll.Addr(), gengort.MarshallSyscall(_String1), gengort.MarshallSyscall(_String2)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__wasctime gengort.PreloadProc - -func _Wasctime(_Tm *Tm) *WcharT { - __res := gengort.CCall1(__imp__wasctime.Addr(), gengort.MarshallSyscall(_Tm)) - return gengort.UnmarshallSyscall[*WcharT](__res) -} - -var __imp__wasctime_s gengort.PreloadProc - -func _WasctimeS(_Buffer *WcharT, _SizeInWords uint, _Tm *Tm) ErrnoT { - __res := gengort.CCall3(__imp__wasctime_s.Addr(), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_SizeInWords), gengort.MarshallSyscall(_Tm)) - return gengort.UnmarshallSyscall[ErrnoT](__res) -} - -var __imp_wcsftime gengort.PreloadProc - -func Wcsftime(_Buffer *WcharT, _SizeInWords uint, _Format *WcharT, _Tm *Tm) uint { - __res := gengort.CCall4(__imp_wcsftime.Addr(), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_SizeInWords), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_Tm)) - return gengort.UnmarshallSyscall[uint](__res) -} - -var __imp__wcsftime_l gengort.PreloadProc - -func _WcsftimeL(_Buffer *WcharT, _SizeInWords uint, _Format *WcharT, _Tm *Tm, _Locale _LocaleT) uint { - __res := gengort.CCall5(__imp__wcsftime_l.Addr(), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_SizeInWords), gengort.MarshallSyscall(_Format), gengort.MarshallSyscall(_Tm), gengort.MarshallSyscall(_Locale)) - return gengort.UnmarshallSyscall[uint](__res) -} - -var __imp__wctime32 gengort.PreloadProc - -func _Wctime32(_Time *_Time32T) *WcharT { - __res := gengort.CCall1(__imp__wctime32.Addr(), gengort.MarshallSyscall(_Time)) - return gengort.UnmarshallSyscall[*WcharT](__res) -} - -var __imp__wctime32_s gengort.PreloadProc - -func _Wctime32S(_Buffer *WcharT, _SizeInWords uint, _Time *_Time32T) ErrnoT { - __res := gengort.CCall3(__imp__wctime32_s.Addr(), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_SizeInWords), gengort.MarshallSyscall(_Time)) - return gengort.UnmarshallSyscall[ErrnoT](__res) -} - -var __imp__wctime64 gengort.PreloadProc - -func _Wctime64(_Time *TimeT) *WcharT { - __res := gengort.CCall1(__imp__wctime64.Addr(), gengort.MarshallSyscall(_Time)) - return gengort.UnmarshallSyscall[*WcharT](__res) -} - -var __imp__wctime64_s gengort.PreloadProc - -func _Wctime64S(_Buffer *WcharT, _SizeInWords uint, _Time *TimeT) ErrnoT { - __res := gengort.CCall3(__imp__wctime64_s.Addr(), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_SizeInWords), gengort.MarshallSyscall(_Time)) - return gengort.UnmarshallSyscall[ErrnoT](__res) -} - -var __imp__wstrdate_s gengort.PreloadProc - -func _WstrdateS(_Buffer *WcharT, _SizeInWords uint) ErrnoT { - __res := gengort.CCall2(__imp__wstrdate_s.Addr(), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_SizeInWords)) - return gengort.UnmarshallSyscall[ErrnoT](__res) -} - -var __imp__wstrdate gengort.PreloadProc - -func _Wstrdate(_Buffer *WcharT) *WcharT { - __res := gengort.CCall1(__imp__wstrdate.Addr(), gengort.MarshallSyscall(_Buffer)) - return gengort.UnmarshallSyscall[*WcharT](__res) -} - -var __imp__wstrtime_s gengort.PreloadProc - -func _WstrtimeS(_Buffer *WcharT, _SizeInWords uint) ErrnoT { - __res := gengort.CCall2(__imp__wstrtime_s.Addr(), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_SizeInWords)) - return gengort.UnmarshallSyscall[ErrnoT](__res) -} - -var __imp__wstrtime gengort.PreloadProc - -func _Wstrtime(_Buffer *WcharT) *WcharT { - __res := gengort.CCall1(__imp__wstrtime.Addr(), gengort.MarshallSyscall(_Buffer)) - return gengort.UnmarshallSyscall[*WcharT](__res) -} - -var __imp__wctime gengort.PreloadProc - -func _Wctime(_Time any) *WcharT { - __res := gengort.CCall1(__imp__wctime.Addr(), gengort.MarshallSyscall(_Time)) - return gengort.UnmarshallSyscall[*WcharT](__res) -} - -var __imp__wctime_s gengort.PreloadProc - -func _WctimeS(_Buffer any, _SizeInWords uint, _Time any) ErrnoT { - __res := gengort.CCall3(__imp__wctime_s.Addr(), gengort.MarshallSyscall(_Buffer), gengort.MarshallSyscall(_SizeInWords), gengort.MarshallSyscall(_Time)) - return gengort.UnmarshallSyscall[ErrnoT](__res) -} - -var __imp__fstat32 gengort.PreloadProc - -func _Fstat32(_FileHandle int32, _Stat *_Stat32) int32 { - __res := gengort.CCall2(__imp__fstat32.Addr(), gengort.MarshallSyscall(_FileHandle), gengort.MarshallSyscall(_Stat)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__fstat32i64 gengort.PreloadProc - -func _Fstat32i64(_FileHandle int32, _Stat *_Stat32i64) int32 { - __res := gengort.CCall2(__imp__fstat32i64.Addr(), gengort.MarshallSyscall(_FileHandle), gengort.MarshallSyscall(_Stat)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__fstat64i32 gengort.PreloadProc - -func _Fstat64i32(_FileHandle int32, _Stat *_Stat64i32) int32 { - __res := gengort.CCall2(__imp__fstat64i32.Addr(), gengort.MarshallSyscall(_FileHandle), gengort.MarshallSyscall(_Stat)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__fstat64 gengort.PreloadProc - -func _Fstat64(_FileHandle int32, _Stat *_Stat64) int32 { - __res := gengort.CCall2(__imp__fstat64.Addr(), gengort.MarshallSyscall(_FileHandle), gengort.MarshallSyscall(_Stat)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__stat32 gengort.PreloadProc - -func _Stat32(_FileName *byte, _Stat *_Stat32) int32 { - __res := gengort.CCall2(__imp__stat32.Addr(), gengort.MarshallSyscall(_FileName), gengort.MarshallSyscall(_Stat)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__stat32i64 gengort.PreloadProc - -func _Stat32i64(_FileName *byte, _Stat *_Stat32i64) int32 { - __res := gengort.CCall2(__imp__stat32i64.Addr(), gengort.MarshallSyscall(_FileName), gengort.MarshallSyscall(_Stat)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__stat64i32 gengort.PreloadProc - -func _Stat64i32(_FileName *byte, _Stat *_Stat64i32) int32 { - __res := gengort.CCall2(__imp__stat64i32.Addr(), gengort.MarshallSyscall(_FileName), gengort.MarshallSyscall(_Stat)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__stat64 gengort.PreloadProc - -func _Stat64(_FileName *byte, _Stat *_Stat64) int32 { - __res := gengort.CCall2(__imp__stat64.Addr(), gengort.MarshallSyscall(_FileName), gengort.MarshallSyscall(_Stat)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__wstat32 gengort.PreloadProc - -func _Wstat32(_FileName *WcharT, _Stat *_Stat32) int32 { - __res := gengort.CCall2(__imp__wstat32.Addr(), gengort.MarshallSyscall(_FileName), gengort.MarshallSyscall(_Stat)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__wstat32i64 gengort.PreloadProc - -func _Wstat32i64(_FileName *WcharT, _Stat *_Stat32i64) int32 { - __res := gengort.CCall2(__imp__wstat32i64.Addr(), gengort.MarshallSyscall(_FileName), gengort.MarshallSyscall(_Stat)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__wstat64i32 gengort.PreloadProc - -func _Wstat64i32(_FileName *WcharT, _Stat *_Stat64i32) int32 { - __res := gengort.CCall2(__imp__wstat64i32.Addr(), gengort.MarshallSyscall(_FileName), gengort.MarshallSyscall(_Stat)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__wstat64 gengort.PreloadProc - -func _Wstat64(_FileName *WcharT, _Stat *_Stat64) int32 { - __res := gengort.CCall2(__imp__wstat64.Addr(), gengort.MarshallSyscall(_FileName), gengort.MarshallSyscall(_Stat)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_fstat gengort.PreloadProc - -func Fstat(_FileHandle int32, _Stat any) int32 { - __res := gengort.CCall2(__imp_fstat.Addr(), gengort.MarshallSyscall(_FileHandle), gengort.MarshallSyscall(_Stat)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_stat gengort.PreloadProc - -func Stat(_FileName any, _Stat any) int32 { - __res := gengort.CCall2(__imp_stat.Addr(), gengort.MarshallSyscall(_FileName), gengort.MarshallSyscall(_Stat)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp__wsetlocale gengort.PreloadProc - -func _Wsetlocale(_Category int32, _Locale *WcharT) *WcharT { - __res := gengort.CCall2(__imp__wsetlocale.Addr(), gengort.MarshallSyscall(_Category), gengort.MarshallSyscall(_Locale)) - return gengort.UnmarshallSyscall[*WcharT](__res) -} - -var __imp__wcreate_locale gengort.PreloadProc - -func _WcreateLocale(_Category int32, _Locale *WcharT) _LocaleT { - __res := gengort.CCall2(__imp__wcreate_locale.Addr(), gengort.MarshallSyscall(_Category), gengort.MarshallSyscall(_Locale)) - return gengort.UnmarshallSyscall[_LocaleT](__res) -} - -var __imp_btowc gengort.PreloadProc - -func Btowc(_Ch int32) WintT { - __res := gengort.CCall1(__imp_btowc.Addr(), gengort.MarshallSyscall(_Ch)) - return gengort.UnmarshallSyscall[WintT](__res) -} - -var __imp_mbrlen gengort.PreloadProc - -func Mbrlen(_Ch *byte, _SizeInBytes uint, _State *MbstateT) uint { - __res := gengort.CCall3(__imp_mbrlen.Addr(), gengort.MarshallSyscall(_Ch), gengort.MarshallSyscall(_SizeInBytes), gengort.MarshallSyscall(_State)) - return gengort.UnmarshallSyscall[uint](__res) -} - -var __imp_mbrtowc gengort.PreloadProc - -func Mbrtowc(_DstCh *WcharT, _SrcCh *byte, _SizeInBytes uint, _State *MbstateT) uint { - __res := gengort.CCall4(__imp_mbrtowc.Addr(), gengort.MarshallSyscall(_DstCh), gengort.MarshallSyscall(_SrcCh), gengort.MarshallSyscall(_SizeInBytes), gengort.MarshallSyscall(_State)) - return gengort.UnmarshallSyscall[uint](__res) -} - -var __imp_mbsrtowcs_s gengort.PreloadProc - -func MbsrtowcsS(_Retval *uint, _Dst *WcharT, _Size uint, _PSrc **byte, _N uint, _State *MbstateT) ErrnoT { - __res := gengort.CCall6(__imp_mbsrtowcs_s.Addr(), gengort.MarshallSyscall(_Retval), gengort.MarshallSyscall(_Dst), gengort.MarshallSyscall(_Size), gengort.MarshallSyscall(_PSrc), gengort.MarshallSyscall(_N), gengort.MarshallSyscall(_State)) - return gengort.UnmarshallSyscall[ErrnoT](__res) -} - -var __imp_mbsrtowcs gengort.PreloadProc - -func Mbsrtowcs(_Dest *WcharT, _PSrc **byte, _Count uint, _State *MbstateT) uint { - __res := gengort.CCall4(__imp_mbsrtowcs.Addr(), gengort.MarshallSyscall(_Dest), gengort.MarshallSyscall(_PSrc), gengort.MarshallSyscall(_Count), gengort.MarshallSyscall(_State)) - return gengort.UnmarshallSyscall[uint](__res) -} - -var __imp_wcrtomb_s gengort.PreloadProc - -func WcrtombS(_Retval *uint, _Dst *byte, _SizeInBytes uint, _Ch WcharT, _State *MbstateT) ErrnoT { - __res := gengort.CCall5(__imp_wcrtomb_s.Addr(), gengort.MarshallSyscall(_Retval), gengort.MarshallSyscall(_Dst), gengort.MarshallSyscall(_SizeInBytes), gengort.MarshallSyscall(_Ch), gengort.MarshallSyscall(_State)) - return gengort.UnmarshallSyscall[ErrnoT](__res) -} - -var __imp_wcrtomb gengort.PreloadProc - -func Wcrtomb(_Dest *byte, _Source WcharT, _State *MbstateT) uint { - __res := gengort.CCall3(__imp_wcrtomb.Addr(), gengort.MarshallSyscall(_Dest), gengort.MarshallSyscall(_Source), gengort.MarshallSyscall(_State)) - return gengort.UnmarshallSyscall[uint](__res) -} - -var __imp_wcsrtombs_s gengort.PreloadProc - -func WcsrtombsS(_Retval *uint, _Dst *byte, _SizeInBytes uint, _Src **WcharT, _Size uint, _State *MbstateT) ErrnoT { - __res := gengort.CCall6(__imp_wcsrtombs_s.Addr(), gengort.MarshallSyscall(_Retval), gengort.MarshallSyscall(_Dst), gengort.MarshallSyscall(_SizeInBytes), gengort.MarshallSyscall(_Src), gengort.MarshallSyscall(_Size), gengort.MarshallSyscall(_State)) - return gengort.UnmarshallSyscall[ErrnoT](__res) -} - -var __imp_wcsrtombs gengort.PreloadProc - -func Wcsrtombs(_Dest *byte, _PSource **WcharT, _Count uint, _State *MbstateT) uint { - __res := gengort.CCall4(__imp_wcsrtombs.Addr(), gengort.MarshallSyscall(_Dest), gengort.MarshallSyscall(_PSource), gengort.MarshallSyscall(_Count), gengort.MarshallSyscall(_State)) - return gengort.UnmarshallSyscall[uint](__res) -} - -var __imp_wctob gengort.PreloadProc - -func Wctob(_WCh WintT) int32 { - __res := gengort.CCall1(__imp_wctob.Addr(), gengort.MarshallSyscall(_WCh)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_wmemcpy_s gengort.PreloadProc - -func WmemcpyS(_S1 *WcharT, _N1 RsizeT, _S2 *WcharT, _N RsizeT) ErrnoT { - __res := gengort.CCall4(__imp_wmemcpy_s.Addr(), gengort.MarshallSyscall(_S1), gengort.MarshallSyscall(_N1), gengort.MarshallSyscall(_S2), gengort.MarshallSyscall(_N)) - return gengort.UnmarshallSyscall[ErrnoT](__res) -} - -var __imp_wmemmove_s gengort.PreloadProc - -func WmemmoveS(_S1 *WcharT, _N1 RsizeT, _S2 *WcharT, _N RsizeT) ErrnoT { - __res := gengort.CCall4(__imp_wmemmove_s.Addr(), gengort.MarshallSyscall(_S1), gengort.MarshallSyscall(_N1), gengort.MarshallSyscall(_S2), gengort.MarshallSyscall(_N)) - return gengort.UnmarshallSyscall[ErrnoT](__res) -} - -var __imp_fwide gengort.PreloadProc - -func Fwide(_F *File, _M int32) int32 { - __res := gengort.CCall2(__imp_fwide.Addr(), gengort.MarshallSyscall(_F), gengort.MarshallSyscall(_M)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_mbsinit gengort.PreloadProc - -func Mbsinit(_P *MbstateT) int32 { - __res := gengort.CCall1(__imp_mbsinit.Addr(), gengort.MarshallSyscall(_P)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_wmemchr gengort.PreloadProc - -func Wmemchr( *uint16, uint16, uint64) *uint16 { - __res := gengort.CCall3(__imp_wmemchr.Addr(), gengort.MarshallSyscall(), gengort.MarshallSyscall(), gengort.MarshallSyscall()) - return gengort.UnmarshallSyscall[*uint16](__res) -} - -var __imp_wmemchr gengort.PreloadProc - -func Wmemchr(_S *WcharT, _C WcharT, _N uint) *uint16 { - __res := gengort.CCall3(__imp_wmemchr.Addr(), gengort.MarshallSyscall(_S), gengort.MarshallSyscall(_C), gengort.MarshallSyscall(_N)) - return gengort.UnmarshallSyscall[*uint16](__res) -} - -var __imp_wmemcmp gengort.PreloadProc - -func Wmemcmp( *uint16, *uint16, uint64) int32 { - __res := gengort.CCall3(__imp_wmemcmp.Addr(), gengort.MarshallSyscall(), gengort.MarshallSyscall(), gengort.MarshallSyscall()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_wmemcmp gengort.PreloadProc - -func Wmemcmp(_S1 *WcharT, _S2 *WcharT, _N uint) int32 { - __res := gengort.CCall3(__imp_wmemcmp.Addr(), gengort.MarshallSyscall(_S1), gengort.MarshallSyscall(_S2), gengort.MarshallSyscall(_N)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_wmemcpy gengort.PreloadProc - -func Wmemcpy( *uint16, *uint16, uint64) *uint16 { - __res := gengort.CCall3(__imp_wmemcpy.Addr(), gengort.MarshallSyscall(), gengort.MarshallSyscall(), gengort.MarshallSyscall()) - return gengort.UnmarshallSyscall[*uint16](__res) -} - -var __imp_wmemcpy gengort.PreloadProc - -func Wmemcpy(_S1 *WcharT, _S2 *WcharT, _N uint) *uint16 { - __res := gengort.CCall3(__imp_wmemcpy.Addr(), gengort.MarshallSyscall(_S1), gengort.MarshallSyscall(_S2), gengort.MarshallSyscall(_N)) - return gengort.UnmarshallSyscall[*uint16](__res) -} - -var __imp_wmemmove gengort.PreloadProc - -func Wmemmove( *uint16, *uint16, uint64) *uint16 { - __res := gengort.CCall3(__imp_wmemmove.Addr(), gengort.MarshallSyscall(), gengort.MarshallSyscall(), gengort.MarshallSyscall()) - return gengort.UnmarshallSyscall[*uint16](__res) -} - -var __imp_wmemmove gengort.PreloadProc - -func Wmemmove(_S1 *WcharT, _S2 *WcharT, _N uint) *uint16 { - __res := gengort.CCall3(__imp_wmemmove.Addr(), gengort.MarshallSyscall(_S1), gengort.MarshallSyscall(_S2), gengort.MarshallSyscall(_N)) - return gengort.UnmarshallSyscall[*uint16](__res) -} - -var __imp_wmemset gengort.PreloadProc - -func Wmemset(_S *WcharT, _C WcharT, _N uint) *WcharT { - __res := gengort.CCall3(__imp_wmemset.Addr(), gengort.MarshallSyscall(_S), gengort.MarshallSyscall(_C), gengort.MarshallSyscall(_N)) - return gengort.UnmarshallSyscall[*WcharT](__res) -} diff --git a/bin/debug/SDK/Headers/Connection.h.go b/bin/debug/SDK/Headers/Connection.h.go deleted file mode 100644 index e6c602d76..000000000 --- a/bin/debug/SDK/Headers/Connection.h.go +++ /dev/null @@ -1,130 +0,0 @@ -// Code generated by gengo. DO NOT EDIT. -package HPRDBGCTRL - -import ( - "unsafe" - "github.com/can1357/gengo/gengort" -) - -const GengoLibraryName = "HPRDBGCTRL" - -var GengoLibrary = gengort.NewLibrary(GengoLibraryName) - -// @brief enum for reasons why debuggee is paused -type DebuggeePausingReason int32 - -const ( - DEBUGGEE_PAUSING_REASON_NOT_PAUSED DebuggeePausingReason = 0 - DEBUGGEE_PAUSING_REASON_PAUSE DebuggeePausingReason = 1 - DEBUGGEE_PAUSING_REASON_REQUEST_FROM_DEBUGGER DebuggeePausingReason = 2 - DEBUGGEE_PAUSING_REASON_DEBUGGEE_STEPPED DebuggeePausingReason = 3 - DEBUGGEE_PAUSING_REASON_DEBUGGEE_TRACKING_STEPPED DebuggeePausingReason = 4 - DEBUGGEE_PAUSING_REASON_DEBUGGEE_SOFTWARE_BREAKPOINT_HIT DebuggeePausingReason = 5 - DEBUGGEE_PAUSING_REASON_DEBUGGEE_HARDWARE_DEBUG_REGISTER_HIT DebuggeePausingReason = 6 - DEBUGGEE_PAUSING_REASON_DEBUGGEE_CORE_SWITCHED DebuggeePausingReason = 7 - DEBUGGEE_PAUSING_REASON_DEBUGGEE_PROCESS_SWITCHED DebuggeePausingReason = 8 - DEBUGGEE_PAUSING_REASON_DEBUGGEE_THREAD_SWITCHED DebuggeePausingReason = 9 - DEBUGGEE_PAUSING_REASON_DEBUGGEE_COMMAND_EXECUTION_FINISHED DebuggeePausingReason = 10 - DEBUGGEE_PAUSING_REASON_DEBUGGEE_EVENT_TRIGGERED DebuggeePausingReason = 11 - DEBUGGEE_PAUSING_REASON_DEBUGGEE_STARTING_MODULE_LOADED DebuggeePausingReason = 12 - DEBUGGEE_PAUSING_REASON_DEBUGGEE_GENERAL_DEBUG_BREAK DebuggeePausingReason = 13 - DEBUGGEE_PAUSING_REASON_DEBUGGEE_GENERAL_THREAD_INTERCEPTED DebuggeePausingReason = 14 - DEBUGGEE_PAUSING_REASON_HARDWARE_BASED_DEBUGGEE_GENERAL_BREAK DebuggeePausingReason = 15 -) - -// @brief enum for requested action for HyperDbg packet -type DebuggerRemotePacketRequestedAction int32 - -const ( - DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_USER_MODE_PAUSE DebuggerRemotePacketRequestedAction = 1 - DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_USER_MODE_DO_NOT_READ_ANY_PACKET DebuggerRemotePacketRequestedAction = 2 - DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_USER_MODE_DEBUGGER_VERSION DebuggerRemotePacketRequestedAction = 3 - DEBUGGER_REMOTE_PACKET_PING_AND_SEND_SUPPORTED_VERSION DebuggerRemotePacketRequestedAction = 4 - DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_MODE_STEP DebuggerRemotePacketRequestedAction = 5 - DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_MODE_CONTINUE DebuggerRemotePacketRequestedAction = 6 - DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_MODE_CLOSE_AND_UNLOAD_DEBUGGEE DebuggerRemotePacketRequestedAction = 7 - DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_MODE_CHANGE_CORE DebuggerRemotePacketRequestedAction = 8 - DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_MODE_FLUSH_BUFFERS DebuggerRemotePacketRequestedAction = 9 - DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_MODE_CALLSTACK DebuggerRemotePacketRequestedAction = 10 - DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_MODE_TEST_QUERY DebuggerRemotePacketRequestedAction = 11 - DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_MODE_CHANGE_PROCESS DebuggerRemotePacketRequestedAction = 12 - DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_MODE_CHANGE_THREAD DebuggerRemotePacketRequestedAction = 13 - DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_RUN_SCRIPT DebuggerRemotePacketRequestedAction = 14 - DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_USER_INPUT_BUFFER DebuggerRemotePacketRequestedAction = 15 - DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_SEARCH_QUERY DebuggerRemotePacketRequestedAction = 16 - DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_REGISTER_EVENT DebuggerRemotePacketRequestedAction = 17 - DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_ADD_ACTION_TO_EVENT DebuggerRemotePacketRequestedAction = 18 - DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_QUERY_AND_MODIFY_EVENT DebuggerRemotePacketRequestedAction = 19 - DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_READ_REGISTERS DebuggerRemotePacketRequestedAction = 20 - DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_READ_MEMORY DebuggerRemotePacketRequestedAction = 21 - DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_EDIT_MEMORY DebuggerRemotePacketRequestedAction = 22 - DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_BP DebuggerRemotePacketRequestedAction = 23 - DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_LIST_OR_MODIFY_BREAKPOINTS DebuggerRemotePacketRequestedAction = 24 - DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_SYMBOL_RELOAD DebuggerRemotePacketRequestedAction = 25 - DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_QUERY_PA2VA_AND_VA2PA DebuggerRemotePacketRequestedAction = 26 - DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_SYMBOL_QUERY_PTE DebuggerRemotePacketRequestedAction = 27 - DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_SET_SHORT_CIRCUITING_STATE DebuggerRemotePacketRequestedAction = 28 - DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_INJECT_PAGE_FAULT DebuggerRemotePacketRequestedAction = 29 - DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_NO_ACTION DebuggerRemotePacketRequestedAction = 30 - DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_STARTED DebuggerRemotePacketRequestedAction = 31 - DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_LOGGING_MECHANISM DebuggerRemotePacketRequestedAction = 32 - DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_PAUSED_AND_CURRENT_INSTRUCTION DebuggerRemotePacketRequestedAction = 33 - DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_CHANGING_CORE DebuggerRemotePacketRequestedAction = 34 - DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_CHANGING_PROCESS DebuggerRemotePacketRequestedAction = 35 - DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_CHANGING_THREAD DebuggerRemotePacketRequestedAction = 36 - DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_RUNNING_SCRIPT DebuggerRemotePacketRequestedAction = 37 - DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_FORMATS DebuggerRemotePacketRequestedAction = 38 - DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_FLUSH DebuggerRemotePacketRequestedAction = 39 - DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_CALLSTACK DebuggerRemotePacketRequestedAction = 40 - DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_TEST_QUERY DebuggerRemotePacketRequestedAction = 41 - DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_REGISTERING_EVENT DebuggerRemotePacketRequestedAction = 42 - DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_ADDING_ACTION_TO_EVENT DebuggerRemotePacketRequestedAction = 43 - DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_QUERY_AND_MODIFY_EVENT DebuggerRemotePacketRequestedAction = 44 - DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_SHORT_CIRCUITING_EVENT DebuggerRemotePacketRequestedAction = 45 - DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_READING_REGISTERS DebuggerRemotePacketRequestedAction = 46 - DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_READING_MEMORY DebuggerRemotePacketRequestedAction = 47 - DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_EDITING_MEMORY DebuggerRemotePacketRequestedAction = 48 - DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_BP DebuggerRemotePacketRequestedAction = 49 - DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_SHORT_CIRCUITING_STATE DebuggerRemotePacketRequestedAction = 50 - DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_LIST_OR_MODIFY_BREAKPOINTS DebuggerRemotePacketRequestedAction = 51 - DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_UPDATE_SYMBOL_INFO DebuggerRemotePacketRequestedAction = 52 - DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RELOAD_SYMBOL_FINISHED DebuggerRemotePacketRequestedAction = 53 - DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RELOAD_SEARCH_QUERY DebuggerRemotePacketRequestedAction = 54 - DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_PTE DebuggerRemotePacketRequestedAction = 55 - DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_VA2PA_AND_PA2VA DebuggerRemotePacketRequestedAction = 56 - DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_BRINGING_PAGES_IN DebuggerRemotePacketRequestedAction = 57 -) - -// @brief enum for different packet types in HyperDbg packets -// -// @warning used in hwdbg -type DebuggerRemotePacketType int32 - -const ( - DEBUGGER_REMOTE_PACKET_TYPE_DEBUGGER_TO_DEBUGGEE_EXECUTE_ON_VMX_ROOT DebuggerRemotePacketType = 1 - DEBUGGER_REMOTE_PACKET_TYPE_DEBUGGER_TO_DEBUGGEE_EXECUTE_ON_USER_MODE DebuggerRemotePacketType = 2 - DEBUGGER_REMOTE_PACKET_TYPE_DEBUGGEE_TO_DEBUGGER DebuggerRemotePacketType = 3 - DEBUGGER_REMOTE_PACKET_TYPE_DEBUGGER_TO_DEBUGGEE_HARDWARE_LEVEL DebuggerRemotePacketType = 4 - DEBUGGER_REMOTE_PACKET_TYPE_DEBUGGEE_TO_DEBUGGER_HARDWARE_LEVEL DebuggerRemotePacketType = 5 -) - -type DebuggerRemotePacket struct { - Checksum int32 - Indicator int32 - TypeOfThePacket DebuggerRemotePacketType - RequestedActionOfThePacket DebuggerRemotePacketRequestedAction -} -type _Int128T = any -type _Uint128T = any -type __NSConstantString = any -type SizeT = uint64 -type _BuiltinMsVaList = *byte -type _BuiltinVaList = *byte - -// @brief The structure of remote packets in HyperDbg -type PdebuggerRemotePacket = *DebuggerRemotePacket - -// Gengo init function. -func init() { - gengort.Validate((*DebuggerRemotePacket)(nil), 0x10, 0x4, "Checksum", 0x0, "Indicator", 0x4, "TypeOfThePacket", 0x8, "RequestedActionOfThePacket", 0xc) -} diff --git a/bin/debug/SDK/Headers/Constants.h.go b/bin/debug/SDK/Headers/Constants.h.go deleted file mode 100644 index a39386f54..000000000 --- a/bin/debug/SDK/Headers/Constants.h.go +++ /dev/null @@ -1,21 +0,0 @@ -// Code generated by gengo. DO NOT EDIT. -package HPRDBGCTRL - -import ( - "unsafe" - "github.com/can1357/gengo/gengort" -) - -const GengoLibraryName = "HPRDBGCTRL" - -var GengoLibrary = gengort.NewLibrary(GengoLibraryName) - -type _Int128T = any -type _Uint128T = any -type __NSConstantString = any -type SizeT = uint64 -type _BuiltinMsVaList = *byte -type _BuiltinVaList = *byte - -// Gengo init function. -func init() {} diff --git a/bin/debug/SDK/Headers/DataTypes.h.go b/bin/debug/SDK/Headers/DataTypes.h.go deleted file mode 100644 index 497877840..000000000 --- a/bin/debug/SDK/Headers/DataTypes.h.go +++ /dev/null @@ -1,291 +0,0 @@ -// Code generated by gengo. DO NOT EDIT. -package HPRDBGCTRL - -import ( - "unsafe" - "github.com/can1357/gengo/gengort" -) - -const GengoLibraryName = "HPRDBGCTRL" - -var GengoLibrary = gengort.NewLibrary(GengoLibraryName) - -// @brief Different levels of paging -type PagingLevel int32 - -const ( - PAGING_LEVEL_PAGE_TABLE PagingLevel = 0 - PAGING_LEVEL_PAGE_DIRECTORY PagingLevel = 1 - PAGING_LEVEL_PAGE_DIRECTORY_POINTER_TABLE PagingLevel = 2 - PAGING_LEVEL_PAGE_MAP_LEVEL4 PagingLevel = 3 -) - -// @brief Inum of intentions for buffers (buffer tag) -type PoolAllocationIntention int32 - -const ( - TRACKING_HOOKED_PAGES PoolAllocationIntention = 0 - EXEC_TRAMPOLINE PoolAllocationIntention = 1 - SPLIT_2MB_PAGING_TO_4KB_PAGE PoolAllocationIntention = 2 - DETOUR_HOOK_DETAILS PoolAllocationIntention = 3 - BREAKPOINT_DEFINITION_STRUCTURE PoolAllocationIntention = 4 - PROCESS_THREAD_HOLDER PoolAllocationIntention = 5 - INSTANT_REGULAR_EVENT_BUFFER PoolAllocationIntention = 6 - INSTANT_BIG_EVENT_BUFFER PoolAllocationIntention = 7 - INSTANT_REGULAR_EVENT_ACTION_BUFFER PoolAllocationIntention = 8 - INSTANT_BIG_EVENT_ACTION_BUFFER PoolAllocationIntention = 9 - INSTANT_REGULAR_SAFE_BUFFER_FOR_EVENTS PoolAllocationIntention = 10 - INSTANT_BIG_SAFE_BUFFER_FOR_EVENTS PoolAllocationIntention = 11 -) - -// /////////////////////////////////////////////// -type DebugRegisterType int32 - -const ( - BREAK_ON_INSTRUCTION_FETCH DebugRegisterType = 0 - BREAK_ON_WRITE_ONLY DebugRegisterType = 1 - BREAK_ON_IO_READ_OR_WRITE_NOT_SUPPORTED DebugRegisterType = 2 - BREAK_ON_READ_AND_WRITE_BUT_NOT_FETCH DebugRegisterType = 3 -) - -// /////////////////////////////////////////////// -type VmxExecutionMode int32 - -const ( - VMX_EXECUTION_MODE_NON_ROOT VmxExecutionMode = 0 - VMX_EXECUTION_MODE_ROOT VmxExecutionMode = 1 -) - -// @brief Type of calling the event -type VmmCallbackEventCallingStageType int32 - -const ( - VMM_CALLBACK_CALLING_STAGE_INVALID_EVENT_EMULATION VmmCallbackEventCallingStageType = 0 - VMM_CALLBACK_CALLING_STAGE_PRE_EVENT_EMULATION VmmCallbackEventCallingStageType = 1 - VMM_CALLBACK_CALLING_STAGE_POST_EVENT_EMULATION VmmCallbackEventCallingStageType = 2 - VMM_CALLBACK_CALLING_STAGE_ALL_EVENT_EMULATION VmmCallbackEventCallingStageType = 3 -) - -// @brief enum to query different process and thread interception mechanisms -type DebuggerThreadProcessTracing int32 - -const ( - DEBUGGER_THREAD_PROCESS_TRACING_INTERCEPT_CLOCK_INTERRUPTS_FOR_THREAD_CHANGE DebuggerThreadProcessTracing = 0 - DEBUGGER_THREAD_PROCESS_TRACING_INTERCEPT_CLOCK_INTERRUPTS_FOR_PROCESS_CHANGE DebuggerThreadProcessTracing = 1 - DEBUGGER_THREAD_PROCESS_TRACING_INTERCEPT_CLOCK_DEBUG_REGISTER_INTERCEPTION DebuggerThreadProcessTracing = 2 - DEBUGGER_THREAD_PROCESS_TRACING_INTERCEPT_CLOCK_WAITING_FOR_MOV_CR3_VM_EXITS DebuggerThreadProcessTracing = 3 -) - -// @brief Type of transferring buffer between user-to-kernel -type NotifyType int32 - -const ( - IRP_BASED NotifyType = 0 - EVENT_BASED NotifyType = 1 -) - -// @brief different type of memory addresses -type DebuggerHookMemoryType int32 - -const ( - DEBUGGER_MEMORY_HOOK_VIRTUAL_ADDRESS DebuggerHookMemoryType = 0 - DEBUGGER_MEMORY_HOOK_PHYSICAL_ADDRESS DebuggerHookMemoryType = 1 -) - -type DebuggeeUserInputPacket struct { - CommandLen int32 - IgnoreFinishedSignal int32 - Result int32 -} -type DebuggeeEventAndActionHeaderForRemotePacket struct { - Length int32 -} -type DebuggerPausePacketReceived struct { - Result int32 -} -type DebuggerTriggeredEventDetails struct { - Tag int32 - Context int32 - Stage VmmCallbackEventCallingStageType -} -type DebuggeeKdPausedPacket struct { - Rip int32 - IsProcessorOn32BitMode int32 - IgnoreDisassembling int32 - PausingReason int32 - CurrentCore int32 - EventTag int32 - EventCallingStage VmmCallbackEventCallingStageType - Rflags int32 - InstructionBytesOnRip int32 - ReadInstructionLen int32 -} -type DebuggeeUdPausedPacket struct { - Rip int32 - ProcessDebuggingToken int32 - Is32Bit int32 - PausingReason int32 - ProcessId int32 - ThreadId int32 - Rflags int32 - EventTag int32 - EventCallingStage VmmCallbackEventCallingStageType - InstructionBytesOnRip int32 - ReadInstructionLen int32 - GuestRegs int32 -} -type DebuggeeMessagePacket struct { - OperationCode int32 - Message int32 -} -type RegisterNotifyBuffer struct { - Type NotifyType - hEvent int32 -} -type DirectVmcallParameters struct { - OptionalParam1 int32 - OptionalParam2 int32 - OptionalParam3 int32 -} -type EptHooksContext struct { - HookingTag int32 - PhysicalAddress int32 - VirtualAddress int32 -} -type EptHooksAddressDetailsForMemoryMonitor struct { - StartAddress int32 - EndAddress int32 - SetHookForRead int32 - SetHookForWrite int32 - SetHookForExec int32 - MemoryType DebuggerHookMemoryType - Tag int32 -} -type EptHooksAddressDetailsForEpthook2 struct { - TargetAddress int32 - HookFunction int32 -} -type EptSingleHookUnhookingDetails struct { - CallerNeedsToRestoreEntryAndInvalidateEpt int32 - RemoveBreakpointInterception int32 - PhysicalAddress int32 - OriginalEntry int32 -} -type Anon376_9 struct { - Raw [1]int32 -} -type Anon378_5 struct { - // [Bits 3:0] Segment type. - Type int32 - // [Bit 4] S - Descriptor type (0 = system; 1 = code or data). - DescriptorType int32 - // [Bits 6:5] DPL - Descriptor privilege level. - DescriptorPrivilegeLevel int32 - // [Bit 7] P - Segment present. - Present int32 - Reserved1 int32 - // [Bit 12] AVL - Available for use by system software. - AvailableBit int32 - // [Bit 13] Reserved (except for CS). L - 64-bit mode active (for CS only). - LongMode int32 - // [Bit 14] D/B - Default operation size (0 = 16-bit segment; 1 = 32-bit segment). - DefaultBig int32 - // [Bit 15] G - Granularity. - Granularity int32 - // [Bit 16] Segment unusable (0 = usable; 1 = unusable). - Unusable int32 - Reserved2 int32 -} -type VmxSegmentSelector struct { - Selector int32 - Attributes Anon376_9 - Limit int32 - Base int32 -} -type _Int128T = any -type _Uint128T = any -type __NSConstantString = any -type SizeT = uint64 -type _BuiltinMsVaList = *byte -type _BuiltinVaList = *byte - -// @brief Callback type that can be used to be used -// as a custom ShowMessages function -type Callback = unsafe.Pointer - -// @brief The structure of user-input packet in HyperDbg -type PdebuggeeUserInputPacket = *DebuggeeUserInputPacket - -// @brief The structure of user-input packet in HyperDbg -type PdebuggeeEventAndActionHeaderForRemotePacket = *DebuggeeEventAndActionHeaderForRemotePacket - -// @brief request to pause and halt the system -type PdebuggerPausePacketReceived = *DebuggerPausePacketReceived - -// @brief The structure of detail of a triggered event in HyperDbg -// -// @details This structure is also used for transferring breakpoint ids, RIP as the context, etc. -type PdebuggerTriggeredEventDetails = *DebuggerTriggeredEventDetails - -// @brief The structure of pausing packet in kHyperDbg -type PdebuggeeKdPausedPacket = *DebuggeeKdPausedPacket - -// @brief The structure of pausing packet in uHyperDbg -type PdebuggeeUdPausedPacket = *DebuggeeUdPausedPacket - -// @brief The structure of message packet in HyperDbg -type PdebuggeeMessagePacket = *DebuggeeMessagePacket - -// @brief Used to register event for transferring buffer between user-to-kernel -type PregisterNotifyBuffer = *RegisterNotifyBuffer - -// @brief Used for sending direct VMCALLs on the VMX root-mode -type PdirectVmcallParameters = *DirectVmcallParameters - -// @brief Temporary $context used in some EPT hook commands -type PeptHooksContext = *EptHooksContext - -// @brief Setting details for EPT Hooks (!monitor) -type PeptHooksAddressDetailsForMemoryMonitor = *EptHooksAddressDetailsForMemoryMonitor - -// @brief Setting details for EPT Hooks (!epthook2) -type PeptHooksAddressDetailsForEpthook2 = *EptHooksAddressDetailsForEpthook2 - -// @brief Details of unhooking single EPT hooks -type PeptSingleHookUnhookingDetails = *EptSingleHookUnhookingDetails - -// @brief Describe segment selector in VMX -// -// @details This structure is copied from ia32.h to the SDK to -// be used as a data type for functions -type VmxSegmentAccessRightsType = Anon376_9 - -// @brief Segment selector -type PvmxSegmentSelector = *VmxSegmentSelector - -func (s Anon376_9) AsUInt() int32 { - return gengort.ReadBitcast[int32](unsafe.Add(unsafe.Pointer(unsafe.SliceData(s.Raw[:])), 0)) -} -func (s *Anon376_9) SetAsUInt(v int32) { - gengort.WriteBitcast(unsafe.Add(unsafe.Pointer(unsafe.SliceData(s.Raw[:])), 0), v) -} - -// Gengo init function. -func init() { - gengort.Validate((*DebuggeeUserInputPacket)(nil), 0xc, 0x4, "CommandLen", 0x0, "IgnoreFinishedSignal", 0x4, "Result", 0x8) - gengort.Validate((*DebuggeeEventAndActionHeaderForRemotePacket)(nil), 0x4, 0x4, "Length", 0x0) - gengort.Validate((*DebuggerPausePacketReceived)(nil), 0x4, 0x4, "Result", 0x0) - gengort.Validate((*DebuggerTriggeredEventDetails)(nil), 0xc, 0x4, "Tag", 0x0, "Context", 0x4, "Stage", 0x8) - gengort.Validate((*DebuggeeKdPausedPacket)(nil), 0x28, 0x4, "Rip", 0x0, "IsProcessorOn32BitMode", 0x4, "IgnoreDisassembling", 0x8, "PausingReason", 0xc, "CurrentCore", 0x10, "EventTag", 0x14, "EventCallingStage", 0x18, "Rflags", 0x1c, "InstructionBytesOnRip", 0x20, "ReadInstructionLen", 0x24) - gengort.Validate((*DebuggeeUdPausedPacket)(nil), 0x30, 0x4, "Rip", 0x0, "ProcessDebuggingToken", 0x4, "Is32Bit", 0x8, "PausingReason", 0xc, "ProcessId", 0x10, "ThreadId", 0x14, "Rflags", 0x18, "EventTag", 0x1c, "EventCallingStage", 0x20, "InstructionBytesOnRip", 0x24, "ReadInstructionLen", 0x28, "GuestRegs", 0x2c) - gengort.Validate((*DebuggeeMessagePacket)(nil), 0x8, 0x4, "OperationCode", 0x0, "Message", 0x4) - gengort.Validate((*RegisterNotifyBuffer)(nil), 0x8, 0x4, "Type", 0x0, "hEvent", 0x4) - gengort.Validate((*DirectVmcallParameters)(nil), 0xc, 0x4, "OptionalParam1", 0x0, "OptionalParam2", 0x4, "OptionalParam3", 0x8) - gengort.Validate((*EptHooksContext)(nil), 0xc, 0x4, "HookingTag", 0x0, "PhysicalAddress", 0x4, "VirtualAddress", 0x8) - gengort.Validate((*EptHooksAddressDetailsForMemoryMonitor)(nil), 0x1c, 0x4, "StartAddress", 0x0, "EndAddress", 0x4, "SetHookForRead", 0x8, "SetHookForWrite", 0xc, "SetHookForExec", 0x10, "MemoryType", 0x14, "Tag", 0x18) - gengort.Validate((*EptHooksAddressDetailsForEpthook2)(nil), 0x8, 0x4, "TargetAddress", 0x0, "HookFunction", 0x4) - gengort.Validate((*EptSingleHookUnhookingDetails)(nil), 0x10, 0x4, "CallerNeedsToRestoreEntryAndInvalidateEpt", 0x0, "RemoveBreakpointInterception", 0x4, "PhysicalAddress", 0x8, "OriginalEntry", 0xc) - gengort.Validate((*Anon376_9)(nil), 0x4, 0x4) - gengort.Validate((*Anon378_5)(nil), 0x2c, 0x4, "Type", 0x0, "DescriptorType", 0x4, "DescriptorPrivilegeLevel", 0x8, "Present", 0xc, "Reserved1", 0x10, "AvailableBit", 0x14, "LongMode", 0x18, "DefaultBig", 0x1c, "Granularity", 0x20, "Unusable", 0x24, "Reserved2", 0x28) - gengort.Validate((*VmxSegmentSelector)(nil), 0x10, 0x4, "Selector", 0x0, "Attributes", 0x4, "Limit", 0x8, "Base", 0xc) -} diff --git a/bin/debug/SDK/Headers/ErrorCodes.h.go b/bin/debug/SDK/Headers/ErrorCodes.h.go deleted file mode 100644 index a39386f54..000000000 --- a/bin/debug/SDK/Headers/ErrorCodes.h.go +++ /dev/null @@ -1,21 +0,0 @@ -// Code generated by gengo. DO NOT EDIT. -package HPRDBGCTRL - -import ( - "unsafe" - "github.com/can1357/gengo/gengort" -) - -const GengoLibraryName = "HPRDBGCTRL" - -var GengoLibrary = gengort.NewLibrary(GengoLibraryName) - -type _Int128T = any -type _Uint128T = any -type __NSConstantString = any -type SizeT = uint64 -type _BuiltinMsVaList = *byte -type _BuiltinVaList = *byte - -// Gengo init function. -func init() {} diff --git a/bin/debug/SDK/Headers/Events.h b/bin/debug/SDK/Headers/Events.h index 5a49ffc3f..5035e9e05 100644 --- a/bin/debug/SDK/Headers/Events.h +++ b/bin/debug/SDK/Headers/Events.h @@ -11,8 +11,6 @@ */ #pragma once -#include "BasicTypes.h" - ////////////////////////////////////////////////// // System Events // ////////////////////////////////////////////////// diff --git a/bin/debug/SDK/Headers/HardwareDebugger.h.go b/bin/debug/SDK/Headers/HardwareDebugger.h.go deleted file mode 100644 index ec8b6420f..000000000 --- a/bin/debug/SDK/Headers/HardwareDebugger.h.go +++ /dev/null @@ -1,98 +0,0 @@ -// Code generated by gengo. DO NOT EDIT. -package HPRDBGCTRL - -import ( - "unsafe" - "github.com/can1357/gengo/gengort" -) - -const GengoLibraryName = "HPRDBGCTRL" - -var GengoLibrary = gengort.NewLibrary(GengoLibraryName) - -// @brief Different action of hwdbg -// -// @warning This file should be changed along with hwdbg files -type HwdbgActionEnums int32 - -const ( - HWDBG_ACTION_SEND_VERSION HwdbgActionEnums = 1 - HWDBG_ACTION_SEND_PIN_INFORMATION HwdbgActionEnums = 2 - HWDBG_ACTION_CONFIGURE_SCRIPT_BUFFER HwdbgActionEnums = 3 -) - -// @brief Different responses come from hwdbg -// -// @warning This file should be changed along with hwdbg files -type HwdbgResponseEnums int32 - -const ( - HWDBG_RESPONSE_INVALID_PACKET_OR_ERROR HwdbgResponseEnums = 1 - HWDBG_RESPONSE_VERSION HwdbgResponseEnums = 2 - HWDBG_RESPONSE_PIN_INFORMATION HwdbgResponseEnums = 3 - HWDBG_RESPONSE_SCRIPT_BUFFER_CONFIGURATION_RESULT HwdbgResponseEnums = 4 -) - -// @brief Different error codes in hwdbg -// -// @warning This file should be changed along with hwdbg files -type HwdbgErrorEnums int32 - -const HWDBG_ERROR_INVALID_PACKET HwdbgErrorEnums = 1 - -type HwdbgPortInformationItems struct { - PortSize int32 -} -type HwdbgScriptCapabilitiesInformation struct { - Version int32 - MaximumNumberOfStages int32 - scriptVariableLength int32 - maximumNumberOfSupportedScriptOperators int32 - numberOfPins int32 - numberOfPorts int32 - scriptCapabilities _HwdbgScriptCapabilities -} -type _HwdbgScriptCapabilities struct { - Inc int32 - Dec int32 - Or int32 - Xor int32 - And int32 - Asr int32 - Asl int32 - Add int32 - Sub int32 - Mul int32 - Div int32 - Mod int32 - Gt int32 - Lt int32 - Egt int32 - Elt int32 - Equal int32 - Neq int32 - Jmp int32 - Jz int32 - Jnz int32 - Mov int32 - Printf int32 -} -type _Int128T = any -type _Uint128T = any -type __NSConstantString = any -type SizeT = uint64 -type _BuiltinMsVaList = *byte -type _BuiltinVaList = *byte - -// @brief The structure of port information (each item) in hwdbg -type PhwdbgPortInformationItems = *HwdbgPortInformationItems - -// @brief The structure of script capabilities information in hwdbg -type PhwdbgScriptCapabilitiesInformation = *HwdbgScriptCapabilitiesInformation - -// Gengo init function. -func init() { - gengort.Validate((*HwdbgPortInformationItems)(nil), 0x4, 0x4, "PortSize", 0x0) - gengort.Validate((*HwdbgScriptCapabilitiesInformation)(nil), 0x1c, 0x4, "Version", 0x0, "MaximumNumberOfStages", 0x4, "scriptVariableLength", 0x8, "maximumNumberOfSupportedScriptOperators", 0xc, "numberOfPins", 0x10, "numberOfPorts", 0x14, "scriptCapabilities", 0x18) - gengort.Validate((*_HwdbgScriptCapabilities)(nil), 0x5c, 0x4, "Inc", 0x0, "Dec", 0x4, "Or", 0x8, "Xor", 0xc, "And", 0x10, "Asr", 0x14, "Asl", 0x18, "Add", 0x1c, "Sub", 0x20, "Mul", 0x24, "Div", 0x28, "Mod", 0x2c, "Gt", 0x30, "Lt", 0x34, "Egt", 0x38, "Elt", 0x3c, "Equal", 0x40, "Neq", 0x44, "Jmp", 0x48, "Jz", 0x4c, "Jnz", 0x50, "Mov", 0x54, "Printf", 0x58) -} diff --git a/bin/debug/SDK/Headers/Ioctls.h.go b/bin/debug/SDK/Headers/Ioctls.h.go deleted file mode 100644 index a39386f54..000000000 --- a/bin/debug/SDK/Headers/Ioctls.h.go +++ /dev/null @@ -1,21 +0,0 @@ -// Code generated by gengo. DO NOT EDIT. -package HPRDBGCTRL - -import ( - "unsafe" - "github.com/can1357/gengo/gengort" -) - -const GengoLibraryName = "HPRDBGCTRL" - -var GengoLibrary = gengort.NewLibrary(GengoLibraryName) - -type _Int128T = any -type _Uint128T = any -type __NSConstantString = any -type SizeT = uint64 -type _BuiltinMsVaList = *byte -type _BuiltinVaList = *byte - -// Gengo init function. -func init() {} diff --git a/bin/debug/SDK/Headers/RequestStructures.h.go b/bin/debug/SDK/Headers/RequestStructures.h.go deleted file mode 100644 index bd7703a68..000000000 --- a/bin/debug/SDK/Headers/RequestStructures.h.go +++ /dev/null @@ -1,732 +0,0 @@ -// Code generated by gengo. DO NOT EDIT. -package HPRDBGCTRL - -import ( - "unsafe" - "github.com/can1357/gengo/gengort" -) - -const GengoLibraryName = "HPRDBGCTRL" - -var GengoLibrary = gengort.NewLibrary(GengoLibraryName) - -// @brief different modes of reconstruct requests -type ReversingMachineReconstructMemoryMode int32 - -const ( - REVERSING_MACHINE_RECONSTRUCT_MEMORY_MODE_UNKNOWN ReversingMachineReconstructMemoryMode = 0 - REVERSING_MACHINE_RECONSTRUCT_MEMORY_MODE_USER_MODE ReversingMachineReconstructMemoryMode = 1 - REVERSING_MACHINE_RECONSTRUCT_MEMORY_MODE_KERNEL_MODE ReversingMachineReconstructMemoryMode = 2 -) - -// @brief different types of reconstruct requests -type ReversingMachineReconstructMemoryType int32 - -const ( - REVERSING_MACHINE_RECONSTRUCT_MEMORY_TYPE_UNKNOWN ReversingMachineReconstructMemoryType = 0 - REVERSING_MACHINE_RECONSTRUCT_MEMORY_TYPE_RECONSTRUCT ReversingMachineReconstructMemoryType = 1 - REVERSING_MACHINE_RECONSTRUCT_MEMORY_TYPE_PATTERN ReversingMachineReconstructMemoryType = 2 -) - -// @brief different types of prealloc requests -type DebuggerPreallocCommandType int32 - -const ( - DEBUGGER_PREALLOC_COMMAND_TYPE_THREAD_INTERCEPTION DebuggerPreallocCommandType = 0 - DEBUGGER_PREALLOC_COMMAND_TYPE_MONITOR DebuggerPreallocCommandType = 1 - DEBUGGER_PREALLOC_COMMAND_TYPE_EPTHOOK DebuggerPreallocCommandType = 2 - DEBUGGER_PREALLOC_COMMAND_TYPE_EPTHOOK2 DebuggerPreallocCommandType = 3 - DEBUGGER_PREALLOC_COMMAND_TYPE_REGULAR_EVENT DebuggerPreallocCommandType = 4 - DEBUGGER_PREALLOC_COMMAND_TYPE_BIG_EVENT DebuggerPreallocCommandType = 5 - DEBUGGER_PREALLOC_COMMAND_TYPE_REGULAR_SAFE_BUFFER DebuggerPreallocCommandType = 6 - DEBUGGER_PREALLOC_COMMAND_TYPE_BIG_SAFE_BUFFER DebuggerPreallocCommandType = 7 -) - -// @brief different types of preactivate requests -type DebuggerPreactivateCommandType int32 - -const DEBUGGER_PREACTIVATE_COMMAND_TYPE_MODE DebuggerPreactivateCommandType = 0 - -// @brief different types of reading memory -type DebuggerReadReadingType int32 - -const ( - READ_FROM_KERNEL DebuggerReadReadingType = 0 - READ_FROM_VMX_ROOT DebuggerReadReadingType = 1 -) - -// @brief different type of addresses -type DebuggerReadMemoryType int32 - -const ( - DEBUGGER_READ_PHYSICAL_ADDRESS DebuggerReadMemoryType = 0 - DEBUGGER_READ_VIRTUAL_ADDRESS DebuggerReadMemoryType = 1 -) - -// @brief the way that debugger should show -// the details of memory or disassemble them -type DebuggerShowMemoryStyle int32 - -const ( - DEBUGGER_SHOW_COMMAND_DT DebuggerShowMemoryStyle = 1 - DEBUGGER_SHOW_COMMAND_DISASSEMBLE64 DebuggerShowMemoryStyle = 2 - DEBUGGER_SHOW_COMMAND_DISASSEMBLE32 DebuggerShowMemoryStyle = 3 - DEBUGGER_SHOW_COMMAND_DB DebuggerShowMemoryStyle = 4 - DEBUGGER_SHOW_COMMAND_DC DebuggerShowMemoryStyle = 5 - DEBUGGER_SHOW_COMMAND_DQ DebuggerShowMemoryStyle = 6 - DEBUGGER_SHOW_COMMAND_DD DebuggerShowMemoryStyle = 7 - DEBUGGER_SHOW_COMMAND_DUMP DebuggerShowMemoryStyle = 8 -) - -// @brief test query used for test purposed -type DebuggerTestQueryState int32 - -const ( - TEST_QUERY_HALTING_CORE_STATUS DebuggerTestQueryState = 1 - TEST_QUERY_PREALLOCATED_POOL_STATE DebuggerTestQueryState = 2 - TEST_QUERY_TRAP_STATE DebuggerTestQueryState = 3 - TEST_BREAKPOINT_TURN_OFF_BPS DebuggerTestQueryState = 4 - TEST_BREAKPOINT_TURN_ON_BPS DebuggerTestQueryState = 5 - TEST_BREAKPOINT_TURN_OFF_BPS_AND_EVENTS_FOR_COMMANDS_IN_REMOTE_COMPUTER DebuggerTestQueryState = 6 - TEST_BREAKPOINT_TURN_ON_BPS_AND_EVENTS_FOR_COMMANDS_IN_REMOTE_COMPUTER DebuggerTestQueryState = 7 - TEST_SETTING_TARGET_TASKS_ON_HALTED_CORES_SYNCHRONOUS DebuggerTestQueryState = 8 - TEST_SETTING_TARGET_TASKS_ON_HALTED_CORES_ASYNCHRONOUS DebuggerTestQueryState = 9 - TEST_SETTING_TARGET_TASKS_ON_TARGET_HALTED_CORES DebuggerTestQueryState = 10 - TEST_BREAKPOINT_TURN_OFF_DBS DebuggerTestQueryState = 11 - TEST_BREAKPOINT_TURN_ON_DBS DebuggerTestQueryState = 12 -) - -// @brief different types of actions on MSRs -type DebuggerMsrActionType int32 - -const ( - DEBUGGER_MSR_READ DebuggerMsrActionType = 0 - DEBUGGER_MSR_WRITE DebuggerMsrActionType = 1 -) - -// @brief different type of addresses for editing memory -type DebuggerEditMemoryType int32 - -const ( - EDIT_PHYSICAL_MEMORY DebuggerEditMemoryType = 0 - EDIT_VIRTUAL_MEMORY DebuggerEditMemoryType = 1 -) - -// @brief size of editing memory -type DebuggerEditMemoryByteSize int32 - -const ( - EDIT_BYTE DebuggerEditMemoryByteSize = 0 - EDIT_DWORD DebuggerEditMemoryByteSize = 1 - EDIT_QWORD DebuggerEditMemoryByteSize = 2 -) - -// @brief different types of address for searching on memory -type DebuggerSearchMemoryType int32 - -const ( - SEARCH_PHYSICAL_MEMORY DebuggerSearchMemoryType = 0 - SEARCH_VIRTUAL_MEMORY DebuggerSearchMemoryType = 1 - SEARCH_PHYSICAL_FROM_VIRTUAL_MEMORY DebuggerSearchMemoryType = 2 -) - -// @brief different sizes on searching memory -type DebuggerSearchMemoryByteSize int32 - -const ( - SEARCH_BYTE DebuggerSearchMemoryByteSize = 0 - SEARCH_DWORD DebuggerSearchMemoryByteSize = 1 - SEARCH_QWORD DebuggerSearchMemoryByteSize = 2 -) - -// @brief different actions of switchings -type DebuggerAttachDetachUserModeProcessActionType int32 - -const ( - DEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS_ACTION_ATTACH DebuggerAttachDetachUserModeProcessActionType = 0 - DEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS_ACTION_DETACH DebuggerAttachDetachUserModeProcessActionType = 1 - DEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS_ACTION_REMOVE_HOOKS DebuggerAttachDetachUserModeProcessActionType = 2 - DEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS_ACTION_KILL_PROCESS DebuggerAttachDetachUserModeProcessActionType = 3 - DEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS_ACTION_PAUSE_PROCESS DebuggerAttachDetachUserModeProcessActionType = 4 - DEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS_ACTION_SWITCH_BY_PROCESS_OR_THREAD DebuggerAttachDetachUserModeProcessActionType = 5 - DEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS_ACTION_QUERY_COUNT_OF_ACTIVE_DEBUGGING_THREADS DebuggerAttachDetachUserModeProcessActionType = 6 -) - -// @brief different type of process or thread queries -type DebuggerQueryActiveProcessesOrThreadsTypes int32 - -const ( - DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_QUERY_PROCESS_COUNT DebuggerQueryActiveProcessesOrThreadsTypes = 1 - DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_QUERY_THREAD_COUNT DebuggerQueryActiveProcessesOrThreadsTypes = 2 - DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_QUERY_PROCESS_LIST DebuggerQueryActiveProcessesOrThreadsTypes = 3 - DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_QUERY_THREAD_LIST DebuggerQueryActiveProcessesOrThreadsTypes = 4 - DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_QUERY_CURRENT_PROCESS DebuggerQueryActiveProcessesOrThreadsTypes = 5 - DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_QUERY_CURRENT_THREAD DebuggerQueryActiveProcessesOrThreadsTypes = 6 -) - -// @brief different actions on showing or querying list of process or threads -type DebuggerQueryActiveProcessesOrThreadsActions int32 - -const ( - DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_ACTION_SHOW_INSTANTLY DebuggerQueryActiveProcessesOrThreadsActions = 1 - DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_ACTION_QUERY_COUNT DebuggerQueryActiveProcessesOrThreadsActions = 2 - DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_ACTION_QUERY_SAVE_DETAILS DebuggerQueryActiveProcessesOrThreadsActions = 3 -) - -// @brief callstack showing method -type DebuggerCallstackDisplayMethod int32 - -const ( - DEBUGGER_CALLSTACK_DISPLAY_METHOD_WITHOUT_PARAMS DebuggerCallstackDisplayMethod = 0 - DEBUGGER_CALLSTACK_DISPLAY_METHOD_WITH_PARAMS DebuggerCallstackDisplayMethod = 1 -) - -// @brief User-mode debugging actions -type DebuggerUdCommandActionType int32 - -const ( - DEBUGGER_UD_COMMAND_ACTION_TYPE_NONE DebuggerUdCommandActionType = 0 - DEBUGGER_UD_COMMAND_ACTION_TYPE_PAUSE DebuggerUdCommandActionType = 1 - DEBUGGER_UD_COMMAND_ACTION_TYPE_CONTINUE DebuggerUdCommandActionType = 2 - DEBUGGER_UD_COMMAND_ACTION_TYPE_REGULAR_STEP DebuggerUdCommandActionType = 3 -) - -// @brief Debugger process switch and process details -type DebuggeeDetailsAndSwitchProcessType int32 - -const ( - DEBUGGEE_DETAILS_AND_SWITCH_PROCESS_GET_PROCESS_DETAILS DebuggeeDetailsAndSwitchProcessType = 0 - DEBUGGEE_DETAILS_AND_SWITCH_PROCESS_GET_PROCESS_LIST DebuggeeDetailsAndSwitchProcessType = 1 - DEBUGGEE_DETAILS_AND_SWITCH_PROCESS_PERFORM_SWITCH DebuggeeDetailsAndSwitchProcessType = 2 -) - -// @brief Debugger thread switch and thread details -type DebuggeeDetailsAndSwitchThreadType int32 - -const ( - DEBUGGEE_DETAILS_AND_SWITCH_THREAD_PERFORM_SWITCH DebuggeeDetailsAndSwitchThreadType = 0 - DEBUGGEE_DETAILS_AND_SWITCH_THREAD_GET_THREAD_DETAILS DebuggeeDetailsAndSwitchThreadType = 1 - DEBUGGEE_DETAILS_AND_SWITCH_THREAD_GET_THREAD_LIST DebuggeeDetailsAndSwitchThreadType = 2 -) - -// @brief stepping and tracking types -type DebuggerRemoteSteppingRequest int32 - -const ( - DEBUGGER_REMOTE_STEPPING_REQUEST_STEP_IN DebuggerRemoteSteppingRequest = 0 - DEBUGGER_REMOTE_STEPPING_REQUEST_INSTRUMENTATION_STEP_IN DebuggerRemoteSteppingRequest = 1 - DEBUGGER_REMOTE_STEPPING_REQUEST_INSTRUMENTATION_STEP_IN_FOR_TRACKING DebuggerRemoteSteppingRequest = 2 - DEBUGGER_REMOTE_STEPPING_REQUEST_STEP_OVER DebuggerRemoteSteppingRequest = 3 - DEBUGGER_REMOTE_STEPPING_REQUEST_STEP_OVER_FOR_GU DebuggerRemoteSteppingRequest = 4 - DEBUGGER_REMOTE_STEPPING_REQUEST_STEP_OVER_FOR_GU_LAST_INSTRUCTION DebuggerRemoteSteppingRequest = 5 -) - -// @brief breakpoint modification types -type DebuggeeBreakpointModificationRequest int32 - -const ( - DEBUGGEE_BREAKPOINT_MODIFICATION_REQUEST_LIST_BREAKPOINTS DebuggeeBreakpointModificationRequest = 0 - DEBUGGEE_BREAKPOINT_MODIFICATION_REQUEST_ENABLE DebuggeeBreakpointModificationRequest = 1 - DEBUGGEE_BREAKPOINT_MODIFICATION_REQUEST_DISABLE DebuggeeBreakpointModificationRequest = 2 - DEBUGGEE_BREAKPOINT_MODIFICATION_REQUEST_CLEAR DebuggeeBreakpointModificationRequest = 3 -) - -// @brief Whether a jump is taken or not taken -type DebuggerConditionalJumpStatus int32 - -const ( - DEBUGGER_CONDITIONAL_JUMP_STATUS_ERROR DebuggerConditionalJumpStatus = 0 - DEBUGGER_CONDITIONAL_JUMP_STATUS_NOT_CONDITIONAL_JUMP DebuggerConditionalJumpStatus = 1 - DEBUGGER_CONDITIONAL_JUMP_STATUS_JUMP_IS_TAKEN DebuggerConditionalJumpStatus = 2 - DEBUGGER_CONDITIONAL_JUMP_STATUS_JUMP_IS_NOT_TAKEN DebuggerConditionalJumpStatus = 3 -) - -type DebuggerReadPageTableEntriesDetails struct { - VirtualAddress int32 - ProcessId int32 - Pml4eVirtualAddress int32 - Pml4eValue int32 - PdpteVirtualAddress int32 - PdpteValue int32 - PdeVirtualAddress int32 - PdeValue int32 - PteVirtualAddress int32 - PteValue int32 - KernelStatus int32 -} -type DebuggerVa2paAndPa2vaCommands struct { - VirtualAddress int32 - PhysicalAddress int32 - ProcessId int32 - IsVirtual2Physical int32 - KernelStatus int32 -} -type DebuggerPageInRequest struct { - VirtualAddressFrom int32 - VirtualAddressTo int32 - ProcessId int32 - PageFaultErrorCode int32 - KernelStatus int32 -} -type ReversingMachineReconstructMemoryRequest struct { - ProcessId int32 - Size int32 - Mode ReversingMachineReconstructMemoryMode - Type ReversingMachineReconstructMemoryType - KernelStatus int32 -} -type DebuggerDtCommandOptions struct { - TypeName *byte - SizeOfTypeName int32 - Address int32 - IsStruct int32 - BufferAddress int32 - TargetPid int32 - AdditionalParameters *byte -} -type DebuggerPreallocCommand struct { - Type DebuggerPreallocCommandType - Count int32 - KernelStatus int32 -} -type DebuggerPreactivateCommand struct { - Type DebuggerPreactivateCommandType - KernelStatus int32 -} -type DebuggerReadMemory struct { - Pid int32 - Address int32 - Size int32 - IsForDisasm int32 - Is32BitAddress int32 - MemoryType DebuggerReadMemoryType - ReadingType DebuggerReadReadingType - DtDetails PdebuggerDtCommandOptions - Style DebuggerShowMemoryStyle - ReturnLength int32 - KernelStatus int32 -} -type DebuggerFlushLoggingBuffers struct { - KernelStatus int32 - CountOfMessagesThatSetAsReadFromVmxRoot int32 - CountOfMessagesThatSetAsReadFromVmxNonRoot int32 -} -type DebuggerDebuggerTestQueryBuffer struct { - RequestType DebuggerTestQueryState - Context int32 - KernelStatus int32 -} -type DebuggerPerformKernelTests struct { - KernelStatus int32 -} -type DebuggerSendCommandExecutionFinishedSignal struct { - KernelStatus int32 -} -type DebuggeeSendGeneralPacketFromDebuggeeToDebugger struct { - RequestedAction int32 - LengthOfBuffer int32 - PauseDebuggeeWhenSent int32 - KernelResult int32 -} -type DebuggerSendUsermodeMessagesToDebugger struct { - KernelStatus int32 - Length int32 -} -type DebuggerReadAndWriteOnMsr struct { - Msr int32 - CoreNumber int32 - ActionType DebuggerMsrActionType - Value int32 -} -type DebuggerEditMemory struct { - Result int32 - Address int32 - ProcessId int32 - MemoryType DebuggerEditMemoryType - ByteSize DebuggerEditMemoryByteSize - CountOf64Chunks int32 - FinalStructureSize int32 - KernelStatus int32 -} -type DebuggerSearchMemory struct { - Address int32 - Length int32 - ProcessId int32 - MemoryType DebuggerSearchMemoryType - ByteSize DebuggerSearchMemoryByteSize - CountOf64Chunks int32 - FinalStructureSize int32 -} -type DebuggerHideAndTransparentDebuggerMode struct { - IsHide int32 - CpuidAverage int32 - CpuidStandardDeviation int32 - CpuidMedian int32 - RdtscAverage int32 - RdtscStandardDeviation int32 - RdtscMedian int32 - TrueIfProcessIdAndFalseIfProcessName int32 - ProcId int32 - LengthOfProcessName int32 - KernelStatus int32 -} -type DebuggerPrepareDebuggee struct { - PortAddress int32 - Baudrate int32 - NtoskrnlBaseAddress int32 - Result int32 - OsName int32 -} -type DebuggeeChangeCorePacket struct { - NewCore int32 - Result int32 -} -type DebuggerAttachDetachUserModeProcess struct { - IsStartingNewProcess int32 - ProcessId int32 - ThreadId int32 - CheckCallbackAtFirstInstruction int32 - Is32Bit int32 - IsPaused int32 - Action DebuggerAttachDetachUserModeProcessActionType - CountOfActiveDebuggingThreadsAndProcesses int32 - Token int32 - Result int32 -} -type DebuggeeProcessListNeededDetails struct { - PsActiveProcessHead int32 - ImageFileNameOffset int32 - UniquePidOffset int32 - ActiveProcessLinksOffset int32 -} -type DebuggeeThreadListNeededDetails struct { - ThreadListHeadOffset int32 - ThreadListEntryOffset int32 - CidOffset int32 - PsActiveProcessHead int32 - ActiveProcessLinksOffset int32 - Process int32 -} -type DebuggeeProcessListDetailsEntry struct { - Eprocess int32 - ProcessId int32 - Cr3 int32 - ImageFileName [16]int32 -} -type DebuggeeThreadListDetailsEntry struct { - Eprocess int32 - Ethread int32 - ProcessId int32 - ThreadId int32 - ImageFileName [16]int32 -} -type DebuggerQueryActiveProcessesOrThreads struct { - ProcessListNeededDetails DebuggeeProcessListNeededDetails - ThreadListNeededDetails DebuggeeThreadListNeededDetails - QueryType DebuggerQueryActiveProcessesOrThreadsTypes - QueryAction DebuggerQueryActiveProcessesOrThreadsActions - Count int32 - Result int32 -} -type DebuggerSingleCallstackFrame struct { - IsStackAddressValid int32 - IsValidAddress int32 - IsExecutable int32 - Value int32 - InstructionBytesOnRip int32 -} -type DebuggerCallstackRequest struct { - Is32Bit int32 - KernelStatus int32 - DisplayMethod DebuggerCallstackDisplayMethod - Size int32 - FrameCount int32 - BaseAddress int32 - BufferSize int32 -} -type UsermodeDebuggingThreadOrProcessStateDetails struct { - ProcessId int32 - ThreadId int32 - IsProcess int32 -} -type DebuggerEventActionRunScriptConfiguration struct { - ScriptBuffer int32 - ScriptLength int32 - ScriptPointer int32 - OptionalRequestedBufferSize int32 -} -type DebuggerEventRequestBuffer struct { - EnabledRequestBuffer int32 - RequestBufferSize int32 - RequstBufferAddress int32 -} -type DebuggerEventRequestCustomCode struct { - CustomCodeBufferSize int32 - CustomCodeBufferAddress int32 - OptionalRequestedBufferSize int32 -} -type DebuggerUdCommandAction struct { - ActionType DebuggerUdCommandActionType - OptionalParam1 int32 - OptionalParam2 int32 - OptionalParam3 int32 - OptionalParam4 int32 -} -type DebuggerUdCommandPacket struct { - UdAction DebuggerUdCommandAction - ProcessDebuggingDetailToken int32 - TargetThreadId int32 - ApplyToAllPausedThreads int32 - Result int32 -} -type DebuggeeDetailsAndSwitchProcessPacket struct { - ActionType DebuggeeDetailsAndSwitchProcessType - ProcessId int32 - Process int32 - IsSwitchByClkIntr int32 - ProcessName [16]int32 - ProcessListSymDetails DebuggeeProcessListNeededDetails - Result int32 -} -type DebuggeeDetailsAndSwitchThreadPacket struct { - ActionType DebuggeeDetailsAndSwitchThreadType - ThreadId int32 - ProcessId int32 - Thread int32 - Process int32 - CheckByClockInterrupt int32 - ProcessName [16]int32 - ThreadListSymDetails DebuggeeThreadListNeededDetails - Result int32 -} -type DebuggeeStepPacket struct { - StepType DebuggerRemoteSteppingRequest - IsCurrentInstructionACall int32 - CallLength int32 -} -type DebuggeeFormatsPacket struct { - Value int32 - Result int32 -} -type DebuggeeSymbolRequestPacket struct { - ProcessId int32 -} -type DebuggeeBpPacket struct { - Address int32 - Pid int32 - Tid int32 - Core int32 - RemoveAfterHit int32 - CheckForCallbacks int32 - Result int32 -} -type DebuggeeBpListOrModifyPacket struct { - BreakpointId int32 - Request DebuggeeBreakpointModificationRequest - Result int32 -} -type DebuggeeScriptPacket struct { - ScriptBufferSize int32 - ScriptBufferPointer int32 - IsFormat int32 - Result int32 -} -type DebuggeeResultOfSearchPacket struct { - CountOfResults int32 - Result int32 -} -type DebuggeeRegisterReadDescription struct { - RegisterID int32 - Value int32 - KernelStatus int32 -} -type _Int128T = any -type _Uint128T = any -type __NSConstantString = any -type SizeT = uint64 -type _BuiltinMsVaList = *byte -type _BuiltinVaList = *byte - -// @brief request for !pte command -type PdebuggerReadPageTableEntriesDetails = *DebuggerReadPageTableEntriesDetails - -// @brief requests for !va2pa and !pa2va commands -type PdebuggerVa2paAndPa2vaCommands = *DebuggerVa2paAndPa2vaCommands - -// @brief requests for the '.pagein' command -type PdebuggerPageInRequest = *DebuggerPageInRequest - -// @brief requests for !rev command -type PreversingMachineReconstructMemoryRequest = *ReversingMachineReconstructMemoryRequest - -// @brief requests options for dt and struct command -type PdebuggerDtCommandOptions = *DebuggerDtCommandOptions - -// @brief requests for the 'prealloc' command -type PdebuggerPreallocCommand = *DebuggerPreallocCommand - -// @brief requests for the 'preactivate' command -type PdebuggerPreactivateCommand = *DebuggerPreactivateCommand - -// @brief request for reading virtual and physical memory -type PdebuggerReadMemory = *DebuggerReadMemory - -// @brief request for flushing buffers -type PdebuggerFlushLoggingBuffers = *DebuggerFlushLoggingBuffers - -// @brief request for test query buffers -type PdebuggerDebuggerTestQueryBuffer = *DebuggerDebuggerTestQueryBuffer - -// @brief request performing kernel tests -type PdebuggerPerformKernelTests = *DebuggerPerformKernelTests - -// @brief request for send a signal that command execution finished -type PdebuggerSendCommandExecutionFinishedSignal = *DebuggerSendCommandExecutionFinishedSignal - -// @brief request for send general packets from debuggee to debugger -type PdebuggeeSendGeneralPacketFromDebuggeeToDebugger = *DebuggeeSendGeneralPacketFromDebuggeeToDebugger - -// @brief request for send a user-mode message to debugger -type PdebuggerSendUsermodeMessagesToDebugger = *DebuggerSendUsermodeMessagesToDebugger - -// @brief request to read or write on MSRs -type PdebuggerReadAndWriteOnMsr = *DebuggerReadAndWriteOnMsr - -// @brief request for edit virtual and physical memory -type PdebuggerEditMemory = *DebuggerEditMemory - -// @brief request for searching memory -type PdebuggerSearchMemory = *DebuggerSearchMemory - -// @brief request for enable or disable transparent-mode -type PdebuggerHideAndTransparentDebuggerMode = *DebuggerHideAndTransparentDebuggerMode - -// @brief request to make this computer to a debuggee -type PdebuggerPrepareDebuggee = *DebuggerPrepareDebuggee - -// @brief The structure of changing core packet in HyperDbg -type PdebuggeeChangeCorePacket = *DebuggeeChangeCorePacket - -// @brief request for attaching user-mode process -type PdebuggerAttachDetachUserModeProcess = *DebuggerAttachDetachUserModeProcess - -// @brief The structure of needed information to get the details -// of the process from nt!_EPROCESS and location of needed variables -type PdebuggeeProcessListNeededDetails = *DebuggeeProcessListNeededDetails - -// @brief The structure of needed information to get the details -// of the thread from nt!_ETHREAD and location of needed variables -type PdebuggeeThreadListNeededDetails = *DebuggeeThreadListNeededDetails - -// @brief The structure showing list of processes (details of each -// entry) -type PdebuggeeProcessListDetailsEntry = *DebuggeeProcessListDetailsEntry - -// @brief The structure showing list of threads (details of each -// entry) -type PdebuggeeThreadListDetailsEntry = *DebuggeeThreadListDetailsEntry - -// @brief request for query count of active processes and threads -type PdebuggerQueryActiveProcessesOrThreads = *DebuggerQueryActiveProcessesOrThreads - -// @brief The structure for saving the callstack frame of one parameter -type PdebuggerSingleCallstackFrame = *DebuggerSingleCallstackFrame - -// @brief request for callstack frames -type PdebuggerCallstackRequest = *DebuggerCallstackRequest -type PusermodeDebuggingThreadOrProcessStateDetails = *UsermodeDebuggingThreadOrProcessStateDetails - -// @brief Used for run the script -type PdebuggerEventActionRunScriptConfiguration = *DebuggerEventActionRunScriptConfiguration - -// @brief used in the case of requesting a "request buffer" -type PdebuggerEventRequestBuffer = *DebuggerEventRequestBuffer - -// @brief used in the case of custom code requests to the debugger -type PdebuggerEventRequestCustomCode = *DebuggerEventRequestCustomCode - -// @brief Description of user-mode debugging actions -type PdebuggerUdCommandAction = *DebuggerUdCommandAction - -// @brief The structure of command packet in uHyperDbg -type PdebuggerUdCommandPacket = *DebuggerUdCommandPacket - -// @brief The structure of changing process and show process -// packet in HyperDbg -type PdebuggeeDetailsAndSwitchProcessPacket = *DebuggeeDetailsAndSwitchProcessPacket - -// @brief The structure of changing thead and show thread -// packet in HyperDbg -type PdebuggeeDetailsAndSwitchThreadPacket = *DebuggeeDetailsAndSwitchThreadPacket - -// @brief The structure of stepping packet in HyperDbg -type PdebuggeeStepPacket = *DebuggeeStepPacket - -// @brief The structure of .formats result packet in HyperDbg -type PdebuggeeFormatsPacket = *DebuggeeFormatsPacket - -// @brief The structure of .sym reload packet in HyperDbg -type PdebuggeeSymbolRequestPacket = *DebuggeeSymbolRequestPacket - -// @brief The structure of bp command packet in HyperDbg -type PdebuggeeBpPacket = *DebuggeeBpPacket - -// @brief The structure of breakpoint modification requests packet in HyperDbg -type PdebuggeeBpListOrModifyPacket = *DebuggeeBpListOrModifyPacket - -// @brief The structure of script packet in HyperDbg -type PdebuggeeScriptPacket = *DebuggeeScriptPacket - -// @brief The structure of result of search packet in HyperDbg -type PdebuggeeResultOfSearchPacket = *DebuggeeResultOfSearchPacket - -// @brief Register Descriptor Structure to use in r command. -type PdebuggeeRegisterReadDescription = *DebuggeeRegisterReadDescription - -// Gengo init function. -func init() { - gengort.Validate((*DebuggerReadPageTableEntriesDetails)(nil), 0x2c, 0x4, "VirtualAddress", 0x0, "ProcessId", 0x4, "Pml4eVirtualAddress", 0x8, "Pml4eValue", 0xc, "PdpteVirtualAddress", 0x10, "PdpteValue", 0x14, "PdeVirtualAddress", 0x18, "PdeValue", 0x1c, "PteVirtualAddress", 0x20, "PteValue", 0x24, "KernelStatus", 0x28) - gengort.Validate((*DebuggerVa2paAndPa2vaCommands)(nil), 0x14, 0x4, "VirtualAddress", 0x0, "PhysicalAddress", 0x4, "ProcessId", 0x8, "IsVirtual2Physical", 0xc, "KernelStatus", 0x10) - gengort.Validate((*DebuggerPageInRequest)(nil), 0x14, 0x4, "VirtualAddressFrom", 0x0, "VirtualAddressTo", 0x4, "ProcessId", 0x8, "PageFaultErrorCode", 0xc, "KernelStatus", 0x10) - gengort.Validate((*ReversingMachineReconstructMemoryRequest)(nil), 0x14, 0x4, "ProcessId", 0x0, "Size", 0x4, "Mode", 0x8, "Type", 0xc, "KernelStatus", 0x10) - gengort.Validate((*DebuggerDtCommandOptions)(nil), 0x28, 0x8, "TypeName", 0x0, "SizeOfTypeName", 0x8, "Address", 0xc, "IsStruct", 0x10, "BufferAddress", 0x14, "TargetPid", 0x18, "AdditionalParameters", 0x20) - gengort.Validate((*DebuggerPreallocCommand)(nil), 0xc, 0x4, "Type", 0x0, "Count", 0x4, "KernelStatus", 0x8) - gengort.Validate((*DebuggerPreactivateCommand)(nil), 0x8, 0x4, "Type", 0x0, "KernelStatus", 0x4) - gengort.Validate((*DebuggerReadMemory)(nil), 0x38, 0x8, "Pid", 0x0, "Address", 0x4, "Size", 0x8, "IsForDisasm", 0xc, "Is32BitAddress", 0x10, "MemoryType", 0x14, "ReadingType", 0x18, "DtDetails", 0x20, "Style", 0x28, "ReturnLength", 0x2c, "KernelStatus", 0x30) - gengort.Validate((*DebuggerFlushLoggingBuffers)(nil), 0xc, 0x4, "KernelStatus", 0x0, "CountOfMessagesThatSetAsReadFromVmxRoot", 0x4, "CountOfMessagesThatSetAsReadFromVmxNonRoot", 0x8) - gengort.Validate((*DebuggerDebuggerTestQueryBuffer)(nil), 0xc, 0x4, "RequestType", 0x0, "Context", 0x4, "KernelStatus", 0x8) - gengort.Validate((*DebuggerPerformKernelTests)(nil), 0x4, 0x4, "KernelStatus", 0x0) - gengort.Validate((*DebuggerSendCommandExecutionFinishedSignal)(nil), 0x4, 0x4, "KernelStatus", 0x0) - gengort.Validate((*DebuggeeSendGeneralPacketFromDebuggeeToDebugger)(nil), 0x10, 0x4, "RequestedAction", 0x0, "LengthOfBuffer", 0x4, "PauseDebuggeeWhenSent", 0x8, "KernelResult", 0xc) - gengort.Validate((*DebuggerSendUsermodeMessagesToDebugger)(nil), 0x8, 0x4, "KernelStatus", 0x0, "Length", 0x4) - gengort.Validate((*DebuggerReadAndWriteOnMsr)(nil), 0x10, 0x4, "Msr", 0x0, "CoreNumber", 0x4, "ActionType", 0x8, "Value", 0xc) - gengort.Validate((*DebuggerEditMemory)(nil), 0x20, 0x4, "Result", 0x0, "Address", 0x4, "ProcessId", 0x8, "MemoryType", 0xc, "ByteSize", 0x10, "CountOf64Chunks", 0x14, "FinalStructureSize", 0x18, "KernelStatus", 0x1c) - gengort.Validate((*DebuggerSearchMemory)(nil), 0x1c, 0x4, "Address", 0x0, "Length", 0x4, "ProcessId", 0x8, "MemoryType", 0xc, "ByteSize", 0x10, "CountOf64Chunks", 0x14, "FinalStructureSize", 0x18) - gengort.Validate((*DebuggerHideAndTransparentDebuggerMode)(nil), 0x2c, 0x4, "IsHide", 0x0, "CpuidAverage", 0x4, "CpuidStandardDeviation", 0x8, "CpuidMedian", 0xc, "RdtscAverage", 0x10, "RdtscStandardDeviation", 0x14, "RdtscMedian", 0x18, "TrueIfProcessIdAndFalseIfProcessName", 0x1c, "ProcId", 0x20, "LengthOfProcessName", 0x24, "KernelStatus", 0x28) - gengort.Validate((*DebuggerPrepareDebuggee)(nil), 0x14, 0x4, "PortAddress", 0x0, "Baudrate", 0x4, "NtoskrnlBaseAddress", 0x8, "Result", 0xc, "OsName", 0x10) - gengort.Validate((*DebuggeeChangeCorePacket)(nil), 0x8, 0x4, "NewCore", 0x0, "Result", 0x4) - gengort.Validate((*DebuggerAttachDetachUserModeProcess)(nil), 0x28, 0x4, "IsStartingNewProcess", 0x0, "ProcessId", 0x4, "ThreadId", 0x8, "CheckCallbackAtFirstInstruction", 0xc, "Is32Bit", 0x10, "IsPaused", 0x14, "Action", 0x18, "CountOfActiveDebuggingThreadsAndProcesses", 0x1c, "Token", 0x20, "Result", 0x24) - gengort.Validate((*DebuggeeProcessListNeededDetails)(nil), 0x10, 0x4, "PsActiveProcessHead", 0x0, "ImageFileNameOffset", 0x4, "UniquePidOffset", 0x8, "ActiveProcessLinksOffset", 0xc) - gengort.Validate((*DebuggeeThreadListNeededDetails)(nil), 0x18, 0x4, "ThreadListHeadOffset", 0x0, "ThreadListEntryOffset", 0x4, "CidOffset", 0x8, "PsActiveProcessHead", 0xc, "ActiveProcessLinksOffset", 0x10, "Process", 0x14) - gengort.Validate((*DebuggeeProcessListDetailsEntry)(nil), 0x4c, 0x4, "Eprocess", 0x0, "ProcessId", 0x4, "Cr3", 0x8, "ImageFileName", 0xc) - gengort.Validate((*DebuggeeThreadListDetailsEntry)(nil), 0x50, 0x4, "Eprocess", 0x0, "Ethread", 0x4, "ProcessId", 0x8, "ThreadId", 0xc, "ImageFileName", 0x10) - gengort.Validate((*DebuggerQueryActiveProcessesOrThreads)(nil), 0x14, 0x4, "ProcessListNeededDetails", 0x0, "ThreadListNeededDetails", 0x1, "QueryType", 0x4, "QueryAction", 0x8, "Count", 0xc, "Result", 0x10) - gengort.Validate((*DebuggerSingleCallstackFrame)(nil), 0x14, 0x4, "IsStackAddressValid", 0x0, "IsValidAddress", 0x4, "IsExecutable", 0x8, "Value", 0xc, "InstructionBytesOnRip", 0x10) - gengort.Validate((*DebuggerCallstackRequest)(nil), 0x1c, 0x4, "Is32Bit", 0x0, "KernelStatus", 0x4, "DisplayMethod", 0x8, "Size", 0xc, "FrameCount", 0x10, "BaseAddress", 0x14, "BufferSize", 0x18) - gengort.Validate((*UsermodeDebuggingThreadOrProcessStateDetails)(nil), 0xc, 0x4, "ProcessId", 0x0, "ThreadId", 0x4, "IsProcess", 0x8) - gengort.Validate((*DebuggerEventActionRunScriptConfiguration)(nil), 0x10, 0x4, "ScriptBuffer", 0x0, "ScriptLength", 0x4, "ScriptPointer", 0x8, "OptionalRequestedBufferSize", 0xc) - gengort.Validate((*DebuggerEventRequestBuffer)(nil), 0xc, 0x4, "EnabledRequestBuffer", 0x0, "RequestBufferSize", 0x4, "RequstBufferAddress", 0x8) - gengort.Validate((*DebuggerEventRequestCustomCode)(nil), 0xc, 0x4, "CustomCodeBufferSize", 0x0, "CustomCodeBufferAddress", 0x4, "OptionalRequestedBufferSize", 0x8) - gengort.Validate((*DebuggerUdCommandAction)(nil), 0x14, 0x4, "ActionType", 0x0, "OptionalParam1", 0x4, "OptionalParam2", 0x8, "OptionalParam3", 0xc, "OptionalParam4", 0x10) - gengort.Validate((*DebuggerUdCommandPacket)(nil), 0x14, 0x4, "UdAction", 0x0, "ProcessDebuggingDetailToken", 0x4, "TargetThreadId", 0x8, "ApplyToAllPausedThreads", 0xc, "Result", 0x10) - gengort.Validate((*DebuggeeDetailsAndSwitchProcessPacket)(nil), 0x58, 0x4, "ActionType", 0x0, "ProcessId", 0x4, "Process", 0x8, "IsSwitchByClkIntr", 0xc, "ProcessName", 0x10, "ProcessListSymDetails", 0x50, "Result", 0x54) - gengort.Validate((*DebuggeeDetailsAndSwitchThreadPacket)(nil), 0x60, 0x4, "ActionType", 0x0, "ThreadId", 0x4, "ProcessId", 0x8, "Thread", 0xc, "Process", 0x10, "CheckByClockInterrupt", 0x14, "ProcessName", 0x18, "ThreadListSymDetails", 0x58, "Result", 0x5c) - gengort.Validate((*DebuggeeStepPacket)(nil), 0xc, 0x4, "StepType", 0x0, "IsCurrentInstructionACall", 0x4, "CallLength", 0x8) - gengort.Validate((*DebuggeeFormatsPacket)(nil), 0x8, 0x4, "Value", 0x0, "Result", 0x4) - gengort.Validate((*DebuggeeSymbolRequestPacket)(nil), 0x4, 0x4, "ProcessId", 0x0) - gengort.Validate((*DebuggeeBpPacket)(nil), 0x1c, 0x4, "Address", 0x0, "Pid", 0x4, "Tid", 0x8, "Core", 0xc, "RemoveAfterHit", 0x10, "CheckForCallbacks", 0x14, "Result", 0x18) - gengort.Validate((*DebuggeeBpListOrModifyPacket)(nil), 0xc, 0x4, "BreakpointId", 0x0, "Request", 0x4, "Result", 0x8) - gengort.Validate((*DebuggeeScriptPacket)(nil), 0x10, 0x4, "ScriptBufferSize", 0x0, "ScriptBufferPointer", 0x4, "IsFormat", 0x8, "Result", 0xc) - gengort.Validate((*DebuggeeResultOfSearchPacket)(nil), 0x8, 0x4, "CountOfResults", 0x0, "Result", 0x4) - gengort.Validate((*DebuggeeRegisterReadDescription)(nil), 0xc, 0x4, "RegisterID", 0x0, "Value", 0x4, "KernelStatus", 0x8) -} diff --git a/bin/debug/SDK/Headers/Symbols.h.go b/bin/debug/SDK/Headers/Symbols.h.go deleted file mode 100644 index e69de29bb..000000000 diff --git a/bin/debug/SDK/Imports/HyperDbgCtrlImports.h.go b/bin/debug/SDK/Imports/HyperDbgCtrlImports.h.go deleted file mode 100644 index d7d3118b3..000000000 --- a/bin/debug/SDK/Imports/HyperDbgCtrlImports.h.go +++ /dev/null @@ -1,120 +0,0 @@ -// Code generated by gengo. DO NOT EDIT. -package HPRDBGCTRL - -import ( - "unsafe" - "github.com/can1357/gengo/gengort" -) - -const GengoLibraryName = "HPRDBGCTRL" - -var GengoLibrary = gengort.NewLibrary(GengoLibraryName) - -type _Int128T = any -type _Uint128T = any -type __NSConstantString = any -type SizeT = uint64 -type _BuiltinMsVaList = *byte -type _BuiltinVaList = *byte - -var __imp_HyperDbgVmxSupportDetection gengort.PreloadProc - -// Gengo init function. -func init() { - __imp_HyperDbgVmxSupportDetection = GengoLibrary.ImportNow("HyperDbgVmxSupportDetection") - __imp_HyperDbgReadVendorString = GengoLibrary.ImportNow("HyperDbgReadVendorString") - __imp_HyperDbgLoadVmm = GengoLibrary.ImportNow("HyperDbgLoadVmm") - __imp_HyperDbgUnloadVmm = GengoLibrary.ImportNow("HyperDbgUnloadVmm") - __imp_HyperDbgInstallVmmDriver = GengoLibrary.ImportNow("HyperDbgInstallVmmDriver") - __imp_HyperDbgUninstallVmmDriver = GengoLibrary.ImportNow("HyperDbgUninstallVmmDriver") - __imp_HyperDbgStopVmmDriver = GengoLibrary.ImportNow("HyperDbgStopVmmDriver") - __imp_HyperDbgInterpreter = GengoLibrary.ImportNow("HyperDbgInterpreter") - __imp_HyperDbgShowSignature = GengoLibrary.ImportNow("HyperDbgShowSignature") - __imp_HyperDbgSetTextMessageCallback = GengoLibrary.ImportNow("HyperDbgSetTextMessageCallback") - __imp_HyperDbgScriptReadFileAndExecuteCommandline = GengoLibrary.ImportNow("HyperDbgScriptReadFileAndExecuteCommandline") - __imp_HyperDbgContinuePreviousCommand = GengoLibrary.ImportNow("HyperDbgContinuePreviousCommand") - __imp_HyperDbgCheckMultilineCommand = GengoLibrary.ImportNow("HyperDbgCheckMultilineCommand") -} -func HyperDbgVmxSupportDetection() int32 { - __res := gengort.CCall0(__imp_HyperDbgVmxSupportDetection.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_HyperDbgReadVendorString gengort.PreloadProc - -func HyperDbgReadVendorString( *byte) { - gengort.CCall1(__imp_HyperDbgReadVendorString.Addr(), gengort.MarshallSyscall()) -} - -var __imp_HyperDbgLoadVmm gengort.PreloadProc - -func HyperDbgLoadVmm() int32 { - __res := gengort.CCall0(__imp_HyperDbgLoadVmm.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_HyperDbgUnloadVmm gengort.PreloadProc - -func HyperDbgUnloadVmm() int32 { - __res := gengort.CCall0(__imp_HyperDbgUnloadVmm.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_HyperDbgInstallVmmDriver gengort.PreloadProc - -func HyperDbgInstallVmmDriver() int32 { - __res := gengort.CCall0(__imp_HyperDbgInstallVmmDriver.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_HyperDbgUninstallVmmDriver gengort.PreloadProc - -func HyperDbgUninstallVmmDriver() int32 { - __res := gengort.CCall0(__imp_HyperDbgUninstallVmmDriver.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_HyperDbgStopVmmDriver gengort.PreloadProc - -func HyperDbgStopVmmDriver() int32 { - __res := gengort.CCall0(__imp_HyperDbgStopVmmDriver.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_HyperDbgInterpreter gengort.PreloadProc - -func HyperDbgInterpreter(Command *byte) int32 { - __res := gengort.CCall1(__imp_HyperDbgInterpreter.Addr(), gengort.MarshallSyscall(Command)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_HyperDbgShowSignature gengort.PreloadProc - -func HyperDbgShowSignature() { gengort.CCall0(__imp_HyperDbgShowSignature.Addr()) } - -var __imp_HyperDbgSetTextMessageCallback gengort.PreloadProc - -func HyperDbgSetTextMessageCallback(handler int32) { - gengort.CCall1(__imp_HyperDbgSetTextMessageCallback.Addr(), gengort.MarshallSyscall(handler)) -} - -var __imp_HyperDbgScriptReadFileAndExecuteCommandline gengort.PreloadProc - -func HyperDbgScriptReadFileAndExecuteCommandline(argc int32, argv **byte) int32 { - __res := gengort.CCall2(__imp_HyperDbgScriptReadFileAndExecuteCommandline.Addr(), gengort.MarshallSyscall(argc), gengort.MarshallSyscall(argv)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_HyperDbgContinuePreviousCommand gengort.PreloadProc - -func HyperDbgContinuePreviousCommand() int32 { - __res := gengort.CCall0(__imp_HyperDbgContinuePreviousCommand.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_HyperDbgCheckMultilineCommand gengort.PreloadProc - -func HyperDbgCheckMultilineCommand(CurrentCommand *byte, Reset int32) int32 { - __res := gengort.CCall2(__imp_HyperDbgCheckMultilineCommand.Addr(), gengort.MarshallSyscall(CurrentCommand), gengort.MarshallSyscall(Reset)) - return gengort.UnmarshallSyscall[int32](__res) -} diff --git a/bin/debug/SDK/Imports/HyperDbgHyperLogImports.h.go b/bin/debug/SDK/Imports/HyperDbgHyperLogImports.h.go deleted file mode 100644 index a7059fa23..000000000 --- a/bin/debug/SDK/Imports/HyperDbgHyperLogImports.h.go +++ /dev/null @@ -1,103 +0,0 @@ -// Code generated by gengo. DO NOT EDIT. -package HPRDBGCTRL - -import ( - "unsafe" - "github.com/can1357/gengo/gengort" -) - -const GengoLibraryName = "HPRDBGCTRL" - -var GengoLibrary = gengort.NewLibrary(GengoLibraryName) - -type _Int128T = any -type _Uint128T = any -type __NSConstantString = any -type SizeT = uint64 -type _BuiltinMsVaList = *byte -type _BuiltinVaList = *byte - -var __imp_LogInitialize gengort.PreloadProc - -// Gengo init function. -func init() { - __imp_LogInitialize = GengoLibrary.ImportNow("LogInitialize") - __imp_LogUnInitialize = GengoLibrary.ImportNow("LogUnInitialize") - __imp_LogMarkAllAsRead = GengoLibrary.ImportNow("LogMarkAllAsRead") - __imp_LogCallbackPrepareAndSendMessageToQueue = GengoLibrary.ImportNow("LogCallbackPrepareAndSendMessageToQueue") - __imp_LogCallbackPrepareAndSendMessageToQueueWrapper = GengoLibrary.ImportNow("LogCallbackPrepareAndSendMessageToQueueWrapper") - __imp_LogCallbackSendBuffer = GengoLibrary.ImportNow("LogCallbackSendBuffer") - __imp_LogCallbackCheckIfBufferIsFull = GengoLibrary.ImportNow("LogCallbackCheckIfBufferIsFull") - __imp_LogCallbackSendMessageToQueue = GengoLibrary.ImportNow("LogCallbackSendMessageToQueue") - __imp_LogRegisterEventBasedNotification = GengoLibrary.ImportNow("LogRegisterEventBasedNotification") - __imp_LogRegisterIrpBasedNotification = GengoLibrary.ImportNow("LogRegisterIrpBasedNotification") -} - -// /////////////////////////////////////////////// -func LogInitialize(MsgTracingCallbacks *int32) int32 { - __res := gengort.CCall1(__imp_LogInitialize.Addr(), gengort.MarshallSyscall(MsgTracingCallbacks)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_LogUnInitialize gengort.PreloadProc - -func LogUnInitialize() int32 { - __res := gengort.CCall0(__imp_LogUnInitialize.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_LogMarkAllAsRead gengort.PreloadProc - -func LogMarkAllAsRead(IsVmxRoot int32) int32 { - __res := gengort.CCall1(__imp_LogMarkAllAsRead.Addr(), gengort.MarshallSyscall(IsVmxRoot)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_LogCallbackPrepareAndSendMessageToQueue gengort.PreloadProc - -func LogCallbackPrepareAndSendMessageToQueue(OperationCode int32, IsImmediateMessage int32, ShowCurrentSystemTime int32, Priority int32, Fmt *byte) int32 { - __res := gengort.CCall5(__imp_LogCallbackPrepareAndSendMessageToQueue.Addr(), gengort.MarshallSyscall(OperationCode), gengort.MarshallSyscall(IsImmediateMessage), gengort.MarshallSyscall(ShowCurrentSystemTime), gengort.MarshallSyscall(Priority), gengort.MarshallSyscall(Fmt)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_LogCallbackPrepareAndSendMessageToQueueWrapper gengort.PreloadProc - -func LogCallbackPrepareAndSendMessageToQueueWrapper(OperationCode int32, IsImmediateMessage int32, ShowCurrentSystemTime int32, Priority int32, Fmt *byte, ArgList int32) int32 { - __res := gengort.CCall6(__imp_LogCallbackPrepareAndSendMessageToQueueWrapper.Addr(), gengort.MarshallSyscall(OperationCode), gengort.MarshallSyscall(IsImmediateMessage), gengort.MarshallSyscall(ShowCurrentSystemTime), gengort.MarshallSyscall(Priority), gengort.MarshallSyscall(Fmt), gengort.MarshallSyscall(ArgList)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_LogCallbackSendBuffer gengort.PreloadProc - -func LogCallbackSendBuffer(UINT32 int32) int32 { - __res := gengort.CCall1(__imp_LogCallbackSendBuffer.Addr(), gengort.MarshallSyscall(UINT32)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_LogCallbackCheckIfBufferIsFull gengort.PreloadProc - -func LogCallbackCheckIfBufferIsFull(Priority int32) int32 { - __res := gengort.CCall1(__imp_LogCallbackCheckIfBufferIsFull.Addr(), gengort.MarshallSyscall(Priority)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_LogCallbackSendMessageToQueue gengort.PreloadProc - -func LogCallbackSendMessageToQueue(OperationCode int32, IsImmediateMessage int32, LogMessage *int32, BufferLen int32, Priority int32) int32 { - __res := gengort.CCall5(__imp_LogCallbackSendMessageToQueue.Addr(), gengort.MarshallSyscall(OperationCode), gengort.MarshallSyscall(IsImmediateMessage), gengort.MarshallSyscall(LogMessage), gengort.MarshallSyscall(BufferLen), gengort.MarshallSyscall(Priority)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_LogRegisterEventBasedNotification gengort.PreloadProc - -func LogRegisterEventBasedNotification(DeviceObject int32, Irp int32) int32 { - __res := gengort.CCall2(__imp_LogRegisterEventBasedNotification.Addr(), gengort.MarshallSyscall(DeviceObject), gengort.MarshallSyscall(Irp)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_LogRegisterIrpBasedNotification gengort.PreloadProc - -func LogRegisterIrpBasedNotification(DeviceObject int32, Irp int32) int32 { - __res := gengort.CCall2(__imp_LogRegisterIrpBasedNotification.Addr(), gengort.MarshallSyscall(DeviceObject), gengort.MarshallSyscall(Irp)) - return gengort.UnmarshallSyscall[int32](__res) -} diff --git a/bin/debug/SDK/Imports/HyperDbgHyperLogIntrinsics.h.go b/bin/debug/SDK/Imports/HyperDbgHyperLogIntrinsics.h.go deleted file mode 100644 index 96fc9dc04..000000000 --- a/bin/debug/SDK/Imports/HyperDbgHyperLogIntrinsics.h.go +++ /dev/null @@ -1,30 +0,0 @@ -// Code generated by gengo. DO NOT EDIT. -package HPRDBGCTRL - -import ( - "unsafe" - "github.com/can1357/gengo/gengort" -) - -const GengoLibraryName = "HPRDBGCTRL" - -var GengoLibrary = gengort.NewLibrary(GengoLibraryName) - -// @brief Types of log messages -type LogType int32 - -const ( - LOG_INFO LogType = 0 - LOG_WARNING LogType = 1 - LOG_ERROR LogType = 2 -) - -type _Int128T = any -type _Uint128T = any -type __NSConstantString = any -type SizeT = uint64 -type _BuiltinMsVaList = *byte -type _BuiltinVaList = *byte - -// Gengo init function. -func init() {} diff --git a/bin/debug/SDK/Imports/HyperDbgRevImports.h.go b/bin/debug/SDK/Imports/HyperDbgRevImports.h.go deleted file mode 100644 index bce2357db..000000000 --- a/bin/debug/SDK/Imports/HyperDbgRevImports.h.go +++ /dev/null @@ -1,37 +0,0 @@ -// Code generated by gengo. DO NOT EDIT. -package HPRDBGCTRL - -import ( - "unsafe" - "github.com/can1357/gengo/gengort" -) - -const GengoLibraryName = "HPRDBGCTRL" - -var GengoLibrary = gengort.NewLibrary(GengoLibraryName) - -type _Int128T = any -type _Uint128T = any -type __NSConstantString = any -type SizeT = uint64 -type _BuiltinMsVaList = *byte -type _BuiltinVaList = *byte - -var __imp_ReversingMachineStart gengort.PreloadProc - -// Gengo init function. -func init() { - __imp_ReversingMachineStart = GengoLibrary.ImportNow("ReversingMachineStart") - __imp_ReversingMachineStop = GengoLibrary.ImportNow("ReversingMachineStop") -} -func ReversingMachineStart() int32 { - __res := gengort.CCall0(__imp_ReversingMachineStart.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_ReversingMachineStop gengort.PreloadProc - -func ReversingMachineStop() int32 { - __res := gengort.CCall0(__imp_ReversingMachineStop.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} diff --git a/bin/debug/SDK/Imports/HyperDbgScriptImports.h.go b/bin/debug/SDK/Imports/HyperDbgScriptImports.h.go deleted file mode 100644 index fffafc9a6..000000000 --- a/bin/debug/SDK/Imports/HyperDbgScriptImports.h.go +++ /dev/null @@ -1,170 +0,0 @@ -// Code generated by gengo. DO NOT EDIT. -package HPRDBGCTRL - -import ( - "unsafe" - "github.com/can1357/gengo/gengort" -) - -const GengoLibraryName = "HPRDBGCTRL" - -var GengoLibrary = gengort.NewLibrary(GengoLibraryName) - -type _Int128T = any -type _Uint128T = any -type __NSConstantString = any -type SizeT = uint64 -type _BuiltinMsVaList = *byte -type _BuiltinVaList = *byte - -var __imp_ScriptEngineParse gengort.PreloadProc - -// Gengo init function. -func init() { - __imp_ScriptEngineParse = GengoLibrary.ImportNow("ScriptEngineParse") - __imp_GetStackBuffer = GengoLibrary.ImportNow("GetStackBuffer") - __imp_PrintSymbolBuffer = GengoLibrary.ImportNow("PrintSymbolBuffer") - __imp_PrintSymbol = GengoLibrary.ImportNow("PrintSymbol") - __imp_RemoveSymbolBuffer = GengoLibrary.ImportNow("RemoveSymbolBuffer") - __imp_ScriptEngineSetTextMessageCallback = GengoLibrary.ImportNow("ScriptEngineSetTextMessageCallback") - __imp_ScriptEngineSymbolAbortLoading = GengoLibrary.ImportNow("ScriptEngineSymbolAbortLoading") - __imp_ScriptEngineConvertNameToAddress = GengoLibrary.ImportNow("ScriptEngineConvertNameToAddress") - __imp_ScriptEngineLoadFileSymbol = GengoLibrary.ImportNow("ScriptEngineLoadFileSymbol") - __imp_ScriptEngineUnloadAllSymbols = GengoLibrary.ImportNow("ScriptEngineUnloadAllSymbols") - __imp_ScriptEngineUnloadModuleSymbol = GengoLibrary.ImportNow("ScriptEngineUnloadModuleSymbol") - __imp_ScriptEngineSearchSymbolForMask = GengoLibrary.ImportNow("ScriptEngineSearchSymbolForMask") - __imp_ScriptEngineGetFieldOffset = GengoLibrary.ImportNow("ScriptEngineGetFieldOffset") - __imp_ScriptEngineGetDataTypeSize = GengoLibrary.ImportNow("ScriptEngineGetDataTypeSize") - __imp_ScriptEngineCreateSymbolTableForDisassembler = GengoLibrary.ImportNow("ScriptEngineCreateSymbolTableForDisassembler") - __imp_ScriptEngineConvertFileToPdbPath = GengoLibrary.ImportNow("ScriptEngineConvertFileToPdbPath") - __imp_ScriptEngineConvertFileToPdbFileAndGuidAndAgeDetails = GengoLibrary.ImportNow("ScriptEngineConvertFileToPdbFileAndGuidAndAgeDetails") - __imp_ScriptEngineSymbolInitLoad = GengoLibrary.ImportNow("ScriptEngineSymbolInitLoad") - __imp_ScriptEngineShowDataBasedOnSymbolTypes = GengoLibrary.ImportNow("ScriptEngineShowDataBasedOnSymbolTypes") -} -func ScriptEngineParse(str *byte) int32 { - __res := gengort.CCall1(__imp_ScriptEngineParse.Addr(), gengort.MarshallSyscall(str)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_GetStackBuffer gengort.PreloadProc - -func GetStackBuffer() int32 { - __res := gengort.CCall0(__imp_GetStackBuffer.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_PrintSymbolBuffer gengort.PreloadProc - -func PrintSymbolBuffer(SymbolBuffer int32) { - gengort.CCall1(__imp_PrintSymbolBuffer.Addr(), gengort.MarshallSyscall(SymbolBuffer)) -} - -var __imp_PrintSymbol gengort.PreloadProc - -func PrintSymbol(Symbol int32) { - gengort.CCall1(__imp_PrintSymbol.Addr(), gengort.MarshallSyscall(Symbol)) -} - -var __imp_RemoveSymbolBuffer gengort.PreloadProc - -func RemoveSymbolBuffer(SymbolBuffer int32) { - gengort.CCall1(__imp_RemoveSymbolBuffer.Addr(), gengort.MarshallSyscall(SymbolBuffer)) -} - -var __imp_ScriptEngineSetTextMessageCallback gengort.PreloadProc - -func ScriptEngineSetTextMessageCallback(Handler int32) int32 { - __res := gengort.CCall1(__imp_ScriptEngineSetTextMessageCallback.Addr(), gengort.MarshallSyscall(Handler)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_ScriptEngineSymbolAbortLoading gengort.PreloadProc - -func ScriptEngineSymbolAbortLoading() int32 { - __res := gengort.CCall0(__imp_ScriptEngineSymbolAbortLoading.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_ScriptEngineConvertNameToAddress gengort.PreloadProc - -func ScriptEngineConvertNameToAddress(FunctionOrVariableName *byte, WasFound int32) int32 { - __res := gengort.CCall2(__imp_ScriptEngineConvertNameToAddress.Addr(), gengort.MarshallSyscall(FunctionOrVariableName), gengort.MarshallSyscall(WasFound)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_ScriptEngineLoadFileSymbol gengort.PreloadProc - -func ScriptEngineLoadFileSymbol(BaseAddress int32, PdbFileName *byte, CustomModuleName *byte) int32 { - __res := gengort.CCall3(__imp_ScriptEngineLoadFileSymbol.Addr(), gengort.MarshallSyscall(BaseAddress), gengort.MarshallSyscall(PdbFileName), gengort.MarshallSyscall(CustomModuleName)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_ScriptEngineUnloadAllSymbols gengort.PreloadProc - -func ScriptEngineUnloadAllSymbols() int32 { - __res := gengort.CCall0(__imp_ScriptEngineUnloadAllSymbols.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_ScriptEngineUnloadModuleSymbol gengort.PreloadProc - -func ScriptEngineUnloadModuleSymbol(ModuleName *byte) int32 { - __res := gengort.CCall1(__imp_ScriptEngineUnloadModuleSymbol.Addr(), gengort.MarshallSyscall(ModuleName)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_ScriptEngineSearchSymbolForMask gengort.PreloadProc - -func ScriptEngineSearchSymbolForMask(SearchMask *byte) int32 { - __res := gengort.CCall1(__imp_ScriptEngineSearchSymbolForMask.Addr(), gengort.MarshallSyscall(SearchMask)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_ScriptEngineGetFieldOffset gengort.PreloadProc - -func ScriptEngineGetFieldOffset(TypeName *int32, FieldName *int32, FieldOffset *int32) int32 { - __res := gengort.CCall3(__imp_ScriptEngineGetFieldOffset.Addr(), gengort.MarshallSyscall(TypeName), gengort.MarshallSyscall(FieldName), gengort.MarshallSyscall(FieldOffset)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_ScriptEngineGetDataTypeSize gengort.PreloadProc - -func ScriptEngineGetDataTypeSize(TypeName *int32, TypeSize *int32) int32 { - __res := gengort.CCall2(__imp_ScriptEngineGetDataTypeSize.Addr(), gengort.MarshallSyscall(TypeName), gengort.MarshallSyscall(TypeSize)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_ScriptEngineCreateSymbolTableForDisassembler gengort.PreloadProc - -func ScriptEngineCreateSymbolTableForDisassembler(CallbackFunction unsafe.Pointer) int32 { - __res := gengort.CCall1(__imp_ScriptEngineCreateSymbolTableForDisassembler.Addr(), gengort.MarshallSyscall(CallbackFunction)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_ScriptEngineConvertFileToPdbPath gengort.PreloadProc - -func ScriptEngineConvertFileToPdbPath(LocalFilePath *byte, ResultPath *byte) int32 { - __res := gengort.CCall2(__imp_ScriptEngineConvertFileToPdbPath.Addr(), gengort.MarshallSyscall(LocalFilePath), gengort.MarshallSyscall(ResultPath)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_ScriptEngineConvertFileToPdbFileAndGuidAndAgeDetails gengort.PreloadProc - -func ScriptEngineConvertFileToPdbFileAndGuidAndAgeDetails(LocalFilePath *byte, PdbFilePath *byte, GuidAndAgeDetails *byte, Is32BitModule int32) int32 { - __res := gengort.CCall4(__imp_ScriptEngineConvertFileToPdbFileAndGuidAndAgeDetails.Addr(), gengort.MarshallSyscall(LocalFilePath), gengort.MarshallSyscall(PdbFilePath), gengort.MarshallSyscall(GuidAndAgeDetails), gengort.MarshallSyscall(Is32BitModule)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_ScriptEngineSymbolInitLoad gengort.PreloadProc - -func ScriptEngineSymbolInitLoad(BufferToStoreDetails int32, StoredLength int32, DownloadIfAvailable int32, SymbolPath *byte, IsSilentLoad int32) int32 { - __res := gengort.CCall5(__imp_ScriptEngineSymbolInitLoad.Addr(), gengort.MarshallSyscall(BufferToStoreDetails), gengort.MarshallSyscall(StoredLength), gengort.MarshallSyscall(DownloadIfAvailable), gengort.MarshallSyscall(SymbolPath), gengort.MarshallSyscall(IsSilentLoad)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_ScriptEngineShowDataBasedOnSymbolTypes gengort.PreloadProc - -func ScriptEngineShowDataBasedOnSymbolTypes(TypeName *byte, Address int32, IsStruct int32, BufferAddress int32, AdditionalParameters *byte) int32 { - __res := gengort.CCall5(__imp_ScriptEngineShowDataBasedOnSymbolTypes.Addr(), gengort.MarshallSyscall(TypeName), gengort.MarshallSyscall(Address), gengort.MarshallSyscall(IsStruct), gengort.MarshallSyscall(BufferAddress), gengort.MarshallSyscall(AdditionalParameters)) - return gengort.UnmarshallSyscall[int32](__res) -} diff --git a/bin/debug/SDK/Imports/HyperDbgSymImports.h.go b/bin/debug/SDK/Imports/HyperDbgSymImports.h.go deleted file mode 100644 index e21810ef4..000000000 --- a/bin/debug/SDK/Imports/HyperDbgSymImports.h.go +++ /dev/null @@ -1,149 +0,0 @@ -// Code generated by gengo. DO NOT EDIT. -package HPRDBGCTRL - -import ( - "unsafe" - "github.com/can1357/gengo/gengort" -) - -const GengoLibraryName = "HPRDBGCTRL" - -var GengoLibrary = gengort.NewLibrary(GengoLibraryName) - -type _Int128T = any -type _Uint128T = any -type __NSConstantString = any -type SizeT = uint64 -type _BuiltinMsVaList = *byte -type _BuiltinVaList = *byte - -var __imp_SymSetTextMessageCallback gengort.PreloadProc - -// Gengo init function. -func init() { - __imp_SymSetTextMessageCallback = GengoLibrary.ImportNow("SymSetTextMessageCallback") - __imp_SymbolAbortLoading = GengoLibrary.ImportNow("SymbolAbortLoading") - __imp_SymConvertNameToAddress = GengoLibrary.ImportNow("SymConvertNameToAddress") - __imp_SymLoadFileSymbol = GengoLibrary.ImportNow("SymLoadFileSymbol") - __imp_SymUnloadAllSymbols = GengoLibrary.ImportNow("SymUnloadAllSymbols") - __imp_SymUnloadModuleSymbol = GengoLibrary.ImportNow("SymUnloadModuleSymbol") - __imp_SymSearchSymbolForMask = GengoLibrary.ImportNow("SymSearchSymbolForMask") - __imp_SymGetFieldOffset = GengoLibrary.ImportNow("SymGetFieldOffset") - __imp_SymGetDataTypeSize = GengoLibrary.ImportNow("SymGetDataTypeSize") - __imp_SymCreateSymbolTableForDisassembler = GengoLibrary.ImportNow("SymCreateSymbolTableForDisassembler") - __imp_SymConvertFileToPdbPath = GengoLibrary.ImportNow("SymConvertFileToPdbPath") - __imp_SymConvertFileToPdbFileAndGuidAndAgeDetails = GengoLibrary.ImportNow("SymConvertFileToPdbFileAndGuidAndAgeDetails") - __imp_SymbolInitLoad = GengoLibrary.ImportNow("SymbolInitLoad") - __imp_SymShowDataBasedOnSymbolTypes = GengoLibrary.ImportNow("SymShowDataBasedOnSymbolTypes") - __imp_SymQuerySizeof = GengoLibrary.ImportNow("SymQuerySizeof") - __imp_SymCastingQueryForFiledsAndTypes = GengoLibrary.ImportNow("SymCastingQueryForFiledsAndTypes") -} -func SymSetTextMessageCallback(Handler int32) int32 { - __res := gengort.CCall1(__imp_SymSetTextMessageCallback.Addr(), gengort.MarshallSyscall(Handler)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_SymbolAbortLoading gengort.PreloadProc - -func SymbolAbortLoading() int32 { - __res := gengort.CCall0(__imp_SymbolAbortLoading.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_SymConvertNameToAddress gengort.PreloadProc - -func SymConvertNameToAddress(FunctionOrVariableName *byte, WasFound int32) int32 { - __res := gengort.CCall2(__imp_SymConvertNameToAddress.Addr(), gengort.MarshallSyscall(FunctionOrVariableName), gengort.MarshallSyscall(WasFound)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_SymLoadFileSymbol gengort.PreloadProc - -func SymLoadFileSymbol(BaseAddress int32, PdbFileName *byte, CustomModuleName *byte) int32 { - __res := gengort.CCall3(__imp_SymLoadFileSymbol.Addr(), gengort.MarshallSyscall(BaseAddress), gengort.MarshallSyscall(PdbFileName), gengort.MarshallSyscall(CustomModuleName)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_SymUnloadAllSymbols gengort.PreloadProc - -func SymUnloadAllSymbols() int32 { - __res := gengort.CCall0(__imp_SymUnloadAllSymbols.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_SymUnloadModuleSymbol gengort.PreloadProc - -func SymUnloadModuleSymbol(ModuleName *byte) int32 { - __res := gengort.CCall1(__imp_SymUnloadModuleSymbol.Addr(), gengort.MarshallSyscall(ModuleName)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_SymSearchSymbolForMask gengort.PreloadProc - -func SymSearchSymbolForMask(SearchMask *byte) int32 { - __res := gengort.CCall1(__imp_SymSearchSymbolForMask.Addr(), gengort.MarshallSyscall(SearchMask)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_SymGetFieldOffset gengort.PreloadProc - -func SymGetFieldOffset(TypeName *int32, FieldName *int32, FieldOffset *int32) int32 { - __res := gengort.CCall3(__imp_SymGetFieldOffset.Addr(), gengort.MarshallSyscall(TypeName), gengort.MarshallSyscall(FieldName), gengort.MarshallSyscall(FieldOffset)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_SymGetDataTypeSize gengort.PreloadProc - -func SymGetDataTypeSize(TypeName *int32, TypeSize *int32) int32 { - __res := gengort.CCall2(__imp_SymGetDataTypeSize.Addr(), gengort.MarshallSyscall(TypeName), gengort.MarshallSyscall(TypeSize)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_SymCreateSymbolTableForDisassembler gengort.PreloadProc - -func SymCreateSymbolTableForDisassembler(CallbackFunction unsafe.Pointer) int32 { - __res := gengort.CCall1(__imp_SymCreateSymbolTableForDisassembler.Addr(), gengort.MarshallSyscall(CallbackFunction)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_SymConvertFileToPdbPath gengort.PreloadProc - -func SymConvertFileToPdbPath(LocalFilePath *byte, ResultPath *byte) int32 { - __res := gengort.CCall2(__imp_SymConvertFileToPdbPath.Addr(), gengort.MarshallSyscall(LocalFilePath), gengort.MarshallSyscall(ResultPath)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_SymConvertFileToPdbFileAndGuidAndAgeDetails gengort.PreloadProc - -func SymConvertFileToPdbFileAndGuidAndAgeDetails(LocalFilePath *byte, PdbFilePath *byte, GuidAndAgeDetails *byte, Is32BitModule int32) int32 { - __res := gengort.CCall4(__imp_SymConvertFileToPdbFileAndGuidAndAgeDetails.Addr(), gengort.MarshallSyscall(LocalFilePath), gengort.MarshallSyscall(PdbFilePath), gengort.MarshallSyscall(GuidAndAgeDetails), gengort.MarshallSyscall(Is32BitModule)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_SymbolInitLoad gengort.PreloadProc - -func SymbolInitLoad(BufferToStoreDetails int32, StoredLength int32, DownloadIfAvailable int32, SymbolPath *byte, IsSilentLoad int32) int32 { - __res := gengort.CCall5(__imp_SymbolInitLoad.Addr(), gengort.MarshallSyscall(BufferToStoreDetails), gengort.MarshallSyscall(StoredLength), gengort.MarshallSyscall(DownloadIfAvailable), gengort.MarshallSyscall(SymbolPath), gengort.MarshallSyscall(IsSilentLoad)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_SymShowDataBasedOnSymbolTypes gengort.PreloadProc - -func SymShowDataBasedOnSymbolTypes(TypeName *byte, Address int32, IsStruct int32, BufferAddress int32, AdditionalParameters *byte) int32 { - __res := gengort.CCall5(__imp_SymShowDataBasedOnSymbolTypes.Addr(), gengort.MarshallSyscall(TypeName), gengort.MarshallSyscall(Address), gengort.MarshallSyscall(IsStruct), gengort.MarshallSyscall(BufferAddress), gengort.MarshallSyscall(AdditionalParameters)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_SymQuerySizeof gengort.PreloadProc - -func SymQuerySizeof(StructNameOrTypeName *int32, UINT32 int32) int32 { - __res := gengort.CCall2(__imp_SymQuerySizeof.Addr(), gengort.MarshallSyscall(StructNameOrTypeName), gengort.MarshallSyscall(UINT32)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_SymCastingQueryForFiledsAndTypes gengort.PreloadProc - -func SymCastingQueryForFiledsAndTypes(StructName *int32, FiledOfStructName *int32, PBOOLEAN int32) int32 { - __res := gengort.CCall3(__imp_SymCastingQueryForFiledsAndTypes.Addr(), gengort.MarshallSyscall(StructName), gengort.MarshallSyscall(FiledOfStructName), gengort.MarshallSyscall(PBOOLEAN)) - return gengort.UnmarshallSyscall[int32](__res) -} diff --git a/bin/debug/SDK/Imports/HyperDbgVmmImports.h.go b/bin/debug/SDK/Imports/HyperDbgVmmImports.h.go deleted file mode 100644 index 7af949f9e..000000000 --- a/bin/debug/SDK/Imports/HyperDbgVmmImports.h.go +++ /dev/null @@ -1,2089 +0,0 @@ -// Code generated by gengo. DO NOT EDIT. -package HPRDBGCTRL - -import ( - "unsafe" - "github.com/can1357/gengo/gengort" -) - -const GengoLibraryName = "HPRDBGCTRL" - -var GengoLibrary = gengort.NewLibrary(GengoLibraryName) - -type _Int128T = any -type _Uint128T = any -type __NSConstantString = any -type SizeT = uint64 -type _BuiltinMsVaList = *byte -type _BuiltinVaList = *byte - -var __imp_VmFuncVmxVmcall gengort.PreloadProc - -// Gengo init function. -func init() { - __imp_VmFuncVmxVmcall = GengoLibrary.ImportNow("VmFuncVmxVmcall") - __imp_VmFuncPerformRipIncrement = GengoLibrary.ImportNow("VmFuncPerformRipIncrement") - __imp_VmFuncSuppressRipIncrement = GengoLibrary.ImportNow("VmFuncSuppressRipIncrement") - __imp_VmFuncChangeMtfUnsettingState = GengoLibrary.ImportNow("VmFuncChangeMtfUnsettingState") - __imp_VmFuncChangeIgnoreOneMtfState = GengoLibrary.ImportNow("VmFuncChangeIgnoreOneMtfState") - __imp_VmFuncSetMonitorTrapFlag = GengoLibrary.ImportNow("VmFuncSetMonitorTrapFlag") - __imp_VmFuncSetRflagTrapFlag = GengoLibrary.ImportNow("VmFuncSetRflagTrapFlag") - __imp_VmFuncRegisterMtfBreak = GengoLibrary.ImportNow("VmFuncRegisterMtfBreak") - __imp_VmFuncUnRegisterMtfBreak = GengoLibrary.ImportNow("VmFuncUnRegisterMtfBreak") - __imp_VmFuncSetLoadDebugControls = GengoLibrary.ImportNow("VmFuncSetLoadDebugControls") - __imp_VmFuncSetSaveDebugControls = GengoLibrary.ImportNow("VmFuncSetSaveDebugControls") - __imp_VmFuncSetPmcVmexit = GengoLibrary.ImportNow("VmFuncSetPmcVmexit") - __imp_VmFuncSetMovControlRegsExiting = GengoLibrary.ImportNow("VmFuncSetMovControlRegsExiting") - __imp_VmFuncSetMovToCr3Vmexit = GengoLibrary.ImportNow("VmFuncSetMovToCr3Vmexit") - __imp_VmFuncWriteExceptionBitmap = GengoLibrary.ImportNow("VmFuncWriteExceptionBitmap") - __imp_VmFuncSetInterruptWindowExiting = GengoLibrary.ImportNow("VmFuncSetInterruptWindowExiting") - __imp_VmFuncSetNmiWindowExiting = GengoLibrary.ImportNow("VmFuncSetNmiWindowExiting") - __imp_VmFuncSetNmiExiting = GengoLibrary.ImportNow("VmFuncSetNmiExiting") - __imp_VmFuncSetExceptionBitmap = GengoLibrary.ImportNow("VmFuncSetExceptionBitmap") - __imp_VmFuncUnsetExceptionBitmap = GengoLibrary.ImportNow("VmFuncUnsetExceptionBitmap") - __imp_VmFuncSetExternalInterruptExiting = GengoLibrary.ImportNow("VmFuncSetExternalInterruptExiting") - __imp_VmFuncSetRdtscExiting = GengoLibrary.ImportNow("VmFuncSetRdtscExiting") - __imp_VmFuncSetMovDebugRegsExiting = GengoLibrary.ImportNow("VmFuncSetMovDebugRegsExiting") - __imp_VmFuncInjectPendingExternalInterrupts = GengoLibrary.ImportNow("VmFuncInjectPendingExternalInterrupts") - __imp_VmFuncSetRflags = GengoLibrary.ImportNow("VmFuncSetRflags") - __imp_VmFuncSetRip = GengoLibrary.ImportNow("VmFuncSetRip") - __imp_VmFuncSetTriggerEventForVmcalls = GengoLibrary.ImportNow("VmFuncSetTriggerEventForVmcalls") - __imp_VmFuncSetTriggerEventForCpuids = GengoLibrary.ImportNow("VmFuncSetTriggerEventForCpuids") - __imp_VmFuncSetInterruptibilityState = GengoLibrary.ImportNow("VmFuncSetInterruptibilityState") - __imp_VmFuncCheckAndEnableExternalInterrupts = GengoLibrary.ImportNow("VmFuncCheckAndEnableExternalInterrupts") - __imp_VmFuncDisableExternalInterruptsAndInterruptWindow = GengoLibrary.ImportNow("VmFuncDisableExternalInterruptsAndInterruptWindow") - __imp_VmFuncEventInjectPageFaultWithCr2 = GengoLibrary.ImportNow("VmFuncEventInjectPageFaultWithCr2") - __imp_VmFuncEventInjectPageFaultRangeAddress = GengoLibrary.ImportNow("VmFuncEventInjectPageFaultRangeAddress") - __imp_VmFuncEventInjectInterruption = GengoLibrary.ImportNow("VmFuncEventInjectInterruption") - __imp_VmFuncVmxBroadcastInitialize = GengoLibrary.ImportNow("VmFuncVmxBroadcastInitialize") - __imp_VmFuncVmxBroadcastUninitialize = GengoLibrary.ImportNow("VmFuncVmxBroadcastUninitialize") - __imp_VmFuncEventInjectBreakpoint = GengoLibrary.ImportNow("VmFuncEventInjectBreakpoint") - __imp_VmFuncInvalidateEptSingleContext = GengoLibrary.ImportNow("VmFuncInvalidateEptSingleContext") - __imp_VmFuncInvalidateEptAllContexts = GengoLibrary.ImportNow("VmFuncInvalidateEptAllContexts") - __imp_VmFuncUninitVmm = GengoLibrary.ImportNow("VmFuncUninitVmm") - __imp_VmFuncEnableMtfAndChangeExternalInterruptState = GengoLibrary.ImportNow("VmFuncEnableMtfAndChangeExternalInterruptState") - __imp_VmFuncEnableAndCheckForPreviousExternalInterrupts = GengoLibrary.ImportNow("VmFuncEnableAndCheckForPreviousExternalInterrupts") - __imp_VmFuncGetCsSelector = GengoLibrary.ImportNow("VmFuncGetCsSelector") - __imp_VmFuncReadExceptionBitmap = GengoLibrary.ImportNow("VmFuncReadExceptionBitmap") - __imp_VmFuncGetLastVmexitRip = GengoLibrary.ImportNow("VmFuncGetLastVmexitRip") - __imp_VmFuncGetRflags = GengoLibrary.ImportNow("VmFuncGetRflags") - __imp_VmFuncGetRip = GengoLibrary.ImportNow("VmFuncGetRip") - __imp_VmFuncGetInterruptibilityState = GengoLibrary.ImportNow("VmFuncGetInterruptibilityState") - __imp_VmFuncClearSteppingBits = GengoLibrary.ImportNow("VmFuncClearSteppingBits") - __imp_VmFuncInitVmm = GengoLibrary.ImportNow("VmFuncInitVmm") - __imp_VmFuncVmxCompatibleStrlen = GengoLibrary.ImportNow("VmFuncVmxCompatibleStrlen") - __imp_VmFuncVmxCompatibleWcslen = GengoLibrary.ImportNow("VmFuncVmxCompatibleWcslen") - __imp_VmFuncNmiBroadcastRequest = GengoLibrary.ImportNow("VmFuncNmiBroadcastRequest") - __imp_VmFuncNmiBroadcastInvalidateEptSingleContext = GengoLibrary.ImportNow("VmFuncNmiBroadcastInvalidateEptSingleContext") - __imp_VmFuncNmiBroadcastInvalidateEptAllContexts = GengoLibrary.ImportNow("VmFuncNmiBroadcastInvalidateEptAllContexts") - __imp_VmFuncVmxGetCurrentExecutionMode = GengoLibrary.ImportNow("VmFuncVmxGetCurrentExecutionMode") - __imp_VmFuncQueryModeExecTrap = GengoLibrary.ImportNow("VmFuncQueryModeExecTrap") - __imp_VmFuncVmxCompatibleStrcmp = GengoLibrary.ImportNow("VmFuncVmxCompatibleStrcmp") - __imp_VmFuncVmxCompatibleStrncmp = GengoLibrary.ImportNow("VmFuncVmxCompatibleStrncmp") - __imp_VmFuncVmxCompatibleWcscmp = GengoLibrary.ImportNow("VmFuncVmxCompatibleWcscmp") - __imp_VmFuncVmxCompatibleWcsncmp = GengoLibrary.ImportNow("VmFuncVmxCompatibleWcsncmp") - __imp_VmFuncVmxCompatibleMemcmp = GengoLibrary.ImportNow("VmFuncVmxCompatibleMemcmp") - __imp_ConfigureEnableMovToCr3ExitingOnAllProcessors = GengoLibrary.ImportNow("ConfigureEnableMovToCr3ExitingOnAllProcessors") - __imp_ConfigureDisableMovToCr3ExitingOnAllProcessors = GengoLibrary.ImportNow("ConfigureDisableMovToCr3ExitingOnAllProcessors") - __imp_ConfigureEnableEferSyscallEventsOnAllProcessors = GengoLibrary.ImportNow("ConfigureEnableEferSyscallEventsOnAllProcessors") - __imp_ConfigureDisableEferSyscallEventsOnAllProcessors = GengoLibrary.ImportNow("ConfigureDisableEferSyscallEventsOnAllProcessors") - __imp_ConfigureSetExternalInterruptExitingOnSingleCore = GengoLibrary.ImportNow("ConfigureSetExternalInterruptExitingOnSingleCore") - __imp_ConfigureEnableRdtscExitingOnSingleCore = GengoLibrary.ImportNow("ConfigureEnableRdtscExitingOnSingleCore") - __imp_ConfigureEnableRdpmcExitingOnSingleCore = GengoLibrary.ImportNow("ConfigureEnableRdpmcExitingOnSingleCore") - __imp_ConfigureEnableMovToDebugRegistersExitingOnSingleCore = GengoLibrary.ImportNow("ConfigureEnableMovToDebugRegistersExitingOnSingleCore") - __imp_ConfigureSetExceptionBitmapOnSingleCore = GengoLibrary.ImportNow("ConfigureSetExceptionBitmapOnSingleCore") - __imp_ConfigureEnableMovToControlRegisterExitingOnSingleCore = GengoLibrary.ImportNow("ConfigureEnableMovToControlRegisterExitingOnSingleCore") - __imp_ConfigureChangeMsrBitmapWriteOnSingleCore = GengoLibrary.ImportNow("ConfigureChangeMsrBitmapWriteOnSingleCore") - __imp_ConfigureChangeMsrBitmapReadOnSingleCore = GengoLibrary.ImportNow("ConfigureChangeMsrBitmapReadOnSingleCore") - __imp_ConfigureChangeIoBitmapOnSingleCore = GengoLibrary.ImportNow("ConfigureChangeIoBitmapOnSingleCore") - __imp_ConfigureEnableEferSyscallHookOnSingleCore = GengoLibrary.ImportNow("ConfigureEnableEferSyscallHookOnSingleCore") - __imp_ConfigureSetEferSyscallOrSysretHookType = GengoLibrary.ImportNow("ConfigureSetEferSyscallOrSysretHookType") - __imp_ConfigureDirtyLoggingInitializeOnAllProcessors = GengoLibrary.ImportNow("ConfigureDirtyLoggingInitializeOnAllProcessors") - __imp_ConfigureDirtyLoggingUninitializeOnAllProcessors = GengoLibrary.ImportNow("ConfigureDirtyLoggingUninitializeOnAllProcessors") - __imp_ConfigureModeBasedExecHookUninitializeOnAllProcessors = GengoLibrary.ImportNow("ConfigureModeBasedExecHookUninitializeOnAllProcessors") - __imp_ConfigureUninitializeExecTrapOnAllProcessors = GengoLibrary.ImportNow("ConfigureUninitializeExecTrapOnAllProcessors") - __imp_ConfigureInitializeExecTrapOnAllProcessors = GengoLibrary.ImportNow("ConfigureInitializeExecTrapOnAllProcessors") - __imp_ConfigureEptHook = GengoLibrary.ImportNow("ConfigureEptHook") - __imp_ConfigureEptHookFromVmxRoot = GengoLibrary.ImportNow("ConfigureEptHookFromVmxRoot") - __imp_ConfigureEptHook2 = GengoLibrary.ImportNow("ConfigureEptHook2") - __imp_ConfigureEptHook2FromVmxRoot = GengoLibrary.ImportNow("ConfigureEptHook2FromVmxRoot") - __imp_ConfigureEptHookMonitor = GengoLibrary.ImportNow("ConfigureEptHookMonitor") - __imp_ConfigureEptHookMonitorFromVmxRoot = GengoLibrary.ImportNow("ConfigureEptHookMonitorFromVmxRoot") - __imp_ConfigureEptHookModifyInstructionFetchState = GengoLibrary.ImportNow("ConfigureEptHookModifyInstructionFetchState") - __imp_ConfigureEptHookModifyPageReadState = GengoLibrary.ImportNow("ConfigureEptHookModifyPageReadState") - __imp_ConfigureEptHookModifyPageWriteState = GengoLibrary.ImportNow("ConfigureEptHookModifyPageWriteState") - __imp_ConfigureEptHookUnHookSingleAddress = GengoLibrary.ImportNow("ConfigureEptHookUnHookSingleAddress") - __imp_ConfigureEptHookUnHookSingleAddressFromVmxRoot = GengoLibrary.ImportNow("ConfigureEptHookUnHookSingleAddressFromVmxRoot") - __imp_ConfigureEptHookAllocateExtraHookingPagesForMemoryMonitorsAndExecEptHooks = GengoLibrary.ImportNow("ConfigureEptHookAllocateExtraHookingPagesForMemoryMonitorsAndExecEptHooks") - __imp_ConfigureEptHookReservePreallocatedPoolsForEptHooks = GengoLibrary.ImportNow("ConfigureEptHookReservePreallocatedPoolsForEptHooks") - __imp_ConfigureExecTrapAddProcessToWatchingList = GengoLibrary.ImportNow("ConfigureExecTrapAddProcessToWatchingList") - __imp_ConfigureExecTrapRemoveProcessFromWatchingList = GengoLibrary.ImportNow("ConfigureExecTrapRemoveProcessFromWatchingList") - __imp_DirectVmcallTest = GengoLibrary.ImportNow("DirectVmcallTest") - __imp_DirectVmcallPerformVmcall = GengoLibrary.ImportNow("DirectVmcallPerformVmcall") - __imp_DirectVmcallChangeMsrBitmapRead = GengoLibrary.ImportNow("DirectVmcallChangeMsrBitmapRead") - __imp_DirectVmcallChangeMsrBitmapWrite = GengoLibrary.ImportNow("DirectVmcallChangeMsrBitmapWrite") - __imp_DirectVmcallChangeIoBitmap = GengoLibrary.ImportNow("DirectVmcallChangeIoBitmap") - __imp_DirectVmcallEnableRdpmcExiting = GengoLibrary.ImportNow("DirectVmcallEnableRdpmcExiting") - __imp_DirectVmcallEnableRdtscpExiting = GengoLibrary.ImportNow("DirectVmcallEnableRdtscpExiting") - __imp_DirectVmcallEnableMov2DebugRegsExiting = GengoLibrary.ImportNow("DirectVmcallEnableMov2DebugRegsExiting") - __imp_DirectVmcallSetExceptionBitmap = GengoLibrary.ImportNow("DirectVmcallSetExceptionBitmap") - __imp_DirectVmcallEnableExternalInterruptExiting = GengoLibrary.ImportNow("DirectVmcallEnableExternalInterruptExiting") - __imp_DirectVmcallEnableMovToCrExiting = GengoLibrary.ImportNow("DirectVmcallEnableMovToCrExiting") - __imp_DirectVmcallEnableEferSyscall = GengoLibrary.ImportNow("DirectVmcallEnableEferSyscall") - __imp_DirectVmcallSetHiddenBreakpointHook = GengoLibrary.ImportNow("DirectVmcallSetHiddenBreakpointHook") - __imp_DirectVmcallInvalidateEptAllContexts = GengoLibrary.ImportNow("DirectVmcallInvalidateEptAllContexts") - __imp_DirectVmcallInvalidateSingleContext = GengoLibrary.ImportNow("DirectVmcallInvalidateSingleContext") - __imp_DirectVmcallUnsetExceptionBitmap = GengoLibrary.ImportNow("DirectVmcallUnsetExceptionBitmap") - __imp_DirectVmcallUnhookSinglePage = GengoLibrary.ImportNow("DirectVmcallUnhookSinglePage") - __imp_DirectVmcallSetDisableExternalInterruptExitingOnlyOnClearingInterruptEvents = GengoLibrary.ImportNow("DirectVmcallSetDisableExternalInterruptExitingOnlyOnClearingInterruptEvents") - __imp_DirectVmcallResetMsrBitmapRead = GengoLibrary.ImportNow("DirectVmcallResetMsrBitmapRead") - __imp_DirectVmcallResetMsrBitmapWrite = GengoLibrary.ImportNow("DirectVmcallResetMsrBitmapWrite") - __imp_DirectVmcallResetExceptionBitmapOnlyOnClearingExceptionEvents = GengoLibrary.ImportNow("DirectVmcallResetExceptionBitmapOnlyOnClearingExceptionEvents") - __imp_DirectVmcallResetIoBitmap = GengoLibrary.ImportNow("DirectVmcallResetIoBitmap") - __imp_DirectVmcallDisableRdtscExitingForClearingTscEvents = GengoLibrary.ImportNow("DirectVmcallDisableRdtscExitingForClearingTscEvents") - __imp_DirectVmcallDisableRdpmcExiting = GengoLibrary.ImportNow("DirectVmcallDisableRdpmcExiting") - __imp_DirectVmcallDisableEferSyscallEvents = GengoLibrary.ImportNow("DirectVmcallDisableEferSyscallEvents") - __imp_DirectVmcallDisableMov2DrExitingForClearingDrEvents = GengoLibrary.ImportNow("DirectVmcallDisableMov2DrExitingForClearingDrEvents") - __imp_DirectVmcallDisableMov2CrExitingForClearingCrEvents = GengoLibrary.ImportNow("DirectVmcallDisableMov2CrExitingForClearingCrEvents") - __imp_DisassemblerShowInstructionsInVmxNonRootMode = GengoLibrary.ImportNow("DisassemblerShowInstructionsInVmxNonRootMode") - __imp_DisassemblerShowOneInstructionInVmxNonRootMode = GengoLibrary.ImportNow("DisassemblerShowOneInstructionInVmxNonRootMode") - __imp_DisassemblerShowOneInstructionInVmxRootMode = GengoLibrary.ImportNow("DisassemblerShowOneInstructionInVmxRootMode") - __imp_VirtualAddressToPhysicalAddress = GengoLibrary.ImportNow("VirtualAddressToPhysicalAddress") - __imp_VirtualAddressToPhysicalAddressByProcessId = GengoLibrary.ImportNow("VirtualAddressToPhysicalAddressByProcessId") - __imp_VirtualAddressToPhysicalAddressByProcessCr3 = GengoLibrary.ImportNow("VirtualAddressToPhysicalAddressByProcessCr3") - __imp_VirtualAddressToPhysicalAddressOnTargetProcess = GengoLibrary.ImportNow("VirtualAddressToPhysicalAddressOnTargetProcess") - __imp_PhysicalAddressToVirtualAddress = GengoLibrary.ImportNow("PhysicalAddressToVirtualAddress") - __imp_PhysicalAddressToVirtualAddressByProcessId = GengoLibrary.ImportNow("PhysicalAddressToVirtualAddressByProcessId") - __imp_PhysicalAddressToVirtualAddressByCr3 = GengoLibrary.ImportNow("PhysicalAddressToVirtualAddressByCr3") - __imp_PhysicalAddressToVirtualAddressOnTargetProcess = GengoLibrary.ImportNow("PhysicalAddressToVirtualAddressOnTargetProcess") - __imp_SwitchToProcessMemoryLayout = GengoLibrary.ImportNow("SwitchToProcessMemoryLayout") - __imp_SwitchToCurrentProcessMemoryLayout = GengoLibrary.ImportNow("SwitchToCurrentProcessMemoryLayout") - __imp_SwitchToProcessMemoryLayoutByCr3 = GengoLibrary.ImportNow("SwitchToProcessMemoryLayoutByCr3") - __imp_SwitchToPreviousProcess = GengoLibrary.ImportNow("SwitchToPreviousProcess") - __imp_CheckAddressValidityUsingTsx = GengoLibrary.ImportNow("CheckAddressValidityUsingTsx") - __imp_CheckAccessValidityAndSafety = GengoLibrary.ImportNow("CheckAccessValidityAndSafety") - __imp_CheckAddressPhysical = GengoLibrary.ImportNow("CheckAddressPhysical") - __imp_CheckAddressMaximumInstructionLength = GengoLibrary.ImportNow("CheckAddressMaximumInstructionLength") - __imp_LayoutGetCurrentProcessCr3 = GengoLibrary.ImportNow("LayoutGetCurrentProcessCr3") - __imp_LayoutGetExactGuestProcessCr3 = GengoLibrary.ImportNow("LayoutGetExactGuestProcessCr3") - __imp_MemoryMapperGetPteVa = GengoLibrary.ImportNow("MemoryMapperGetPteVa") - __imp_MemoryMapperGetPteVaByCr3 = GengoLibrary.ImportNow("MemoryMapperGetPteVaByCr3") - __imp_MemoryMapperGetPteVaWithoutSwitchingByCr3 = GengoLibrary.ImportNow("MemoryMapperGetPteVaWithoutSwitchingByCr3") - __imp_MemoryMapperGetPteVaOnTargetProcess = GengoLibrary.ImportNow("MemoryMapperGetPteVaOnTargetProcess") - __imp_MemoryMapperSetExecuteDisableToPteOnTargetProcess = GengoLibrary.ImportNow("MemoryMapperSetExecuteDisableToPteOnTargetProcess") - __imp_MemoryMapperCheckPteIsPresentOnTargetProcess = GengoLibrary.ImportNow("MemoryMapperCheckPteIsPresentOnTargetProcess") - __imp_MemoryMapperReadMemorySafe = GengoLibrary.ImportNow("MemoryMapperReadMemorySafe") - __imp_MemoryMapperReadMemorySafeByPhysicalAddress = GengoLibrary.ImportNow("MemoryMapperReadMemorySafeByPhysicalAddress") - __imp_MemoryMapperReadMemorySafeOnTargetProcess = GengoLibrary.ImportNow("MemoryMapperReadMemorySafeOnTargetProcess") - __imp_DisassemblerLengthDisassembleEngine = GengoLibrary.ImportNow("DisassemblerLengthDisassembleEngine") - __imp_DisassemblerLengthDisassembleEngineInVmxRootOnTargetProcess = GengoLibrary.ImportNow("DisassemblerLengthDisassembleEngineInVmxRootOnTargetProcess") - __imp_MemoryMapperWriteMemorySafe = GengoLibrary.ImportNow("MemoryMapperWriteMemorySafe") - __imp_MemoryMapperWriteMemorySafeOnTargetProcess = GengoLibrary.ImportNow("MemoryMapperWriteMemorySafeOnTargetProcess") - __imp_MemoryMapperWriteMemorySafeByPhysicalAddress = GengoLibrary.ImportNow("MemoryMapperWriteMemorySafeByPhysicalAddress") - __imp_MemoryMapperWriteMemoryUnsafe = GengoLibrary.ImportNow("MemoryMapperWriteMemoryUnsafe") - __imp_MemoryMapperReserveUsermodeAddressOnTargetProcess = GengoLibrary.ImportNow("MemoryMapperReserveUsermodeAddressOnTargetProcess") - __imp_MemoryMapperFreeMemoryOnTargetProcess = GengoLibrary.ImportNow("MemoryMapperFreeMemoryOnTargetProcess") - __imp_MemoryMapperSetSupervisorBitWithoutSwitchingByCr3 = GengoLibrary.ImportNow("MemoryMapperSetSupervisorBitWithoutSwitchingByCr3") - __imp_MemoryMapperCheckIfPageIsNxBitSetOnTargetProcess = GengoLibrary.ImportNow("MemoryMapperCheckIfPageIsNxBitSetOnTargetProcess") - __imp_MemoryMapperCheckIfPdeIsLargePageOnTargetProcess = GengoLibrary.ImportNow("MemoryMapperCheckIfPdeIsLargePageOnTargetProcess") - __imp_MemoryManagerReadProcessMemoryNormal = GengoLibrary.ImportNow("MemoryManagerReadProcessMemoryNormal") - __imp_PoolManagerCheckAndPerformAllocationAndDeallocation = GengoLibrary.ImportNow("PoolManagerCheckAndPerformAllocationAndDeallocation") - __imp_PoolManagerRequestAllocation = GengoLibrary.ImportNow("PoolManagerRequestAllocation") - __imp_PoolManagerRequestPool = GengoLibrary.ImportNow("PoolManagerRequestPool") - __imp_PoolManagerFreePool = GengoLibrary.ImportNow("PoolManagerFreePool") - __imp_PoolManagerShowPreAllocatedPools = GengoLibrary.ImportNow("PoolManagerShowPreAllocatedPools") - __imp_SetGuestCsSel = GengoLibrary.ImportNow("SetGuestCsSel") - __imp_SetGuestCs = GengoLibrary.ImportNow("SetGuestCs") - __imp_GetGuestCs = GengoLibrary.ImportNow("GetGuestCs") - __imp_SetGuestSsSel = GengoLibrary.ImportNow("SetGuestSsSel") - __imp_SetGuestSs = GengoLibrary.ImportNow("SetGuestSs") - __imp_GetGuestSs = GengoLibrary.ImportNow("GetGuestSs") - __imp_SetGuestDsSel = GengoLibrary.ImportNow("SetGuestDsSel") - __imp_SetGuestDs = GengoLibrary.ImportNow("SetGuestDs") - __imp_GetGuestDs = GengoLibrary.ImportNow("GetGuestDs") - __imp_SetGuestFsSel = GengoLibrary.ImportNow("SetGuestFsSel") - __imp_SetGuestFs = GengoLibrary.ImportNow("SetGuestFs") - __imp_GetGuestFs = GengoLibrary.ImportNow("GetGuestFs") - __imp_SetGuestGsSel = GengoLibrary.ImportNow("SetGuestGsSel") - __imp_SetGuestGs = GengoLibrary.ImportNow("SetGuestGs") - __imp_GetGuestGs = GengoLibrary.ImportNow("GetGuestGs") - __imp_SetGuestEsSel = GengoLibrary.ImportNow("SetGuestEsSel") - __imp_SetGuestEs = GengoLibrary.ImportNow("SetGuestEs") - __imp_GetGuestEs = GengoLibrary.ImportNow("GetGuestEs") - __imp_SetGuestIdtr = GengoLibrary.ImportNow("SetGuestIdtr") - __imp_GetGuestIdtr = GengoLibrary.ImportNow("GetGuestIdtr") - __imp_SetGuestLdtr = GengoLibrary.ImportNow("SetGuestLdtr") - __imp_GetGuestLdtr = GengoLibrary.ImportNow("GetGuestLdtr") - __imp_SetGuestGdtr = GengoLibrary.ImportNow("SetGuestGdtr") - __imp_GetGuestGdtr = GengoLibrary.ImportNow("GetGuestGdtr") - __imp_SetGuestTr = GengoLibrary.ImportNow("SetGuestTr") - __imp_GetGuestTr = GengoLibrary.ImportNow("GetGuestTr") - __imp_SetGuestRFlags = GengoLibrary.ImportNow("SetGuestRFlags") - __imp_GetGuestRFlags = GengoLibrary.ImportNow("GetGuestRFlags") - __imp_SetGuestRIP = GengoLibrary.ImportNow("SetGuestRIP") - __imp_SetGuestRSP = GengoLibrary.ImportNow("SetGuestRSP") - __imp_GetGuestRIP = GengoLibrary.ImportNow("GetGuestRIP") - __imp_GetGuestCr0 = GengoLibrary.ImportNow("GetGuestCr0") - __imp_GetGuestCr2 = GengoLibrary.ImportNow("GetGuestCr2") - __imp_GetGuestCr3 = GengoLibrary.ImportNow("GetGuestCr3") - __imp_GetGuestCr4 = GengoLibrary.ImportNow("GetGuestCr4") - __imp_GetGuestCr8 = GengoLibrary.ImportNow("GetGuestCr8") - __imp_SetGuestCr0 = GengoLibrary.ImportNow("SetGuestCr0") - __imp_SetGuestCr2 = GengoLibrary.ImportNow("SetGuestCr2") - __imp_SetGuestCr3 = GengoLibrary.ImportNow("SetGuestCr3") - __imp_SetGuestCr4 = GengoLibrary.ImportNow("SetGuestCr4") - __imp_SetGuestCr8 = GengoLibrary.ImportNow("SetGuestCr8") - __imp_GetGuestDr0 = GengoLibrary.ImportNow("GetGuestDr0") - __imp_GetGuestDr1 = GengoLibrary.ImportNow("GetGuestDr1") - __imp_GetGuestDr2 = GengoLibrary.ImportNow("GetGuestDr2") - __imp_GetGuestDr3 = GengoLibrary.ImportNow("GetGuestDr3") - __imp_GetGuestDr6 = GengoLibrary.ImportNow("GetGuestDr6") - __imp_GetGuestDr7 = GengoLibrary.ImportNow("GetGuestDr7") - __imp_SetGuestDr0 = GengoLibrary.ImportNow("SetGuestDr0") - __imp_SetGuestDr1 = GengoLibrary.ImportNow("SetGuestDr1") - __imp_SetGuestDr2 = GengoLibrary.ImportNow("SetGuestDr2") - __imp_SetGuestDr3 = GengoLibrary.ImportNow("SetGuestDr3") - __imp_SetGuestDr6 = GengoLibrary.ImportNow("SetGuestDr6") - __imp_SetGuestDr7 = GengoLibrary.ImportNow("SetGuestDr7") - __imp_SetDebugRegisters = GengoLibrary.ImportNow("SetDebugRegisters") - __imp_TransparentHideDebugger = GengoLibrary.ImportNow("TransparentHideDebugger") - __imp_TransparentUnhideDebugger = GengoLibrary.ImportNow("TransparentUnhideDebugger") - __imp_BroadcastEnableBreakpointExitingOnExceptionBitmapAllCores = GengoLibrary.ImportNow("BroadcastEnableBreakpointExitingOnExceptionBitmapAllCores") - __imp_BroadcastDisableBreakpointExitingOnExceptionBitmapAllCores = GengoLibrary.ImportNow("BroadcastDisableBreakpointExitingOnExceptionBitmapAllCores") - __imp_BroadcastEnableDbAndBpExitingAllCores = GengoLibrary.ImportNow("BroadcastEnableDbAndBpExitingAllCores") - __imp_BroadcastDisableDbAndBpExitingAllCores = GengoLibrary.ImportNow("BroadcastDisableDbAndBpExitingAllCores") - __imp_BroadcastEnableRdtscExitingAllCores = GengoLibrary.ImportNow("BroadcastEnableRdtscExitingAllCores") - __imp_BroadcastDisableRdtscExitingAllCores = GengoLibrary.ImportNow("BroadcastDisableRdtscExitingAllCores") - __imp_BroadcastChangeAllMsrBitmapReadAllCores = GengoLibrary.ImportNow("BroadcastChangeAllMsrBitmapReadAllCores") - __imp_BroadcastResetChangeAllMsrBitmapReadAllCores = GengoLibrary.ImportNow("BroadcastResetChangeAllMsrBitmapReadAllCores") - __imp_BroadcastChangeAllMsrBitmapWriteAllCores = GengoLibrary.ImportNow("BroadcastChangeAllMsrBitmapWriteAllCores") - __imp_BroadcastResetAllMsrBitmapWriteAllCores = GengoLibrary.ImportNow("BroadcastResetAllMsrBitmapWriteAllCores") - __imp_BroadcastDisableRdtscExitingForClearingEventsAllCores = GengoLibrary.ImportNow("BroadcastDisableRdtscExitingForClearingEventsAllCores") - __imp_BroadcastDisableMov2ControlRegsExitingForClearingEventsAllCores = GengoLibrary.ImportNow("BroadcastDisableMov2ControlRegsExitingForClearingEventsAllCores") - __imp_BroadcastDisableMov2DebugRegsExitingForClearingEventsAllCores = GengoLibrary.ImportNow("BroadcastDisableMov2DebugRegsExitingForClearingEventsAllCores") - __imp_BroadcastEnableRdpmcExitingAllCores = GengoLibrary.ImportNow("BroadcastEnableRdpmcExitingAllCores") - __imp_BroadcastDisableRdpmcExitingAllCores = GengoLibrary.ImportNow("BroadcastDisableRdpmcExitingAllCores") - __imp_BroadcastSetExceptionBitmapAllCores = GengoLibrary.ImportNow("BroadcastSetExceptionBitmapAllCores") - __imp_BroadcastUnsetExceptionBitmapAllCores = GengoLibrary.ImportNow("BroadcastUnsetExceptionBitmapAllCores") - __imp_BroadcastResetExceptionBitmapAllCores = GengoLibrary.ImportNow("BroadcastResetExceptionBitmapAllCores") - __imp_BroadcastEnableMovControlRegisterExitingAllCores = GengoLibrary.ImportNow("BroadcastEnableMovControlRegisterExitingAllCores") - __imp_BroadcastDisableMovToControlRegistersExitingAllCores = GengoLibrary.ImportNow("BroadcastDisableMovToControlRegistersExitingAllCores") - __imp_BroadcastEnableMovDebugRegistersExitingAllCores = GengoLibrary.ImportNow("BroadcastEnableMovDebugRegistersExitingAllCores") - __imp_BroadcastDisableMovDebugRegistersExitingAllCores = GengoLibrary.ImportNow("BroadcastDisableMovDebugRegistersExitingAllCores") - __imp_BroadcastSetExternalInterruptExitingAllCores = GengoLibrary.ImportNow("BroadcastSetExternalInterruptExitingAllCores") - __imp_BroadcastUnsetExternalInterruptExitingOnlyOnClearingInterruptEventsAllCores = GengoLibrary.ImportNow("BroadcastUnsetExternalInterruptExitingOnlyOnClearingInterruptEventsAllCores") - __imp_BroadcastIoBitmapChangeAllCores = GengoLibrary.ImportNow("BroadcastIoBitmapChangeAllCores") - __imp_BroadcastIoBitmapResetAllCores = GengoLibrary.ImportNow("BroadcastIoBitmapResetAllCores") - __imp_BroadcastEnableMovToCr3ExitingOnAllProcessors = GengoLibrary.ImportNow("BroadcastEnableMovToCr3ExitingOnAllProcessors") - __imp_BroadcastDisableMovToCr3ExitingOnAllProcessors = GengoLibrary.ImportNow("BroadcastDisableMovToCr3ExitingOnAllProcessors") - __imp_BroadcastEnableEferSyscallEventsOnAllProcessors = GengoLibrary.ImportNow("BroadcastEnableEferSyscallEventsOnAllProcessors") - __imp_BroadcastDisableEferSyscallEventsOnAllProcessors = GengoLibrary.ImportNow("BroadcastDisableEferSyscallEventsOnAllProcessors") -} - -// /////////////////////////////////////////////// -func VmFuncVmxVmcall(VmcallNumber uint64, OptionalParam1 uint64, OptionalParam2 uint64, OptionalParam3 uint64) int32 { - __res := gengort.CCall4(__imp_VmFuncVmxVmcall.Addr(), gengort.MarshallSyscall(VmcallNumber), gengort.MarshallSyscall(OptionalParam1), gengort.MarshallSyscall(OptionalParam2), gengort.MarshallSyscall(OptionalParam3)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_VmFuncPerformRipIncrement gengort.PreloadProc - -func VmFuncPerformRipIncrement(CoreId int32) int32 { - __res := gengort.CCall1(__imp_VmFuncPerformRipIncrement.Addr(), gengort.MarshallSyscall(CoreId)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_VmFuncSuppressRipIncrement gengort.PreloadProc - -func VmFuncSuppressRipIncrement(CoreId int32) int32 { - __res := gengort.CCall1(__imp_VmFuncSuppressRipIncrement.Addr(), gengort.MarshallSyscall(CoreId)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_VmFuncChangeMtfUnsettingState gengort.PreloadProc - -func VmFuncChangeMtfUnsettingState(CoreId int32, Set int32) int32 { - __res := gengort.CCall2(__imp_VmFuncChangeMtfUnsettingState.Addr(), gengort.MarshallSyscall(CoreId), gengort.MarshallSyscall(Set)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_VmFuncChangeIgnoreOneMtfState gengort.PreloadProc - -func VmFuncChangeIgnoreOneMtfState(CoreId int32, Set int32) int32 { - __res := gengort.CCall2(__imp_VmFuncChangeIgnoreOneMtfState.Addr(), gengort.MarshallSyscall(CoreId), gengort.MarshallSyscall(Set)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_VmFuncSetMonitorTrapFlag gengort.PreloadProc - -func VmFuncSetMonitorTrapFlag(Set int32) int32 { - __res := gengort.CCall1(__imp_VmFuncSetMonitorTrapFlag.Addr(), gengort.MarshallSyscall(Set)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_VmFuncSetRflagTrapFlag gengort.PreloadProc - -func VmFuncSetRflagTrapFlag(Set int32) int32 { - __res := gengort.CCall1(__imp_VmFuncSetRflagTrapFlag.Addr(), gengort.MarshallSyscall(Set)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_VmFuncRegisterMtfBreak gengort.PreloadProc - -func VmFuncRegisterMtfBreak(CoreId int32) int32 { - __res := gengort.CCall1(__imp_VmFuncRegisterMtfBreak.Addr(), gengort.MarshallSyscall(CoreId)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_VmFuncUnRegisterMtfBreak gengort.PreloadProc - -func VmFuncUnRegisterMtfBreak(CoreId int32) int32 { - __res := gengort.CCall1(__imp_VmFuncUnRegisterMtfBreak.Addr(), gengort.MarshallSyscall(CoreId)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_VmFuncSetLoadDebugControls gengort.PreloadProc - -func VmFuncSetLoadDebugControls(Set int32) int32 { - __res := gengort.CCall1(__imp_VmFuncSetLoadDebugControls.Addr(), gengort.MarshallSyscall(Set)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_VmFuncSetSaveDebugControls gengort.PreloadProc - -func VmFuncSetSaveDebugControls(Set int32) int32 { - __res := gengort.CCall1(__imp_VmFuncSetSaveDebugControls.Addr(), gengort.MarshallSyscall(Set)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_VmFuncSetPmcVmexit gengort.PreloadProc - -func VmFuncSetPmcVmexit(Set int32) int32 { - __res := gengort.CCall1(__imp_VmFuncSetPmcVmexit.Addr(), gengort.MarshallSyscall(Set)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_VmFuncSetMovControlRegsExiting gengort.PreloadProc - -func VmFuncSetMovControlRegsExiting(Set int32, ControlRegister int32, MaskRegister int32) int32 { - __res := gengort.CCall3(__imp_VmFuncSetMovControlRegsExiting.Addr(), gengort.MarshallSyscall(Set), gengort.MarshallSyscall(ControlRegister), gengort.MarshallSyscall(MaskRegister)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_VmFuncSetMovToCr3Vmexit gengort.PreloadProc - -func VmFuncSetMovToCr3Vmexit(CoreId int32, Set int32) int32 { - __res := gengort.CCall2(__imp_VmFuncSetMovToCr3Vmexit.Addr(), gengort.MarshallSyscall(CoreId), gengort.MarshallSyscall(Set)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_VmFuncWriteExceptionBitmap gengort.PreloadProc - -func VmFuncWriteExceptionBitmap(BitmapMask int32) int32 { - __res := gengort.CCall1(__imp_VmFuncWriteExceptionBitmap.Addr(), gengort.MarshallSyscall(BitmapMask)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_VmFuncSetInterruptWindowExiting gengort.PreloadProc - -func VmFuncSetInterruptWindowExiting(Set int32) int32 { - __res := gengort.CCall1(__imp_VmFuncSetInterruptWindowExiting.Addr(), gengort.MarshallSyscall(Set)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_VmFuncSetNmiWindowExiting gengort.PreloadProc - -func VmFuncSetNmiWindowExiting(Set int32) int32 { - __res := gengort.CCall1(__imp_VmFuncSetNmiWindowExiting.Addr(), gengort.MarshallSyscall(Set)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_VmFuncSetNmiExiting gengort.PreloadProc - -func VmFuncSetNmiExiting(Set int32) int32 { - __res := gengort.CCall1(__imp_VmFuncSetNmiExiting.Addr(), gengort.MarshallSyscall(Set)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_VmFuncSetExceptionBitmap gengort.PreloadProc - -func VmFuncSetExceptionBitmap(CoreId int32, IdtIndex int32) int32 { - __res := gengort.CCall2(__imp_VmFuncSetExceptionBitmap.Addr(), gengort.MarshallSyscall(CoreId), gengort.MarshallSyscall(IdtIndex)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_VmFuncUnsetExceptionBitmap gengort.PreloadProc - -func VmFuncUnsetExceptionBitmap(CoreId int32, IdtIndex int32) int32 { - __res := gengort.CCall2(__imp_VmFuncUnsetExceptionBitmap.Addr(), gengort.MarshallSyscall(CoreId), gengort.MarshallSyscall(IdtIndex)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_VmFuncSetExternalInterruptExiting gengort.PreloadProc - -func VmFuncSetExternalInterruptExiting(CoreId int32, Set int32) int32 { - __res := gengort.CCall2(__imp_VmFuncSetExternalInterruptExiting.Addr(), gengort.MarshallSyscall(CoreId), gengort.MarshallSyscall(Set)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_VmFuncSetRdtscExiting gengort.PreloadProc - -func VmFuncSetRdtscExiting(CoreId int32, Set int32) int32 { - __res := gengort.CCall2(__imp_VmFuncSetRdtscExiting.Addr(), gengort.MarshallSyscall(CoreId), gengort.MarshallSyscall(Set)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_VmFuncSetMovDebugRegsExiting gengort.PreloadProc - -func VmFuncSetMovDebugRegsExiting(CoreId int32, Set int32) int32 { - __res := gengort.CCall2(__imp_VmFuncSetMovDebugRegsExiting.Addr(), gengort.MarshallSyscall(CoreId), gengort.MarshallSyscall(Set)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_VmFuncInjectPendingExternalInterrupts gengort.PreloadProc - -func VmFuncInjectPendingExternalInterrupts(CoreId int32) int32 { - __res := gengort.CCall1(__imp_VmFuncInjectPendingExternalInterrupts.Addr(), gengort.MarshallSyscall(CoreId)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_VmFuncSetRflags gengort.PreloadProc - -func VmFuncSetRflags(Rflags int32) int32 { - __res := gengort.CCall1(__imp_VmFuncSetRflags.Addr(), gengort.MarshallSyscall(Rflags)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_VmFuncSetRip gengort.PreloadProc - -func VmFuncSetRip(Rip int32) int32 { - __res := gengort.CCall1(__imp_VmFuncSetRip.Addr(), gengort.MarshallSyscall(Rip)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_VmFuncSetTriggerEventForVmcalls gengort.PreloadProc - -func VmFuncSetTriggerEventForVmcalls(Set int32) int32 { - __res := gengort.CCall1(__imp_VmFuncSetTriggerEventForVmcalls.Addr(), gengort.MarshallSyscall(Set)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_VmFuncSetTriggerEventForCpuids gengort.PreloadProc - -func VmFuncSetTriggerEventForCpuids(Set int32) int32 { - __res := gengort.CCall1(__imp_VmFuncSetTriggerEventForCpuids.Addr(), gengort.MarshallSyscall(Set)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_VmFuncSetInterruptibilityState gengort.PreloadProc - -func VmFuncSetInterruptibilityState(InterruptibilityState int32) int32 { - __res := gengort.CCall1(__imp_VmFuncSetInterruptibilityState.Addr(), gengort.MarshallSyscall(InterruptibilityState)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_VmFuncCheckAndEnableExternalInterrupts gengort.PreloadProc - -func VmFuncCheckAndEnableExternalInterrupts(CoreId int32) int32 { - __res := gengort.CCall1(__imp_VmFuncCheckAndEnableExternalInterrupts.Addr(), gengort.MarshallSyscall(CoreId)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_VmFuncDisableExternalInterruptsAndInterruptWindow gengort.PreloadProc - -func VmFuncDisableExternalInterruptsAndInterruptWindow(CoreId int32) int32 { - __res := gengort.CCall1(__imp_VmFuncDisableExternalInterruptsAndInterruptWindow.Addr(), gengort.MarshallSyscall(CoreId)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_VmFuncEventInjectPageFaultWithCr2 gengort.PreloadProc - -func VmFuncEventInjectPageFaultWithCr2(CoreId int32, Address int32, PageFaultCode int32) int32 { - __res := gengort.CCall3(__imp_VmFuncEventInjectPageFaultWithCr2.Addr(), gengort.MarshallSyscall(CoreId), gengort.MarshallSyscall(Address), gengort.MarshallSyscall(PageFaultCode)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_VmFuncEventInjectPageFaultRangeAddress gengort.PreloadProc - -func VmFuncEventInjectPageFaultRangeAddress(CoreId int32, AddressFrom int32, AddressTo int32, PageFaultCode int32) int32 { - __res := gengort.CCall4(__imp_VmFuncEventInjectPageFaultRangeAddress.Addr(), gengort.MarshallSyscall(CoreId), gengort.MarshallSyscall(AddressFrom), gengort.MarshallSyscall(AddressTo), gengort.MarshallSyscall(PageFaultCode)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_VmFuncEventInjectInterruption gengort.PreloadProc - -func VmFuncEventInjectInterruption(InterruptionType int32, Vector int32, DeliverErrorCode int32, ErrorCode int32) int32 { - __res := gengort.CCall4(__imp_VmFuncEventInjectInterruption.Addr(), gengort.MarshallSyscall(InterruptionType), gengort.MarshallSyscall(Vector), gengort.MarshallSyscall(DeliverErrorCode), gengort.MarshallSyscall(ErrorCode)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_VmFuncVmxBroadcastInitialize gengort.PreloadProc - -func VmFuncVmxBroadcastInitialize() int32 { - __res := gengort.CCall0(__imp_VmFuncVmxBroadcastInitialize.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_VmFuncVmxBroadcastUninitialize gengort.PreloadProc - -func VmFuncVmxBroadcastUninitialize() int32 { - __res := gengort.CCall0(__imp_VmFuncVmxBroadcastUninitialize.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_VmFuncEventInjectBreakpoint gengort.PreloadProc - -func VmFuncEventInjectBreakpoint() int32 { - __res := gengort.CCall0(__imp_VmFuncEventInjectBreakpoint.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_VmFuncInvalidateEptSingleContext gengort.PreloadProc - -func VmFuncInvalidateEptSingleContext(CoreId int32) int32 { - __res := gengort.CCall1(__imp_VmFuncInvalidateEptSingleContext.Addr(), gengort.MarshallSyscall(CoreId)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_VmFuncInvalidateEptAllContexts gengort.PreloadProc - -func VmFuncInvalidateEptAllContexts() int32 { - __res := gengort.CCall0(__imp_VmFuncInvalidateEptAllContexts.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_VmFuncUninitVmm gengort.PreloadProc - -func VmFuncUninitVmm() int32 { - __res := gengort.CCall0(__imp_VmFuncUninitVmm.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_VmFuncEnableMtfAndChangeExternalInterruptState gengort.PreloadProc - -func VmFuncEnableMtfAndChangeExternalInterruptState(CoreId int32) int32 { - __res := gengort.CCall1(__imp_VmFuncEnableMtfAndChangeExternalInterruptState.Addr(), gengort.MarshallSyscall(CoreId)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_VmFuncEnableAndCheckForPreviousExternalInterrupts gengort.PreloadProc - -func VmFuncEnableAndCheckForPreviousExternalInterrupts(CoreId int32) int32 { - __res := gengort.CCall1(__imp_VmFuncEnableAndCheckForPreviousExternalInterrupts.Addr(), gengort.MarshallSyscall(CoreId)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_VmFuncGetCsSelector gengort.PreloadProc - -func VmFuncGetCsSelector() int32 { - __res := gengort.CCall0(__imp_VmFuncGetCsSelector.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_VmFuncReadExceptionBitmap gengort.PreloadProc - -func VmFuncReadExceptionBitmap() int32 { - __res := gengort.CCall0(__imp_VmFuncReadExceptionBitmap.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_VmFuncGetLastVmexitRip gengort.PreloadProc - -func VmFuncGetLastVmexitRip(CoreId int32) int32 { - __res := gengort.CCall1(__imp_VmFuncGetLastVmexitRip.Addr(), gengort.MarshallSyscall(CoreId)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_VmFuncGetRflags gengort.PreloadProc - -func VmFuncGetRflags() int32 { - __res := gengort.CCall0(__imp_VmFuncGetRflags.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_VmFuncGetRip gengort.PreloadProc - -func VmFuncGetRip() int32 { - __res := gengort.CCall0(__imp_VmFuncGetRip.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_VmFuncGetInterruptibilityState gengort.PreloadProc - -func VmFuncGetInterruptibilityState() int32 { - __res := gengort.CCall0(__imp_VmFuncGetInterruptibilityState.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_VmFuncClearSteppingBits gengort.PreloadProc - -func VmFuncClearSteppingBits(Interruptibility int32) int32 { - __res := gengort.CCall1(__imp_VmFuncClearSteppingBits.Addr(), gengort.MarshallSyscall(Interruptibility)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_VmFuncInitVmm gengort.PreloadProc - -func VmFuncInitVmm(VmmCallbacks *int32) int32 { - __res := gengort.CCall1(__imp_VmFuncInitVmm.Addr(), gengort.MarshallSyscall(VmmCallbacks)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_VmFuncVmxCompatibleStrlen gengort.PreloadProc - -func VmFuncVmxCompatibleStrlen(s *int32) int32 { - __res := gengort.CCall1(__imp_VmFuncVmxCompatibleStrlen.Addr(), gengort.MarshallSyscall(s)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_VmFuncVmxCompatibleWcslen gengort.PreloadProc - -func VmFuncVmxCompatibleWcslen(s *int32) int32 { - __res := gengort.CCall1(__imp_VmFuncVmxCompatibleWcslen.Addr(), gengort.MarshallSyscall(s)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_VmFuncNmiBroadcastRequest gengort.PreloadProc - -func VmFuncNmiBroadcastRequest(CoreId int32) int32 { - __res := gengort.CCall1(__imp_VmFuncNmiBroadcastRequest.Addr(), gengort.MarshallSyscall(CoreId)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_VmFuncNmiBroadcastInvalidateEptSingleContext gengort.PreloadProc - -func VmFuncNmiBroadcastInvalidateEptSingleContext(CoreId int32) int32 { - __res := gengort.CCall1(__imp_VmFuncNmiBroadcastInvalidateEptSingleContext.Addr(), gengort.MarshallSyscall(CoreId)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_VmFuncNmiBroadcastInvalidateEptAllContexts gengort.PreloadProc - -func VmFuncNmiBroadcastInvalidateEptAllContexts(CoreId int32) int32 { - __res := gengort.CCall1(__imp_VmFuncNmiBroadcastInvalidateEptAllContexts.Addr(), gengort.MarshallSyscall(CoreId)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_VmFuncVmxGetCurrentExecutionMode gengort.PreloadProc - -func VmFuncVmxGetCurrentExecutionMode() int32 { - __res := gengort.CCall0(__imp_VmFuncVmxGetCurrentExecutionMode.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_VmFuncQueryModeExecTrap gengort.PreloadProc - -func VmFuncQueryModeExecTrap() int32 { - __res := gengort.CCall0(__imp_VmFuncQueryModeExecTrap.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_VmFuncVmxCompatibleStrcmp gengort.PreloadProc - -func VmFuncVmxCompatibleStrcmp(Address1 *int32, Address2 *int32) int32 { - __res := gengort.CCall2(__imp_VmFuncVmxCompatibleStrcmp.Addr(), gengort.MarshallSyscall(Address1), gengort.MarshallSyscall(Address2)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_VmFuncVmxCompatibleStrncmp gengort.PreloadProc - -func VmFuncVmxCompatibleStrncmp(Address1 *int32, Address2 *int32, Num int32) int32 { - __res := gengort.CCall3(__imp_VmFuncVmxCompatibleStrncmp.Addr(), gengort.MarshallSyscall(Address1), gengort.MarshallSyscall(Address2), gengort.MarshallSyscall(Num)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_VmFuncVmxCompatibleWcscmp gengort.PreloadProc - -func VmFuncVmxCompatibleWcscmp(Address1 *int32, Address2 *int32) int32 { - __res := gengort.CCall2(__imp_VmFuncVmxCompatibleWcscmp.Addr(), gengort.MarshallSyscall(Address1), gengort.MarshallSyscall(Address2)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_VmFuncVmxCompatibleWcsncmp gengort.PreloadProc - -func VmFuncVmxCompatibleWcsncmp(Address1 *int32, Address2 *int32, Num int32) int32 { - __res := gengort.CCall3(__imp_VmFuncVmxCompatibleWcsncmp.Addr(), gengort.MarshallSyscall(Address1), gengort.MarshallSyscall(Address2), gengort.MarshallSyscall(Num)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_VmFuncVmxCompatibleMemcmp gengort.PreloadProc - -func VmFuncVmxCompatibleMemcmp(Address1 *int32, Address2 *int32, Count uint) int32 { - __res := gengort.CCall3(__imp_VmFuncVmxCompatibleMemcmp.Addr(), gengort.MarshallSyscall(Address1), gengort.MarshallSyscall(Address2), gengort.MarshallSyscall(Count)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_ConfigureEnableMovToCr3ExitingOnAllProcessors gengort.PreloadProc - -// /////////////////////////////////////////////// -func ConfigureEnableMovToCr3ExitingOnAllProcessors() int32 { - __res := gengort.CCall0(__imp_ConfigureEnableMovToCr3ExitingOnAllProcessors.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_ConfigureDisableMovToCr3ExitingOnAllProcessors gengort.PreloadProc - -func ConfigureDisableMovToCr3ExitingOnAllProcessors() int32 { - __res := gengort.CCall0(__imp_ConfigureDisableMovToCr3ExitingOnAllProcessors.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_ConfigureEnableEferSyscallEventsOnAllProcessors gengort.PreloadProc - -func ConfigureEnableEferSyscallEventsOnAllProcessors() int32 { - __res := gengort.CCall0(__imp_ConfigureEnableEferSyscallEventsOnAllProcessors.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_ConfigureDisableEferSyscallEventsOnAllProcessors gengort.PreloadProc - -func ConfigureDisableEferSyscallEventsOnAllProcessors() int32 { - __res := gengort.CCall0(__imp_ConfigureDisableEferSyscallEventsOnAllProcessors.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_ConfigureSetExternalInterruptExitingOnSingleCore gengort.PreloadProc - -func ConfigureSetExternalInterruptExitingOnSingleCore(TargetCoreId int32) int32 { - __res := gengort.CCall1(__imp_ConfigureSetExternalInterruptExitingOnSingleCore.Addr(), gengort.MarshallSyscall(TargetCoreId)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_ConfigureEnableRdtscExitingOnSingleCore gengort.PreloadProc - -func ConfigureEnableRdtscExitingOnSingleCore(TargetCoreId int32) int32 { - __res := gengort.CCall1(__imp_ConfigureEnableRdtscExitingOnSingleCore.Addr(), gengort.MarshallSyscall(TargetCoreId)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_ConfigureEnableRdpmcExitingOnSingleCore gengort.PreloadProc - -func ConfigureEnableRdpmcExitingOnSingleCore(TargetCoreId int32) int32 { - __res := gengort.CCall1(__imp_ConfigureEnableRdpmcExitingOnSingleCore.Addr(), gengort.MarshallSyscall(TargetCoreId)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_ConfigureEnableMovToDebugRegistersExitingOnSingleCore gengort.PreloadProc - -func ConfigureEnableMovToDebugRegistersExitingOnSingleCore(TargetCoreId int32) int32 { - __res := gengort.CCall1(__imp_ConfigureEnableMovToDebugRegistersExitingOnSingleCore.Addr(), gengort.MarshallSyscall(TargetCoreId)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_ConfigureSetExceptionBitmapOnSingleCore gengort.PreloadProc - -func ConfigureSetExceptionBitmapOnSingleCore(TargetCoreId int32, BitMask int32) int32 { - __res := gengort.CCall2(__imp_ConfigureSetExceptionBitmapOnSingleCore.Addr(), gengort.MarshallSyscall(TargetCoreId), gengort.MarshallSyscall(BitMask)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_ConfigureEnableMovToControlRegisterExitingOnSingleCore gengort.PreloadProc - -func ConfigureEnableMovToControlRegisterExitingOnSingleCore(TargetCoreId int32, BroadcastingOption *int32) int32 { - __res := gengort.CCall2(__imp_ConfigureEnableMovToControlRegisterExitingOnSingleCore.Addr(), gengort.MarshallSyscall(TargetCoreId), gengort.MarshallSyscall(BroadcastingOption)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_ConfigureChangeMsrBitmapWriteOnSingleCore gengort.PreloadProc - -func ConfigureChangeMsrBitmapWriteOnSingleCore(TargetCoreId int32, MsrMask int32) int32 { - __res := gengort.CCall2(__imp_ConfigureChangeMsrBitmapWriteOnSingleCore.Addr(), gengort.MarshallSyscall(TargetCoreId), gengort.MarshallSyscall(MsrMask)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_ConfigureChangeMsrBitmapReadOnSingleCore gengort.PreloadProc - -func ConfigureChangeMsrBitmapReadOnSingleCore(TargetCoreId int32, MsrMask int32) int32 { - __res := gengort.CCall2(__imp_ConfigureChangeMsrBitmapReadOnSingleCore.Addr(), gengort.MarshallSyscall(TargetCoreId), gengort.MarshallSyscall(MsrMask)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_ConfigureChangeIoBitmapOnSingleCore gengort.PreloadProc - -func ConfigureChangeIoBitmapOnSingleCore(TargetCoreId int32, Port int32) int32 { - __res := gengort.CCall2(__imp_ConfigureChangeIoBitmapOnSingleCore.Addr(), gengort.MarshallSyscall(TargetCoreId), gengort.MarshallSyscall(Port)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_ConfigureEnableEferSyscallHookOnSingleCore gengort.PreloadProc - -func ConfigureEnableEferSyscallHookOnSingleCore(TargetCoreId int32) int32 { - __res := gengort.CCall1(__imp_ConfigureEnableEferSyscallHookOnSingleCore.Addr(), gengort.MarshallSyscall(TargetCoreId)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_ConfigureSetEferSyscallOrSysretHookType gengort.PreloadProc - -func ConfigureSetEferSyscallOrSysretHookType(SyscallHookType int32) int32 { - __res := gengort.CCall1(__imp_ConfigureSetEferSyscallOrSysretHookType.Addr(), gengort.MarshallSyscall(SyscallHookType)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_ConfigureDirtyLoggingInitializeOnAllProcessors gengort.PreloadProc - -func ConfigureDirtyLoggingInitializeOnAllProcessors() int32 { - __res := gengort.CCall0(__imp_ConfigureDirtyLoggingInitializeOnAllProcessors.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_ConfigureDirtyLoggingUninitializeOnAllProcessors gengort.PreloadProc - -func ConfigureDirtyLoggingUninitializeOnAllProcessors() int32 { - __res := gengort.CCall0(__imp_ConfigureDirtyLoggingUninitializeOnAllProcessors.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_ConfigureModeBasedExecHookUninitializeOnAllProcessors gengort.PreloadProc - -func ConfigureModeBasedExecHookUninitializeOnAllProcessors() int32 { - __res := gengort.CCall0(__imp_ConfigureModeBasedExecHookUninitializeOnAllProcessors.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_ConfigureUninitializeExecTrapOnAllProcessors gengort.PreloadProc - -func ConfigureUninitializeExecTrapOnAllProcessors() int32 { - __res := gengort.CCall0(__imp_ConfigureUninitializeExecTrapOnAllProcessors.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_ConfigureInitializeExecTrapOnAllProcessors gengort.PreloadProc - -func ConfigureInitializeExecTrapOnAllProcessors() int32 { - __res := gengort.CCall0(__imp_ConfigureInitializeExecTrapOnAllProcessors.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_ConfigureEptHook gengort.PreloadProc - -func ConfigureEptHook(TargetAddress int32, ProcessId int32) int32 { - __res := gengort.CCall2(__imp_ConfigureEptHook.Addr(), gengort.MarshallSyscall(TargetAddress), gengort.MarshallSyscall(ProcessId)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_ConfigureEptHookFromVmxRoot gengort.PreloadProc - -func ConfigureEptHookFromVmxRoot(TargetAddress int32) int32 { - __res := gengort.CCall1(__imp_ConfigureEptHookFromVmxRoot.Addr(), gengort.MarshallSyscall(TargetAddress)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_ConfigureEptHook2 gengort.PreloadProc - -func ConfigureEptHook2(CoreId int32, TargetAddress int32, HookFunction int32, ProcessId int32) int32 { - __res := gengort.CCall4(__imp_ConfigureEptHook2.Addr(), gengort.MarshallSyscall(CoreId), gengort.MarshallSyscall(TargetAddress), gengort.MarshallSyscall(HookFunction), gengort.MarshallSyscall(ProcessId)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_ConfigureEptHook2FromVmxRoot gengort.PreloadProc - -func ConfigureEptHook2FromVmxRoot(CoreId int32, TargetAddress int32, HookFunction int32) int32 { - __res := gengort.CCall3(__imp_ConfigureEptHook2FromVmxRoot.Addr(), gengort.MarshallSyscall(CoreId), gengort.MarshallSyscall(TargetAddress), gengort.MarshallSyscall(HookFunction)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_ConfigureEptHookMonitor gengort.PreloadProc - -func ConfigureEptHookMonitor(CoreId int32, HookingDetails *int32, ProcessId int32) int32 { - __res := gengort.CCall3(__imp_ConfigureEptHookMonitor.Addr(), gengort.MarshallSyscall(CoreId), gengort.MarshallSyscall(HookingDetails), gengort.MarshallSyscall(ProcessId)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_ConfigureEptHookMonitorFromVmxRoot gengort.PreloadProc - -func ConfigureEptHookMonitorFromVmxRoot(CoreId int32, MemoryAddressDetails *int32) int32 { - __res := gengort.CCall2(__imp_ConfigureEptHookMonitorFromVmxRoot.Addr(), gengort.MarshallSyscall(CoreId), gengort.MarshallSyscall(MemoryAddressDetails)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_ConfigureEptHookModifyInstructionFetchState gengort.PreloadProc - -func ConfigureEptHookModifyInstructionFetchState(CoreId int32, PhysicalAddress int32, IsUnset int32) int32 { - __res := gengort.CCall3(__imp_ConfigureEptHookModifyInstructionFetchState.Addr(), gengort.MarshallSyscall(CoreId), gengort.MarshallSyscall(PhysicalAddress), gengort.MarshallSyscall(IsUnset)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_ConfigureEptHookModifyPageReadState gengort.PreloadProc - -func ConfigureEptHookModifyPageReadState(CoreId int32, PhysicalAddress int32, IsUnset int32) int32 { - __res := gengort.CCall3(__imp_ConfigureEptHookModifyPageReadState.Addr(), gengort.MarshallSyscall(CoreId), gengort.MarshallSyscall(PhysicalAddress), gengort.MarshallSyscall(IsUnset)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_ConfigureEptHookModifyPageWriteState gengort.PreloadProc - -func ConfigureEptHookModifyPageWriteState(CoreId int32, PhysicalAddress int32, IsUnset int32) int32 { - __res := gengort.CCall3(__imp_ConfigureEptHookModifyPageWriteState.Addr(), gengort.MarshallSyscall(CoreId), gengort.MarshallSyscall(PhysicalAddress), gengort.MarshallSyscall(IsUnset)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_ConfigureEptHookUnHookSingleAddress gengort.PreloadProc - -func ConfigureEptHookUnHookSingleAddress(VirtualAddress int32, PhysAddress int32, ProcessId int32) int32 { - __res := gengort.CCall3(__imp_ConfigureEptHookUnHookSingleAddress.Addr(), gengort.MarshallSyscall(VirtualAddress), gengort.MarshallSyscall(PhysAddress), gengort.MarshallSyscall(ProcessId)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_ConfigureEptHookUnHookSingleAddressFromVmxRoot gengort.PreloadProc - -func ConfigureEptHookUnHookSingleAddressFromVmxRoot(VirtualAddress int32, PhysAddress int32, TargetUnhookingDetails *int32) int32 { - __res := gengort.CCall3(__imp_ConfigureEptHookUnHookSingleAddressFromVmxRoot.Addr(), gengort.MarshallSyscall(VirtualAddress), gengort.MarshallSyscall(PhysAddress), gengort.MarshallSyscall(TargetUnhookingDetails)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_ConfigureEptHookAllocateExtraHookingPagesForMemoryMonitorsAndExecEptHooks gengort.PreloadProc - -func ConfigureEptHookAllocateExtraHookingPagesForMemoryMonitorsAndExecEptHooks(Count int32) int32 { - __res := gengort.CCall1(__imp_ConfigureEptHookAllocateExtraHookingPagesForMemoryMonitorsAndExecEptHooks.Addr(), gengort.MarshallSyscall(Count)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_ConfigureEptHookReservePreallocatedPoolsForEptHooks gengort.PreloadProc - -func ConfigureEptHookReservePreallocatedPoolsForEptHooks(Count int32) int32 { - __res := gengort.CCall1(__imp_ConfigureEptHookReservePreallocatedPoolsForEptHooks.Addr(), gengort.MarshallSyscall(Count)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_ConfigureExecTrapAddProcessToWatchingList gengort.PreloadProc - -func ConfigureExecTrapAddProcessToWatchingList(ProcessId int32) int32 { - __res := gengort.CCall1(__imp_ConfigureExecTrapAddProcessToWatchingList.Addr(), gengort.MarshallSyscall(ProcessId)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_ConfigureExecTrapRemoveProcessFromWatchingList gengort.PreloadProc - -func ConfigureExecTrapRemoveProcessFromWatchingList(ProcessId int32) int32 { - __res := gengort.CCall1(__imp_ConfigureExecTrapRemoveProcessFromWatchingList.Addr(), gengort.MarshallSyscall(ProcessId)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_DirectVmcallTest gengort.PreloadProc - -// /////////////////////////////////////////////// -func DirectVmcallTest(CoreId int32, DirectVmcallOptions *int32) int32 { - __res := gengort.CCall2(__imp_DirectVmcallTest.Addr(), gengort.MarshallSyscall(CoreId), gengort.MarshallSyscall(DirectVmcallOptions)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_DirectVmcallPerformVmcall gengort.PreloadProc - -func DirectVmcallPerformVmcall(CoreId int32, VmcallNumber int32, DirectVmcallOptions *int32) int32 { - __res := gengort.CCall3(__imp_DirectVmcallPerformVmcall.Addr(), gengort.MarshallSyscall(CoreId), gengort.MarshallSyscall(VmcallNumber), gengort.MarshallSyscall(DirectVmcallOptions)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_DirectVmcallChangeMsrBitmapRead gengort.PreloadProc - -func DirectVmcallChangeMsrBitmapRead(CoreId int32, DirectVmcallOptions *int32) int32 { - __res := gengort.CCall2(__imp_DirectVmcallChangeMsrBitmapRead.Addr(), gengort.MarshallSyscall(CoreId), gengort.MarshallSyscall(DirectVmcallOptions)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_DirectVmcallChangeMsrBitmapWrite gengort.PreloadProc - -func DirectVmcallChangeMsrBitmapWrite(CoreId int32, DirectVmcallOptions *int32) int32 { - __res := gengort.CCall2(__imp_DirectVmcallChangeMsrBitmapWrite.Addr(), gengort.MarshallSyscall(CoreId), gengort.MarshallSyscall(DirectVmcallOptions)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_DirectVmcallChangeIoBitmap gengort.PreloadProc - -func DirectVmcallChangeIoBitmap(CoreId int32, DirectVmcallOptions *int32) int32 { - __res := gengort.CCall2(__imp_DirectVmcallChangeIoBitmap.Addr(), gengort.MarshallSyscall(CoreId), gengort.MarshallSyscall(DirectVmcallOptions)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_DirectVmcallEnableRdpmcExiting gengort.PreloadProc - -func DirectVmcallEnableRdpmcExiting(CoreId int32, DirectVmcallOptions *int32) int32 { - __res := gengort.CCall2(__imp_DirectVmcallEnableRdpmcExiting.Addr(), gengort.MarshallSyscall(CoreId), gengort.MarshallSyscall(DirectVmcallOptions)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_DirectVmcallEnableRdtscpExiting gengort.PreloadProc - -func DirectVmcallEnableRdtscpExiting(CoreId int32, DirectVmcallOptions *int32) int32 { - __res := gengort.CCall2(__imp_DirectVmcallEnableRdtscpExiting.Addr(), gengort.MarshallSyscall(CoreId), gengort.MarshallSyscall(DirectVmcallOptions)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_DirectVmcallEnableMov2DebugRegsExiting gengort.PreloadProc - -func DirectVmcallEnableMov2DebugRegsExiting(CoreId int32, DirectVmcallOptions *int32) int32 { - __res := gengort.CCall2(__imp_DirectVmcallEnableMov2DebugRegsExiting.Addr(), gengort.MarshallSyscall(CoreId), gengort.MarshallSyscall(DirectVmcallOptions)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_DirectVmcallSetExceptionBitmap gengort.PreloadProc - -func DirectVmcallSetExceptionBitmap(CoreId int32, DirectVmcallOptions *int32) int32 { - __res := gengort.CCall2(__imp_DirectVmcallSetExceptionBitmap.Addr(), gengort.MarshallSyscall(CoreId), gengort.MarshallSyscall(DirectVmcallOptions)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_DirectVmcallEnableExternalInterruptExiting gengort.PreloadProc - -func DirectVmcallEnableExternalInterruptExiting(CoreId int32, DirectVmcallOptions *int32) int32 { - __res := gengort.CCall2(__imp_DirectVmcallEnableExternalInterruptExiting.Addr(), gengort.MarshallSyscall(CoreId), gengort.MarshallSyscall(DirectVmcallOptions)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_DirectVmcallEnableMovToCrExiting gengort.PreloadProc - -func DirectVmcallEnableMovToCrExiting(CoreId int32, DirectVmcallOptions *int32) int32 { - __res := gengort.CCall2(__imp_DirectVmcallEnableMovToCrExiting.Addr(), gengort.MarshallSyscall(CoreId), gengort.MarshallSyscall(DirectVmcallOptions)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_DirectVmcallEnableEferSyscall gengort.PreloadProc - -func DirectVmcallEnableEferSyscall(CoreId int32, DirectVmcallOptions *int32) int32 { - __res := gengort.CCall2(__imp_DirectVmcallEnableEferSyscall.Addr(), gengort.MarshallSyscall(CoreId), gengort.MarshallSyscall(DirectVmcallOptions)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_DirectVmcallSetHiddenBreakpointHook gengort.PreloadProc - -func DirectVmcallSetHiddenBreakpointHook(CoreId int32, DirectVmcallOptions *int32) int32 { - __res := gengort.CCall2(__imp_DirectVmcallSetHiddenBreakpointHook.Addr(), gengort.MarshallSyscall(CoreId), gengort.MarshallSyscall(DirectVmcallOptions)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_DirectVmcallInvalidateEptAllContexts gengort.PreloadProc - -func DirectVmcallInvalidateEptAllContexts(CoreId int32, DirectVmcallOptions *int32) int32 { - __res := gengort.CCall2(__imp_DirectVmcallInvalidateEptAllContexts.Addr(), gengort.MarshallSyscall(CoreId), gengort.MarshallSyscall(DirectVmcallOptions)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_DirectVmcallInvalidateSingleContext gengort.PreloadProc - -func DirectVmcallInvalidateSingleContext(CoreId int32, DirectVmcallOptions *int32) int32 { - __res := gengort.CCall2(__imp_DirectVmcallInvalidateSingleContext.Addr(), gengort.MarshallSyscall(CoreId), gengort.MarshallSyscall(DirectVmcallOptions)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_DirectVmcallUnsetExceptionBitmap gengort.PreloadProc - -func DirectVmcallUnsetExceptionBitmap(CoreId int32, DirectVmcallOptions *int32) int32 { - __res := gengort.CCall2(__imp_DirectVmcallUnsetExceptionBitmap.Addr(), gengort.MarshallSyscall(CoreId), gengort.MarshallSyscall(DirectVmcallOptions)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_DirectVmcallUnhookSinglePage gengort.PreloadProc - -func DirectVmcallUnhookSinglePage(CoreId int32, DirectVmcallOptions *int32) int32 { - __res := gengort.CCall2(__imp_DirectVmcallUnhookSinglePage.Addr(), gengort.MarshallSyscall(CoreId), gengort.MarshallSyscall(DirectVmcallOptions)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_DirectVmcallSetDisableExternalInterruptExitingOnlyOnClearingInterruptEvents gengort.PreloadProc - -func DirectVmcallSetDisableExternalInterruptExitingOnlyOnClearingInterruptEvents(CoreId int32, DirectVmcallOptions *int32) int32 { - __res := gengort.CCall2(__imp_DirectVmcallSetDisableExternalInterruptExitingOnlyOnClearingInterruptEvents.Addr(), gengort.MarshallSyscall(CoreId), gengort.MarshallSyscall(DirectVmcallOptions)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_DirectVmcallResetMsrBitmapRead gengort.PreloadProc - -func DirectVmcallResetMsrBitmapRead(CoreId int32, DirectVmcallOptions *int32) int32 { - __res := gengort.CCall2(__imp_DirectVmcallResetMsrBitmapRead.Addr(), gengort.MarshallSyscall(CoreId), gengort.MarshallSyscall(DirectVmcallOptions)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_DirectVmcallResetMsrBitmapWrite gengort.PreloadProc - -func DirectVmcallResetMsrBitmapWrite(CoreId int32, DirectVmcallOptions *int32) int32 { - __res := gengort.CCall2(__imp_DirectVmcallResetMsrBitmapWrite.Addr(), gengort.MarshallSyscall(CoreId), gengort.MarshallSyscall(DirectVmcallOptions)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_DirectVmcallResetExceptionBitmapOnlyOnClearingExceptionEvents gengort.PreloadProc - -func DirectVmcallResetExceptionBitmapOnlyOnClearingExceptionEvents(CoreId int32, DirectVmcallOptions *int32) int32 { - __res := gengort.CCall2(__imp_DirectVmcallResetExceptionBitmapOnlyOnClearingExceptionEvents.Addr(), gengort.MarshallSyscall(CoreId), gengort.MarshallSyscall(DirectVmcallOptions)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_DirectVmcallResetIoBitmap gengort.PreloadProc - -func DirectVmcallResetIoBitmap(CoreId int32, DirectVmcallOptions *int32) int32 { - __res := gengort.CCall2(__imp_DirectVmcallResetIoBitmap.Addr(), gengort.MarshallSyscall(CoreId), gengort.MarshallSyscall(DirectVmcallOptions)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_DirectVmcallDisableRdtscExitingForClearingTscEvents gengort.PreloadProc - -func DirectVmcallDisableRdtscExitingForClearingTscEvents(CoreId int32, DirectVmcallOptions *int32) int32 { - __res := gengort.CCall2(__imp_DirectVmcallDisableRdtscExitingForClearingTscEvents.Addr(), gengort.MarshallSyscall(CoreId), gengort.MarshallSyscall(DirectVmcallOptions)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_DirectVmcallDisableRdpmcExiting gengort.PreloadProc - -func DirectVmcallDisableRdpmcExiting(CoreId int32, DirectVmcallOptions *int32) int32 { - __res := gengort.CCall2(__imp_DirectVmcallDisableRdpmcExiting.Addr(), gengort.MarshallSyscall(CoreId), gengort.MarshallSyscall(DirectVmcallOptions)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_DirectVmcallDisableEferSyscallEvents gengort.PreloadProc - -func DirectVmcallDisableEferSyscallEvents(CoreId int32, DirectVmcallOptions *int32) int32 { - __res := gengort.CCall2(__imp_DirectVmcallDisableEferSyscallEvents.Addr(), gengort.MarshallSyscall(CoreId), gengort.MarshallSyscall(DirectVmcallOptions)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_DirectVmcallDisableMov2DrExitingForClearingDrEvents gengort.PreloadProc - -func DirectVmcallDisableMov2DrExitingForClearingDrEvents(CoreId int32, DirectVmcallOptions *int32) int32 { - __res := gengort.CCall2(__imp_DirectVmcallDisableMov2DrExitingForClearingDrEvents.Addr(), gengort.MarshallSyscall(CoreId), gengort.MarshallSyscall(DirectVmcallOptions)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_DirectVmcallDisableMov2CrExitingForClearingCrEvents gengort.PreloadProc - -func DirectVmcallDisableMov2CrExitingForClearingCrEvents(CoreId int32, DirectVmcallOptions *int32) int32 { - __res := gengort.CCall2(__imp_DirectVmcallDisableMov2CrExitingForClearingCrEvents.Addr(), gengort.MarshallSyscall(CoreId), gengort.MarshallSyscall(DirectVmcallOptions)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_DisassemblerShowInstructionsInVmxNonRootMode gengort.PreloadProc - -// /////////////////////////////////////////////// -func DisassemblerShowInstructionsInVmxNonRootMode(Address int32, Length int32, Is32Bit int32) int32 { - __res := gengort.CCall3(__imp_DisassemblerShowInstructionsInVmxNonRootMode.Addr(), gengort.MarshallSyscall(Address), gengort.MarshallSyscall(Length), gengort.MarshallSyscall(Is32Bit)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_DisassemblerShowOneInstructionInVmxNonRootMode gengort.PreloadProc - -func DisassemblerShowOneInstructionInVmxNonRootMode(Address int32, ActualRip int32, Is32Bit int32) int32 { - __res := gengort.CCall3(__imp_DisassemblerShowOneInstructionInVmxNonRootMode.Addr(), gengort.MarshallSyscall(Address), gengort.MarshallSyscall(ActualRip), gengort.MarshallSyscall(Is32Bit)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_DisassemblerShowOneInstructionInVmxRootMode gengort.PreloadProc - -func DisassemblerShowOneInstructionInVmxRootMode(Address int32, Is32Bit int32) int32 { - __res := gengort.CCall2(__imp_DisassemblerShowOneInstructionInVmxRootMode.Addr(), gengort.MarshallSyscall(Address), gengort.MarshallSyscall(Is32Bit)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_VirtualAddressToPhysicalAddress gengort.PreloadProc - -// /////////////////////////////////////////////// -func VirtualAddressToPhysicalAddress(PVOID int32) int32 { - __res := gengort.CCall1(__imp_VirtualAddressToPhysicalAddress.Addr(), gengort.MarshallSyscall(PVOID)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_VirtualAddressToPhysicalAddressByProcessId gengort.PreloadProc - -func VirtualAddressToPhysicalAddressByProcessId(PVOID int32) int32 { - __res := gengort.CCall1(__imp_VirtualAddressToPhysicalAddressByProcessId.Addr(), gengort.MarshallSyscall(PVOID)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_VirtualAddressToPhysicalAddressByProcessCr3 gengort.PreloadProc - -func VirtualAddressToPhysicalAddressByProcessCr3(PVOID int32) int32 { - __res := gengort.CCall1(__imp_VirtualAddressToPhysicalAddressByProcessCr3.Addr(), gengort.MarshallSyscall(PVOID)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_VirtualAddressToPhysicalAddressOnTargetProcess gengort.PreloadProc - -func VirtualAddressToPhysicalAddressOnTargetProcess(PVOID int32) int32 { - __res := gengort.CCall1(__imp_VirtualAddressToPhysicalAddressOnTargetProcess.Addr(), gengort.MarshallSyscall(PVOID)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_PhysicalAddressToVirtualAddress gengort.PreloadProc - -func PhysicalAddressToVirtualAddress(UINT64 int32) int32 { - __res := gengort.CCall1(__imp_PhysicalAddressToVirtualAddress.Addr(), gengort.MarshallSyscall(UINT64)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_PhysicalAddressToVirtualAddressByProcessId gengort.PreloadProc - -func PhysicalAddressToVirtualAddressByProcessId(PVOID int32) int32 { - __res := gengort.CCall1(__imp_PhysicalAddressToVirtualAddressByProcessId.Addr(), gengort.MarshallSyscall(PVOID)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_PhysicalAddressToVirtualAddressByCr3 gengort.PreloadProc - -func PhysicalAddressToVirtualAddressByCr3(PVOID int32) int32 { - __res := gengort.CCall1(__imp_PhysicalAddressToVirtualAddressByCr3.Addr(), gengort.MarshallSyscall(PVOID)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_PhysicalAddressToVirtualAddressOnTargetProcess gengort.PreloadProc - -func PhysicalAddressToVirtualAddressOnTargetProcess(PVOID int32) int32 { - __res := gengort.CCall1(__imp_PhysicalAddressToVirtualAddressOnTargetProcess.Addr(), gengort.MarshallSyscall(PVOID)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_SwitchToProcessMemoryLayout gengort.PreloadProc - -func SwitchToProcessMemoryLayout(UINT32 int32) int32 { - __res := gengort.CCall1(__imp_SwitchToProcessMemoryLayout.Addr(), gengort.MarshallSyscall(UINT32)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_SwitchToCurrentProcessMemoryLayout gengort.PreloadProc - -func SwitchToCurrentProcessMemoryLayout() int32 { - __res := gengort.CCall0(__imp_SwitchToCurrentProcessMemoryLayout.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_SwitchToProcessMemoryLayoutByCr3 gengort.PreloadProc - -func SwitchToProcessMemoryLayoutByCr3(CR3_TYPE int32) int32 { - __res := gengort.CCall1(__imp_SwitchToProcessMemoryLayoutByCr3.Addr(), gengort.MarshallSyscall(CR3_TYPE)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_SwitchToPreviousProcess gengort.PreloadProc - -func SwitchToPreviousProcess(CR3_TYPE int32) int32 { - __res := gengort.CCall1(__imp_SwitchToPreviousProcess.Addr(), gengort.MarshallSyscall(CR3_TYPE)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_CheckAddressValidityUsingTsx gengort.PreloadProc - -func CheckAddressValidityUsingTsx(Address *int32) int32 { - __res := gengort.CCall1(__imp_CheckAddressValidityUsingTsx.Addr(), gengort.MarshallSyscall(Address)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_CheckAccessValidityAndSafety gengort.PreloadProc - -func CheckAccessValidityAndSafety(TargetAddress int32, Size int32) int32 { - __res := gengort.CCall2(__imp_CheckAccessValidityAndSafety.Addr(), gengort.MarshallSyscall(TargetAddress), gengort.MarshallSyscall(Size)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_CheckAddressPhysical gengort.PreloadProc - -func CheckAddressPhysical(PAddr int32) int32 { - __res := gengort.CCall1(__imp_CheckAddressPhysical.Addr(), gengort.MarshallSyscall(PAddr)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_CheckAddressMaximumInstructionLength gengort.PreloadProc - -func CheckAddressMaximumInstructionLength(Address int32) int32 { - __res := gengort.CCall1(__imp_CheckAddressMaximumInstructionLength.Addr(), gengort.MarshallSyscall(Address)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_LayoutGetCurrentProcessCr3 gengort.PreloadProc - -func LayoutGetCurrentProcessCr3() int32 { - __res := gengort.CCall0(__imp_LayoutGetCurrentProcessCr3.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_LayoutGetExactGuestProcessCr3 gengort.PreloadProc - -func LayoutGetExactGuestProcessCr3() int32 { - __res := gengort.CCall0(__imp_LayoutGetExactGuestProcessCr3.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_MemoryMapperGetPteVa gengort.PreloadProc - -// /////////////////////////////////////////////// -func MemoryMapperGetPteVa(PVOID int32) int32 { - __res := gengort.CCall1(__imp_MemoryMapperGetPteVa.Addr(), gengort.MarshallSyscall(PVOID)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_MemoryMapperGetPteVaByCr3 gengort.PreloadProc - -func MemoryMapperGetPteVaByCr3(PVOID int32) int32 { - __res := gengort.CCall1(__imp_MemoryMapperGetPteVaByCr3.Addr(), gengort.MarshallSyscall(PVOID)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_MemoryMapperGetPteVaWithoutSwitchingByCr3 gengort.PreloadProc - -func MemoryMapperGetPteVaWithoutSwitchingByCr3(PVOID int32) int32 { - __res := gengort.CCall1(__imp_MemoryMapperGetPteVaWithoutSwitchingByCr3.Addr(), gengort.MarshallSyscall(PVOID)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_MemoryMapperGetPteVaOnTargetProcess gengort.PreloadProc - -func MemoryMapperGetPteVaOnTargetProcess(PVOID int32) int32 { - __res := gengort.CCall1(__imp_MemoryMapperGetPteVaOnTargetProcess.Addr(), gengort.MarshallSyscall(PVOID)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_MemoryMapperSetExecuteDisableToPteOnTargetProcess gengort.PreloadProc - -func MemoryMapperSetExecuteDisableToPteOnTargetProcess(PVOID int32) int32 { - __res := gengort.CCall1(__imp_MemoryMapperSetExecuteDisableToPteOnTargetProcess.Addr(), gengort.MarshallSyscall(PVOID)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_MemoryMapperCheckPteIsPresentOnTargetProcess gengort.PreloadProc - -func MemoryMapperCheckPteIsPresentOnTargetProcess(Va int32, Level int32) int32 { - __res := gengort.CCall2(__imp_MemoryMapperCheckPteIsPresentOnTargetProcess.Addr(), gengort.MarshallSyscall(Va), gengort.MarshallSyscall(Level)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_MemoryMapperReadMemorySafe gengort.PreloadProc - -func MemoryMapperReadMemorySafe(UINT64 int32) int32 { - __res := gengort.CCall1(__imp_MemoryMapperReadMemorySafe.Addr(), gengort.MarshallSyscall(UINT64)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_MemoryMapperReadMemorySafeByPhysicalAddress gengort.PreloadProc - -func MemoryMapperReadMemorySafeByPhysicalAddress(UINT64 int32) int32 { - __res := gengort.CCall1(__imp_MemoryMapperReadMemorySafeByPhysicalAddress.Addr(), gengort.MarshallSyscall(UINT64)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_MemoryMapperReadMemorySafeOnTargetProcess gengort.PreloadProc - -func MemoryMapperReadMemorySafeOnTargetProcess(UINT64 int32) int32 { - __res := gengort.CCall1(__imp_MemoryMapperReadMemorySafeOnTargetProcess.Addr(), gengort.MarshallSyscall(UINT64)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_DisassemblerLengthDisassembleEngine gengort.PreloadProc - -func DisassemblerLengthDisassembleEngine(Address int32, Is32Bit int32) int32 { - __res := gengort.CCall2(__imp_DisassemblerLengthDisassembleEngine.Addr(), gengort.MarshallSyscall(Address), gengort.MarshallSyscall(Is32Bit)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_DisassemblerLengthDisassembleEngineInVmxRootOnTargetProcess gengort.PreloadProc - -func DisassemblerLengthDisassembleEngineInVmxRootOnTargetProcess(Address int32, Is32Bit int32) int32 { - __res := gengort.CCall2(__imp_DisassemblerLengthDisassembleEngineInVmxRootOnTargetProcess.Addr(), gengort.MarshallSyscall(Address), gengort.MarshallSyscall(Is32Bit)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_MemoryMapperWriteMemorySafe gengort.PreloadProc - -func MemoryMapperWriteMemorySafe(UINT64 int32) int32 { - __res := gengort.CCall1(__imp_MemoryMapperWriteMemorySafe.Addr(), gengort.MarshallSyscall(UINT64)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_MemoryMapperWriteMemorySafeOnTargetProcess gengort.PreloadProc - -func MemoryMapperWriteMemorySafeOnTargetProcess(UINT64 int32) int32 { - __res := gengort.CCall1(__imp_MemoryMapperWriteMemorySafeOnTargetProcess.Addr(), gengort.MarshallSyscall(UINT64)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_MemoryMapperWriteMemorySafeByPhysicalAddress gengort.PreloadProc - -func MemoryMapperWriteMemorySafeByPhysicalAddress(UINT64 int32) int32 { - __res := gengort.CCall1(__imp_MemoryMapperWriteMemorySafeByPhysicalAddress.Addr(), gengort.MarshallSyscall(UINT64)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_MemoryMapperWriteMemoryUnsafe gengort.PreloadProc - -func MemoryMapperWriteMemoryUnsafe(UINT64 int32) int32 { - __res := gengort.CCall1(__imp_MemoryMapperWriteMemoryUnsafe.Addr(), gengort.MarshallSyscall(UINT64)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_MemoryMapperReserveUsermodeAddressOnTargetProcess gengort.PreloadProc - -func MemoryMapperReserveUsermodeAddressOnTargetProcess(UINT32 int32) int32 { - __res := gengort.CCall1(__imp_MemoryMapperReserveUsermodeAddressOnTargetProcess.Addr(), gengort.MarshallSyscall(UINT32)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_MemoryMapperFreeMemoryOnTargetProcess gengort.PreloadProc - -func MemoryMapperFreeMemoryOnTargetProcess(UINT32 int32) int32 { - __res := gengort.CCall1(__imp_MemoryMapperFreeMemoryOnTargetProcess.Addr(), gengort.MarshallSyscall(UINT32)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_MemoryMapperSetSupervisorBitWithoutSwitchingByCr3 gengort.PreloadProc - -func MemoryMapperSetSupervisorBitWithoutSwitchingByCr3(PVOID int32) int32 { - __res := gengort.CCall1(__imp_MemoryMapperSetSupervisorBitWithoutSwitchingByCr3.Addr(), gengort.MarshallSyscall(PVOID)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_MemoryMapperCheckIfPageIsNxBitSetOnTargetProcess gengort.PreloadProc - -func MemoryMapperCheckIfPageIsNxBitSetOnTargetProcess(PVOID int32) int32 { - __res := gengort.CCall1(__imp_MemoryMapperCheckIfPageIsNxBitSetOnTargetProcess.Addr(), gengort.MarshallSyscall(PVOID)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_MemoryMapperCheckIfPdeIsLargePageOnTargetProcess gengort.PreloadProc - -func MemoryMapperCheckIfPdeIsLargePageOnTargetProcess(PVOID int32) int32 { - __res := gengort.CCall1(__imp_MemoryMapperCheckIfPdeIsLargePageOnTargetProcess.Addr(), gengort.MarshallSyscall(PVOID)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_MemoryManagerReadProcessMemoryNormal gengort.PreloadProc - -// /////////////////////////////////////////////// -func MemoryManagerReadProcessMemoryNormal(PID int32, Address int32, MemType int32, UserBuffer int32, Size int32, ReturnSize int32) int32 { - __res := gengort.CCall6(__imp_MemoryManagerReadProcessMemoryNormal.Addr(), gengort.MarshallSyscall(PID), gengort.MarshallSyscall(Address), gengort.MarshallSyscall(MemType), gengort.MarshallSyscall(UserBuffer), gengort.MarshallSyscall(Size), gengort.MarshallSyscall(ReturnSize)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_PoolManagerCheckAndPerformAllocationAndDeallocation gengort.PreloadProc - -// /////////////////////////////////////////////// -func PoolManagerCheckAndPerformAllocationAndDeallocation() int32 { - __res := gengort.CCall0(__imp_PoolManagerCheckAndPerformAllocationAndDeallocation.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_PoolManagerRequestAllocation gengort.PreloadProc - -func PoolManagerRequestAllocation(Size int32, Count int32, Intention int32) int32 { - __res := gengort.CCall3(__imp_PoolManagerRequestAllocation.Addr(), gengort.MarshallSyscall(Size), gengort.MarshallSyscall(Count), gengort.MarshallSyscall(Intention)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_PoolManagerRequestPool gengort.PreloadProc - -func PoolManagerRequestPool(Intention int32, RequestNewPool int32, Size int32) int32 { - __res := gengort.CCall3(__imp_PoolManagerRequestPool.Addr(), gengort.MarshallSyscall(Intention), gengort.MarshallSyscall(RequestNewPool), gengort.MarshallSyscall(Size)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_PoolManagerFreePool gengort.PreloadProc - -func PoolManagerFreePool(AddressToFree int32) int32 { - __res := gengort.CCall1(__imp_PoolManagerFreePool.Addr(), gengort.MarshallSyscall(AddressToFree)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_PoolManagerShowPreAllocatedPools gengort.PreloadProc - -func PoolManagerShowPreAllocatedPools() int32 { - __res := gengort.CCall0(__imp_PoolManagerShowPreAllocatedPools.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_SetGuestCsSel gengort.PreloadProc - -// /////////////////////////////////////////////// -func SetGuestCsSel(Cs int32) int32 { - __res := gengort.CCall1(__imp_SetGuestCsSel.Addr(), gengort.MarshallSyscall(Cs)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_SetGuestCs gengort.PreloadProc - -func SetGuestCs(Cs int32) int32 { - __res := gengort.CCall1(__imp_SetGuestCs.Addr(), gengort.MarshallSyscall(Cs)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_GetGuestCs gengort.PreloadProc - -func GetGuestCs() int32 { - __res := gengort.CCall0(__imp_GetGuestCs.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_SetGuestSsSel gengort.PreloadProc - -func SetGuestSsSel(Ss int32) int32 { - __res := gengort.CCall1(__imp_SetGuestSsSel.Addr(), gengort.MarshallSyscall(Ss)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_SetGuestSs gengort.PreloadProc - -func SetGuestSs(Ss int32) int32 { - __res := gengort.CCall1(__imp_SetGuestSs.Addr(), gengort.MarshallSyscall(Ss)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_GetGuestSs gengort.PreloadProc - -func GetGuestSs() int32 { - __res := gengort.CCall0(__imp_GetGuestSs.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_SetGuestDsSel gengort.PreloadProc - -func SetGuestDsSel(Ds int32) int32 { - __res := gengort.CCall1(__imp_SetGuestDsSel.Addr(), gengort.MarshallSyscall(Ds)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_SetGuestDs gengort.PreloadProc - -func SetGuestDs(Ds int32) int32 { - __res := gengort.CCall1(__imp_SetGuestDs.Addr(), gengort.MarshallSyscall(Ds)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_GetGuestDs gengort.PreloadProc - -func GetGuestDs() int32 { - __res := gengort.CCall0(__imp_GetGuestDs.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_SetGuestFsSel gengort.PreloadProc - -func SetGuestFsSel(Fs int32) int32 { - __res := gengort.CCall1(__imp_SetGuestFsSel.Addr(), gengort.MarshallSyscall(Fs)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_SetGuestFs gengort.PreloadProc - -func SetGuestFs(Fs int32) int32 { - __res := gengort.CCall1(__imp_SetGuestFs.Addr(), gengort.MarshallSyscall(Fs)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_GetGuestFs gengort.PreloadProc - -func GetGuestFs() int32 { - __res := gengort.CCall0(__imp_GetGuestFs.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_SetGuestGsSel gengort.PreloadProc - -func SetGuestGsSel(Gs int32) int32 { - __res := gengort.CCall1(__imp_SetGuestGsSel.Addr(), gengort.MarshallSyscall(Gs)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_SetGuestGs gengort.PreloadProc - -func SetGuestGs(Gs int32) int32 { - __res := gengort.CCall1(__imp_SetGuestGs.Addr(), gengort.MarshallSyscall(Gs)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_GetGuestGs gengort.PreloadProc - -func GetGuestGs() int32 { - __res := gengort.CCall0(__imp_GetGuestGs.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_SetGuestEsSel gengort.PreloadProc - -func SetGuestEsSel(Es int32) int32 { - __res := gengort.CCall1(__imp_SetGuestEsSel.Addr(), gengort.MarshallSyscall(Es)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_SetGuestEs gengort.PreloadProc - -func SetGuestEs(Es int32) int32 { - __res := gengort.CCall1(__imp_SetGuestEs.Addr(), gengort.MarshallSyscall(Es)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_GetGuestEs gengort.PreloadProc - -func GetGuestEs() int32 { - __res := gengort.CCall0(__imp_GetGuestEs.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_SetGuestIdtr gengort.PreloadProc - -func SetGuestIdtr(Idtr int32) int32 { - __res := gengort.CCall1(__imp_SetGuestIdtr.Addr(), gengort.MarshallSyscall(Idtr)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_GetGuestIdtr gengort.PreloadProc - -func GetGuestIdtr() int32 { - __res := gengort.CCall0(__imp_GetGuestIdtr.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_SetGuestLdtr gengort.PreloadProc - -func SetGuestLdtr(Ldtr int32) int32 { - __res := gengort.CCall1(__imp_SetGuestLdtr.Addr(), gengort.MarshallSyscall(Ldtr)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_GetGuestLdtr gengort.PreloadProc - -func GetGuestLdtr() int32 { - __res := gengort.CCall0(__imp_GetGuestLdtr.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_SetGuestGdtr gengort.PreloadProc - -func SetGuestGdtr(Gdtr int32) int32 { - __res := gengort.CCall1(__imp_SetGuestGdtr.Addr(), gengort.MarshallSyscall(Gdtr)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_GetGuestGdtr gengort.PreloadProc - -func GetGuestGdtr() int32 { - __res := gengort.CCall0(__imp_GetGuestGdtr.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_SetGuestTr gengort.PreloadProc - -func SetGuestTr(Tr int32) int32 { - __res := gengort.CCall1(__imp_SetGuestTr.Addr(), gengort.MarshallSyscall(Tr)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_GetGuestTr gengort.PreloadProc - -func GetGuestTr() int32 { - __res := gengort.CCall0(__imp_GetGuestTr.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_SetGuestRFlags gengort.PreloadProc - -func SetGuestRFlags(RFlags int32) int32 { - __res := gengort.CCall1(__imp_SetGuestRFlags.Addr(), gengort.MarshallSyscall(RFlags)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_GetGuestRFlags gengort.PreloadProc - -func GetGuestRFlags() int32 { - __res := gengort.CCall0(__imp_GetGuestRFlags.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_SetGuestRIP gengort.PreloadProc - -func SetGuestRIP(RIP int32) int32 { - __res := gengort.CCall1(__imp_SetGuestRIP.Addr(), gengort.MarshallSyscall(RIP)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_SetGuestRSP gengort.PreloadProc - -func SetGuestRSP(RSP int32) int32 { - __res := gengort.CCall1(__imp_SetGuestRSP.Addr(), gengort.MarshallSyscall(RSP)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_GetGuestRIP gengort.PreloadProc - -func GetGuestRIP() int32 { - __res := gengort.CCall0(__imp_GetGuestRIP.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_GetGuestCr0 gengort.PreloadProc - -func GetGuestCr0() int32 { - __res := gengort.CCall0(__imp_GetGuestCr0.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_GetGuestCr2 gengort.PreloadProc - -func GetGuestCr2() int32 { - __res := gengort.CCall0(__imp_GetGuestCr2.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_GetGuestCr3 gengort.PreloadProc - -func GetGuestCr3() int32 { - __res := gengort.CCall0(__imp_GetGuestCr3.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_GetGuestCr4 gengort.PreloadProc - -func GetGuestCr4() int32 { - __res := gengort.CCall0(__imp_GetGuestCr4.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_GetGuestCr8 gengort.PreloadProc - -func GetGuestCr8() int32 { - __res := gengort.CCall0(__imp_GetGuestCr8.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_SetGuestCr0 gengort.PreloadProc - -func SetGuestCr0(Cr0 int32) int32 { - __res := gengort.CCall1(__imp_SetGuestCr0.Addr(), gengort.MarshallSyscall(Cr0)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_SetGuestCr2 gengort.PreloadProc - -func SetGuestCr2(Cr2 int32) int32 { - __res := gengort.CCall1(__imp_SetGuestCr2.Addr(), gengort.MarshallSyscall(Cr2)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_SetGuestCr3 gengort.PreloadProc - -func SetGuestCr3(Cr3 int32) int32 { - __res := gengort.CCall1(__imp_SetGuestCr3.Addr(), gengort.MarshallSyscall(Cr3)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_SetGuestCr4 gengort.PreloadProc - -func SetGuestCr4(Cr4 int32) int32 { - __res := gengort.CCall1(__imp_SetGuestCr4.Addr(), gengort.MarshallSyscall(Cr4)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_SetGuestCr8 gengort.PreloadProc - -func SetGuestCr8(Cr8 int32) int32 { - __res := gengort.CCall1(__imp_SetGuestCr8.Addr(), gengort.MarshallSyscall(Cr8)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_GetGuestDr0 gengort.PreloadProc - -func GetGuestDr0() int32 { - __res := gengort.CCall0(__imp_GetGuestDr0.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_GetGuestDr1 gengort.PreloadProc - -func GetGuestDr1() int32 { - __res := gengort.CCall0(__imp_GetGuestDr1.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_GetGuestDr2 gengort.PreloadProc - -func GetGuestDr2() int32 { - __res := gengort.CCall0(__imp_GetGuestDr2.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_GetGuestDr3 gengort.PreloadProc - -func GetGuestDr3() int32 { - __res := gengort.CCall0(__imp_GetGuestDr3.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_GetGuestDr6 gengort.PreloadProc - -func GetGuestDr6() int32 { - __res := gengort.CCall0(__imp_GetGuestDr6.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_GetGuestDr7 gengort.PreloadProc - -func GetGuestDr7() int32 { - __res := gengort.CCall0(__imp_GetGuestDr7.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_SetGuestDr0 gengort.PreloadProc - -func SetGuestDr0(value int32) int32 { - __res := gengort.CCall1(__imp_SetGuestDr0.Addr(), gengort.MarshallSyscall(value)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_SetGuestDr1 gengort.PreloadProc - -func SetGuestDr1(value int32) int32 { - __res := gengort.CCall1(__imp_SetGuestDr1.Addr(), gengort.MarshallSyscall(value)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_SetGuestDr2 gengort.PreloadProc - -func SetGuestDr2(value int32) int32 { - __res := gengort.CCall1(__imp_SetGuestDr2.Addr(), gengort.MarshallSyscall(value)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_SetGuestDr3 gengort.PreloadProc - -func SetGuestDr3(value int32) int32 { - __res := gengort.CCall1(__imp_SetGuestDr3.Addr(), gengort.MarshallSyscall(value)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_SetGuestDr6 gengort.PreloadProc - -func SetGuestDr6(value int32) int32 { - __res := gengort.CCall1(__imp_SetGuestDr6.Addr(), gengort.MarshallSyscall(value)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_SetGuestDr7 gengort.PreloadProc - -func SetGuestDr7(value int32) int32 { - __res := gengort.CCall1(__imp_SetGuestDr7.Addr(), gengort.MarshallSyscall(value)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_SetDebugRegisters gengort.PreloadProc - -func SetDebugRegisters(DebugRegNum int32, ActionType int32, ApplyToVmcs int32, TargetAddress int32) int32 { - __res := gengort.CCall4(__imp_SetDebugRegisters.Addr(), gengort.MarshallSyscall(DebugRegNum), gengort.MarshallSyscall(ActionType), gengort.MarshallSyscall(ApplyToVmcs), gengort.MarshallSyscall(TargetAddress)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_TransparentHideDebugger gengort.PreloadProc - -// /////////////////////////////////////////////// -func TransparentHideDebugger(Measurements int32) int32 { - __res := gengort.CCall1(__imp_TransparentHideDebugger.Addr(), gengort.MarshallSyscall(Measurements)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_TransparentUnhideDebugger gengort.PreloadProc - -func TransparentUnhideDebugger() int32 { - __res := gengort.CCall0(__imp_TransparentUnhideDebugger.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_BroadcastEnableBreakpointExitingOnExceptionBitmapAllCores gengort.PreloadProc - -// /////////////////////////////////////////////// -func BroadcastEnableBreakpointExitingOnExceptionBitmapAllCores() int32 { - __res := gengort.CCall0(__imp_BroadcastEnableBreakpointExitingOnExceptionBitmapAllCores.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_BroadcastDisableBreakpointExitingOnExceptionBitmapAllCores gengort.PreloadProc - -func BroadcastDisableBreakpointExitingOnExceptionBitmapAllCores() int32 { - __res := gengort.CCall0(__imp_BroadcastDisableBreakpointExitingOnExceptionBitmapAllCores.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_BroadcastEnableDbAndBpExitingAllCores gengort.PreloadProc - -func BroadcastEnableDbAndBpExitingAllCores() int32 { - __res := gengort.CCall0(__imp_BroadcastEnableDbAndBpExitingAllCores.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_BroadcastDisableDbAndBpExitingAllCores gengort.PreloadProc - -func BroadcastDisableDbAndBpExitingAllCores() int32 { - __res := gengort.CCall0(__imp_BroadcastDisableDbAndBpExitingAllCores.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_BroadcastEnableRdtscExitingAllCores gengort.PreloadProc - -func BroadcastEnableRdtscExitingAllCores() int32 { - __res := gengort.CCall0(__imp_BroadcastEnableRdtscExitingAllCores.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_BroadcastDisableRdtscExitingAllCores gengort.PreloadProc - -func BroadcastDisableRdtscExitingAllCores() int32 { - __res := gengort.CCall0(__imp_BroadcastDisableRdtscExitingAllCores.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_BroadcastChangeAllMsrBitmapReadAllCores gengort.PreloadProc - -func BroadcastChangeAllMsrBitmapReadAllCores(BitmapMask int32) int32 { - __res := gengort.CCall1(__imp_BroadcastChangeAllMsrBitmapReadAllCores.Addr(), gengort.MarshallSyscall(BitmapMask)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_BroadcastResetChangeAllMsrBitmapReadAllCores gengort.PreloadProc - -func BroadcastResetChangeAllMsrBitmapReadAllCores() int32 { - __res := gengort.CCall0(__imp_BroadcastResetChangeAllMsrBitmapReadAllCores.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_BroadcastChangeAllMsrBitmapWriteAllCores gengort.PreloadProc - -func BroadcastChangeAllMsrBitmapWriteAllCores(BitmapMask int32) int32 { - __res := gengort.CCall1(__imp_BroadcastChangeAllMsrBitmapWriteAllCores.Addr(), gengort.MarshallSyscall(BitmapMask)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_BroadcastResetAllMsrBitmapWriteAllCores gengort.PreloadProc - -func BroadcastResetAllMsrBitmapWriteAllCores() int32 { - __res := gengort.CCall0(__imp_BroadcastResetAllMsrBitmapWriteAllCores.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_BroadcastDisableRdtscExitingForClearingEventsAllCores gengort.PreloadProc - -func BroadcastDisableRdtscExitingForClearingEventsAllCores() int32 { - __res := gengort.CCall0(__imp_BroadcastDisableRdtscExitingForClearingEventsAllCores.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_BroadcastDisableMov2ControlRegsExitingForClearingEventsAllCores gengort.PreloadProc - -func BroadcastDisableMov2ControlRegsExitingForClearingEventsAllCores(BroadcastingOption int32) int32 { - __res := gengort.CCall1(__imp_BroadcastDisableMov2ControlRegsExitingForClearingEventsAllCores.Addr(), gengort.MarshallSyscall(BroadcastingOption)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_BroadcastDisableMov2DebugRegsExitingForClearingEventsAllCores gengort.PreloadProc - -func BroadcastDisableMov2DebugRegsExitingForClearingEventsAllCores() int32 { - __res := gengort.CCall0(__imp_BroadcastDisableMov2DebugRegsExitingForClearingEventsAllCores.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_BroadcastEnableRdpmcExitingAllCores gengort.PreloadProc - -func BroadcastEnableRdpmcExitingAllCores() int32 { - __res := gengort.CCall0(__imp_BroadcastEnableRdpmcExitingAllCores.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_BroadcastDisableRdpmcExitingAllCores gengort.PreloadProc - -func BroadcastDisableRdpmcExitingAllCores() int32 { - __res := gengort.CCall0(__imp_BroadcastDisableRdpmcExitingAllCores.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_BroadcastSetExceptionBitmapAllCores gengort.PreloadProc - -func BroadcastSetExceptionBitmapAllCores(ExceptionIndex int32) int32 { - __res := gengort.CCall1(__imp_BroadcastSetExceptionBitmapAllCores.Addr(), gengort.MarshallSyscall(ExceptionIndex)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_BroadcastUnsetExceptionBitmapAllCores gengort.PreloadProc - -func BroadcastUnsetExceptionBitmapAllCores(ExceptionIndex int32) int32 { - __res := gengort.CCall1(__imp_BroadcastUnsetExceptionBitmapAllCores.Addr(), gengort.MarshallSyscall(ExceptionIndex)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_BroadcastResetExceptionBitmapAllCores gengort.PreloadProc - -func BroadcastResetExceptionBitmapAllCores() int32 { - __res := gengort.CCall0(__imp_BroadcastResetExceptionBitmapAllCores.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_BroadcastEnableMovControlRegisterExitingAllCores gengort.PreloadProc - -func BroadcastEnableMovControlRegisterExitingAllCores(BroadcastingOption int32) int32 { - __res := gengort.CCall1(__imp_BroadcastEnableMovControlRegisterExitingAllCores.Addr(), gengort.MarshallSyscall(BroadcastingOption)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_BroadcastDisableMovToControlRegistersExitingAllCores gengort.PreloadProc - -func BroadcastDisableMovToControlRegistersExitingAllCores(BroadcastingOption int32) int32 { - __res := gengort.CCall1(__imp_BroadcastDisableMovToControlRegistersExitingAllCores.Addr(), gengort.MarshallSyscall(BroadcastingOption)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_BroadcastEnableMovDebugRegistersExitingAllCores gengort.PreloadProc - -func BroadcastEnableMovDebugRegistersExitingAllCores() int32 { - __res := gengort.CCall0(__imp_BroadcastEnableMovDebugRegistersExitingAllCores.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_BroadcastDisableMovDebugRegistersExitingAllCores gengort.PreloadProc - -func BroadcastDisableMovDebugRegistersExitingAllCores() int32 { - __res := gengort.CCall0(__imp_BroadcastDisableMovDebugRegistersExitingAllCores.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_BroadcastSetExternalInterruptExitingAllCores gengort.PreloadProc - -func BroadcastSetExternalInterruptExitingAllCores() int32 { - __res := gengort.CCall0(__imp_BroadcastSetExternalInterruptExitingAllCores.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_BroadcastUnsetExternalInterruptExitingOnlyOnClearingInterruptEventsAllCores gengort.PreloadProc - -func BroadcastUnsetExternalInterruptExitingOnlyOnClearingInterruptEventsAllCores() int32 { - __res := gengort.CCall0(__imp_BroadcastUnsetExternalInterruptExitingOnlyOnClearingInterruptEventsAllCores.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_BroadcastIoBitmapChangeAllCores gengort.PreloadProc - -func BroadcastIoBitmapChangeAllCores(Port int32) int32 { - __res := gengort.CCall1(__imp_BroadcastIoBitmapChangeAllCores.Addr(), gengort.MarshallSyscall(Port)) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_BroadcastIoBitmapResetAllCores gengort.PreloadProc - -func BroadcastIoBitmapResetAllCores() int32 { - __res := gengort.CCall0(__imp_BroadcastIoBitmapResetAllCores.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_BroadcastEnableMovToCr3ExitingOnAllProcessors gengort.PreloadProc - -func BroadcastEnableMovToCr3ExitingOnAllProcessors() int32 { - __res := gengort.CCall0(__imp_BroadcastEnableMovToCr3ExitingOnAllProcessors.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_BroadcastDisableMovToCr3ExitingOnAllProcessors gengort.PreloadProc - -func BroadcastDisableMovToCr3ExitingOnAllProcessors() int32 { - __res := gengort.CCall0(__imp_BroadcastDisableMovToCr3ExitingOnAllProcessors.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_BroadcastEnableEferSyscallEventsOnAllProcessors gengort.PreloadProc - -func BroadcastEnableEferSyscallEventsOnAllProcessors() int32 { - __res := gengort.CCall0(__imp_BroadcastEnableEferSyscallEventsOnAllProcessors.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} - -var __imp_BroadcastDisableEferSyscallEventsOnAllProcessors gengort.PreloadProc - -func BroadcastDisableEferSyscallEventsOnAllProcessors() int32 { - __res := gengort.CCall0(__imp_BroadcastDisableEferSyscallEventsOnAllProcessors.Addr()) - return gengort.UnmarshallSyscall[int32](__res) -} diff --git a/gengo/astDumper/CMakeLists.txt b/gengo/astDumper/CMakeLists.txt new file mode 100644 index 000000000..17a4477dc --- /dev/null +++ b/gengo/astDumper/CMakeLists.txt @@ -0,0 +1,9 @@ +cmake_minimum_required(VERSION 3.28) +project(fake C) + +set(CMAKE_C_STANDARD 11) + +include_directories(.) + +add_executable(fake + test.h) diff --git a/gengo/astDumper/clang.ps1 b/gengo/astDumper/clang.ps1 new file mode 100644 index 000000000..a969a7486 --- /dev/null +++ b/gengo/astDumper/clang.ps1 @@ -0,0 +1,4 @@ +clang++ -nobuiltininc -Xclang -ast-dump=json -fsyntax-only test.hpp > ast_output.json 2>&1 +clang++ -fsyntax-only -nobuiltininc -emit-llvm -Xclang -fdump-record-layouts -Xclang -fdump-record-layouts-complete test.hpp > ast_record_layouts.log 2>&1 +clang++ -E -dM test.hpp > macros.txt +pause diff --git a/gengo/astDumper/macros.txt b/gengo/astDumper/macros.txt new file mode 100644 index 000000000..fc98ce0a1 Binary files /dev/null and b/gengo/astDumper/macros.txt differ diff --git a/gengo/astDumper/test.h b/gengo/astDumper/test.h new file mode 100644 index 000000000..8b8db7cac --- /dev/null +++ b/gengo/astDumper/test.h @@ -0,0 +1,65 @@ +#define X86_FLAGS_RESERVED_BITS 0xffc38028 +#define X86_FLAGS_FIXED 0x00000002 + +#define IOCTL_PREACTIVATE_FUNCTIONALITY \ + CTL_CODE(FILE_DEVICE_UNKNOWN, 0x820, METHOD_BUFFERED, FILE_ANY_ACCESS) + +typedef unsigned long long QWORD; +typedef unsigned __int64 UINT64, *PUINT64; +typedef unsigned long DWORD; +typedef int BOOL; +typedef unsigned char BYTE; +typedef unsigned short WORD; +typedef int INT; +typedef unsigned int UINT; +typedef unsigned int * PUINT; +typedef unsigned __int64 ULONG64, *PULONG64; +typedef unsigned __int64 DWORD64, *PDWORD64; +typedef char CHAR; +typedef wchar_t WCHAR; +#define VOID void +//#define PVOID void* +//#define LPVOID void* +//#define HANDLE void* + +typedef unsigned char UCHAR; +typedef unsigned short USHORT; +typedef unsigned long ULONG; + +typedef UCHAR BOOLEAN; // winnt +typedef BOOLEAN * PBOOLEAN; // winnt + +typedef signed char INT8, *PINT8; +typedef signed short INT16, *PINT16; +typedef signed int INT32, *PINT32; +typedef signed __int64 INT64, *PINT64; +typedef unsigned char UINT8, *PUINT8; +typedef unsigned short UINT16, *PUINT16; +typedef unsigned int UINT32, *PUINT32; +typedef unsigned __int64 UINT64, *PUINT64; + +wchar_t c = L'A'; + +typedef struct _CR3_TYPE +{ + union + { + UINT64 Flags; + + struct + { + UINT64 Pcid : 12; + UINT64 PageFrameNumber : 36; + UINT64 Reserved1 : 12; + UINT64 Reserved_2 : 3; + UINT64 PcidInvalidate : 1; + } Fields; + }; +} CR3_TYPE, *PCR3_TYPE; + +typedef struct xed_immdis_s { + unsigned int currently_used_space :4; // current number of assigned bytes + unsigned int max_allocated_space :4; // max allocation, 4 or 8 + int present : 1; + int immediate_is_unsigned : 1; +} xed_immdis_t; \ No newline at end of file diff --git a/gengo/bind/ARImpRec/ARImpRec.go b/gengo/bind/ARImpRec/ARImpRec.go index 3f92329ea..8ee92a921 100644 --- a/gengo/bind/ARImpRec/ARImpRec.go +++ b/gengo/bind/ARImpRec/ARImpRec.go @@ -9,49 +9,54 @@ const GengoLibraryName = "ARImpRec" var GengoLibrary = gengort.NewLibrary(GengoLibraryName) -type _Int128T = any -type _Uint128T = any -type __NSConstantString = any -type SizeT = uint64 -type _BuiltinMsVaList = *byte -type _BuiltinVaList = *byte -type UintptrT = uint64 -type VaList = *byte -//type SizeT = uint64 -type PtrdiffT = int64 -type IntptrT = int64 -type _VcrtBool = bool -type WcharT = uint16 -type Int8T = int8 -type Int16T = int16 -type Int32T = int32 -type Int64T = int64 -type Uint8T = uint8 -type Uint16T = uint16 -type Uint32T = uint32 -type Uint64T = uint64 -type IntLeast8T = int8 -type IntLeast16T = int16 -type IntLeast32T = int32 -type IntLeast64T = int64 -type UintLeast8T = uint8 -type UintLeast16T = uint16 -type UintLeast32T = uint32 -type UintLeast64T = uint64 -type IntFast8T = int8 -type IntFast16T = int32 -type IntFast32T = int32 -type IntFast64T = int64 -type UintFast8T = uint8 -type UintFast16T = uint32 -type UintFast32T = uint32 -type UintFast64T = uint64 -type IntmaxT = int64 -type UintmaxT = uint64 - -//var __imp___va_start gengort.PreloadProc - -// Gengo init function. +type ( + _Int128T = any + _Uint128T = any + __NSConstantString = any + SizeT = uint64 + _BuiltinMsVaList = *byte + _BuiltinVaList = *byte + UintptrT = uint64 + VaList = *byte +) + +// type SizeT = uint64 +type ( + PtrdiffT = int64 + IntptrT = int64 + _VcrtBool = bool + WcharT = uint16 + Int8T = int8 + Int16T = int16 + Int32T = int32 + Int64T = int64 + Uint8T = uint8 + Uint16T = uint16 + Uint32T = uint32 + Uint64T = uint64 + IntLeast8T = int8 + IntLeast16T = int16 + IntLeast32T = int32 + IntLeast64T = int64 + UintLeast8T = uint8 + UintLeast16T = uint16 + UintLeast32T = uint32 + UintLeast64T = uint64 + IntFast8T = int8 + IntFast16T = int32 + IntFast32T = int32 + IntFast64T = int64 + UintFast8T = uint8 + UintFast16T = uint32 + UintFast32T = uint32 + UintFast64T = uint64 + IntmaxT = int64 + UintmaxT = uint64 +) + +// var __imp___va_start gengort.PreloadProc + +// Gengo init function. func init() { __imp___va_start = GengoLibrary.ImportNow("__va_start") __imp___va_start = GengoLibrary.ImportNow("__va_start") @@ -70,12 +75,11 @@ func init() { __imp_GetProcName = GengoLibrary.ImportNow("GetProcName") __imp_GetAllVAddressesOfImports = GengoLibrary.ImportNow("GetAllVAddressesOfImports") } -func _VaStart( **byte) { gengort.CCall1(__imp___va_start.Addr(), gengort.MarshallSyscall("")) } +func _VaStart(**byte) { gengort.CCall1(__imp___va_start.Addr(), gengort.MarshallSyscall("")) } var __imp___va_start gengort.PreloadProc -//func _VaStart( *VaList) { gengort.CCall1(__imp___va_start.Addr(), gengort.MarshallSyscall()) } - +// func _VaStart( *VaList) { gengort.CCall1(__imp___va_start.Addr(), gengort.MarshallSyscall()) } var __imp___security_init_cookie gengort.PreloadProc func _SecurityInitCookie() { gengort.CCall0(__imp___security_init_cookie.Addr()) } diff --git a/gengo/bind/ARImpRec/ARImpRec_test.go b/gengo/bind/ARImpRec/ARImpRec_test.go index 181154997..58a77da57 100644 --- a/gengo/bind/ARImpRec/ARImpRec_test.go +++ b/gengo/bind/ARImpRec/ARImpRec_test.go @@ -9,7 +9,7 @@ import ( ) func TestGetProcName(t *testing.T) { - //GetProcName() + // GetProcName() } func TestARImpRec(t *testing.T) { diff --git a/gengo/bind/ARImpRec/Stderr.log b/gengo/bind/ARImpRec/Stderr.log deleted file mode 100644 index e69de29bb..000000000 diff --git a/gengo/bind/demo/Stderr.log b/gengo/bind/demo/Stderr.log deleted file mode 100644 index e69de29bb..000000000 diff --git a/gengo/bind/demo/cpp/CMakeLists.txt b/gengo/bind/demo/cpp/CMakeLists.txt index d5c393dc7..64552ad50 100644 --- a/gengo/bind/demo/cpp/CMakeLists.txt +++ b/gengo/bind/demo/cpp/CMakeLists.txt @@ -3,4 +3,4 @@ project(demo) set(CMAKE_CXX_STANDARD 17) -add_library(demo SHARED library.cpp) +add_library(demo SHARED library.c) diff --git a/gengo/bind/demo/cpp/library.c b/gengo/bind/demo/cpp/library.c new file mode 100644 index 000000000..739b6d710 --- /dev/null +++ b/gengo/bind/demo/cpp/library.c @@ -0,0 +1,9 @@ +#include "library.h" + +//#include +#include "stdio.h" + +void hello() { +// std::cout << "Hello, World!" << std::endl; + printf("hello dll\n"); +} diff --git a/gengo/bind/demo/cpp/library.cpp b/gengo/bind/demo/cpp/library.cpp deleted file mode 100644 index c441124da..000000000 --- a/gengo/bind/demo/cpp/library.cpp +++ /dev/null @@ -1,7 +0,0 @@ -#include "library.hpp" - -#include - -void hello() { - std::cout << "Hello, World!" << std::endl; -} diff --git a/gengo/bind/demo/cpp/library.hpp b/gengo/bind/demo/cpp/library.h similarity index 100% rename from gengo/bind/demo/cpp/library.hpp rename to gengo/bind/demo/cpp/library.h diff --git a/gengo/bind/demo/demo.dll b/gengo/bind/demo/demo.dll deleted file mode 100644 index 7adf6a744..000000000 Binary files a/gengo/bind/demo/demo.dll and /dev/null differ diff --git a/gengo/bind/demo/demo_test.go b/gengo/bind/demo/demo_test.go index 401b55dad..f77b4ebe5 100644 --- a/gengo/bind/demo/demo_test.go +++ b/gengo/bind/demo/demo_test.go @@ -1,4 +1,4 @@ -package demo +package libdemo import ( "testing" @@ -13,9 +13,9 @@ func TestHello(t *testing.T) { } func TestDemoDll(t *testing.T) { - pkg := gengo.NewPackage("demo") - path := "cpp\\library.hpp" - mylog.Check(pkg.Transform("demo", &clang.Options{ + pkg := gengo.NewPackage("libdemo") + path := "cpp\\library.h" + mylog.Check(pkg.Transform("libdemo", &clang.Options{ Sources: []string{path}, AdditionalParams: []string{}, }), diff --git a/gengo/bind/demo/libdemo.dll b/gengo/bind/demo/libdemo.dll new file mode 100644 index 000000000..8385cb5bd Binary files /dev/null and b/gengo/bind/demo/libdemo.dll differ diff --git a/gengo/bind/demo/demo.go b/gengo/bind/demo/libdemo.go similarity index 78% rename from gengo/bind/demo/demo.go rename to gengo/bind/demo/libdemo.go index 5b8b771e8..433af017e 100644 --- a/gengo/bind/demo/demo.go +++ b/gengo/bind/demo/libdemo.go @@ -1,11 +1,11 @@ // Code generated by gengo. DO NOT EDIT. -package demo +package libdemo import ( "github.com/can1357/gengo/gengort" ) -const GengoLibraryName = "demo" +const GengoLibraryName = "libdemo" var GengoLibrary = gengort.NewLibrary(GengoLibraryName) @@ -21,5 +21,5 @@ type ( var __imp_hello gengort.PreloadProc // Gengo init function. -func init() { __imp_hello = GengoLibrary.ImportNow("?hello@@YAXXZ") } +func init() { __imp_hello = GengoLibrary.ImportNow("hello") } func Hello() { gengort.CCall0(__imp_hello.Addr()) } diff --git a/gengo/bind/sdk/Stderr.log b/gengo/bind/sdk/Stderr.log deleted file mode 100644 index 99641c484..000000000 --- a/gengo/bind/sdk/Stderr.log +++ /dev/null @@ -1,59 +0,0 @@ -D:\workspace\workspace\branch\gui\bin\debug\SDK\Imports\HyperDbgVmmImports.h:23:19: error: unknown type name 'NTSTATUS' - 23 | IMPORT_EXPORT_VMM NTSTATUS - | ^ -D:\workspace\workspace\branch\gui\bin\debug\SDK\Imports\HyperDbgVmmImports.h:29:19: error: unknown type name 'VOID' - 29 | IMPORT_EXPORT_VMM VOID - | ^ -D:\workspace\workspace\branch\gui\bin\debug\SDK\Imports\HyperDbgVmmImports.h:30:27: error: unknown type name 'UINT32' - 30 | VmFuncPerformRipIncrement(UINT32 CoreId); - | ^ -D:\workspace\workspace\branch\gui\bin\debug\SDK\Imports\HyperDbgVmmImports.h:32:19: error: unknown type name 'VOID' - 32 | IMPORT_EXPORT_VMM VOID - | ^ -D:\workspace\workspace\branch\gui\bin\debug\SDK\Imports\HyperDbgVmmImports.h:33:28: error: unknown type name 'UINT32' - 33 | VmFuncSuppressRipIncrement(UINT32 CoreId); - | ^ -D:\workspace\workspace\branch\gui\bin\debug\SDK\Imports\HyperDbgVmmImports.h:35:19: error: unknown type name 'VOID' - 35 | IMPORT_EXPORT_VMM VOID - | ^ -D:\workspace\workspace\branch\gui\bin\debug\SDK\Imports\HyperDbgVmmImports.h:36:31: error: unknown type name 'UINT32' - 36 | VmFuncChangeMtfUnsettingState(UINT32 CoreId, BOOLEAN Set); - | ^ -D:\workspace\workspace\branch\gui\bin\debug\SDK\Imports\HyperDbgVmmImports.h:36:46: error: unknown type name 'BOOLEAN' - 36 | VmFuncChangeMtfUnsettingState(UINT32 CoreId, BOOLEAN Set); - | ^ -D:\workspace\workspace\branch\gui\bin\debug\SDK\Imports\HyperDbgVmmImports.h:38:19: error: unknown type name 'VOID' - 38 | IMPORT_EXPORT_VMM VOID - | ^ -D:\workspace\workspace\branch\gui\bin\debug\SDK\Imports\HyperDbgVmmImports.h:39:31: error: unknown type name 'UINT32' - 39 | VmFuncChangeIgnoreOneMtfState(UINT32 CoreId, BOOLEAN Set); - | ^ -D:\workspace\workspace\branch\gui\bin\debug\SDK\Imports\HyperDbgVmmImports.h:39:46: error: unknown type name 'BOOLEAN' - 39 | VmFuncChangeIgnoreOneMtfState(UINT32 CoreId, BOOLEAN Set); - | ^ -D:\workspace\workspace\branch\gui\bin\debug\SDK\Imports\HyperDbgVmmImports.h:41:19: error: unknown type name 'VOID' - 41 | IMPORT_EXPORT_VMM VOID - | ^ -D:\workspace\workspace\branch\gui\bin\debug\SDK\Imports\HyperDbgVmmImports.h:42:26: error: unknown type name 'BOOLEAN' - 42 | VmFuncSetMonitorTrapFlag(BOOLEAN Set); - | ^ -D:\workspace\workspace\branch\gui\bin\debug\SDK\Imports\HyperDbgVmmImports.h:44:19: error: unknown type name 'VOID' - 44 | IMPORT_EXPORT_VMM VOID - | ^ -D:\workspace\workspace\branch\gui\bin\debug\SDK\Imports\HyperDbgVmmImports.h:45:24: error: unknown type name 'BOOLEAN' - 45 | VmFuncSetRflagTrapFlag(BOOLEAN Set); - | ^ -D:\workspace\workspace\branch\gui\bin\debug\SDK\Imports\HyperDbgVmmImports.h:47:19: error: unknown type name 'VOID' - 47 | IMPORT_EXPORT_VMM VOID - | ^ -D:\workspace\workspace\branch\gui\bin\debug\SDK\Imports\HyperDbgVmmImports.h:48:24: error: unknown type name 'UINT32' - 48 | VmFuncRegisterMtfBreak(UINT32 CoreId); - | ^ -D:\workspace\workspace\branch\gui\bin\debug\SDK\Imports\HyperDbgVmmImports.h:50:19: error: unknown type name 'VOID' - 50 | IMPORT_EXPORT_VMM VOID - | ^ -D:\workspace\workspace\branch\gui\bin\debug\SDK\Imports\HyperDbgVmmImports.h:51:26: error: unknown type name 'UINT32' - 51 | VmFuncUnRegisterMtfBreak(UINT32 CoreId); - | ^ -fatal error: too many errors emitted, stopping now [-ferror-limit=] -20 errors generated. diff --git a/gengo/bind/sdk/sdk_test.go b/gengo/bind/sdk/sdk_test.go index 5233540ca..215ddf1fa 100644 --- a/gengo/bind/sdk/sdk_test.go +++ b/gengo/bind/sdk/sdk_test.go @@ -1,7 +1,6 @@ package sdk import ( - "io" "io/fs" "os" "path/filepath" @@ -36,20 +35,25 @@ func TestName(t *testing.T) { func TestBindAll(t *testing.T) { mylog.Warning("cpp stl not supported") root := "../../../bin/debug" - root = "D:\\workspace\\workspace\\branch\\gui\\bin\\debug\\SDK\\Imports" + root = "D:\\workspace\\workspace\\branch\\gui\\bin\\debug\\SDK\\HyperDbgSdk.h" + // root = "D:\\workspace\\workspace\\branch\\gui\\bin\\debug\\SDK\\Imports" + Sources := []string{} filepath.Walk(root, func(path string, info fs.FileInfo, err error) error { if filepath.Ext(path) == ".h" { - if strings.Contains(path, "Examples") { //todo bug:Imports dir was skipped + if strings.Contains(path, "Examples") { // todo bug:Imports dir was skipped return err } - mylog.Trace("binding", path) - mylog.Call(func() { bindOne(path) }) + // mylog.Trace("binding", path) + // mylog.Call(func() { bindOne(path) }) + Sources = append(Sources, path) } return err }) + mylog.Check(os.Chdir("../../../bin/debug")) + mylog.Call(func() { bindOne(Sources) }) } -func bindOne(path string) { +func bindOne(Sources []string) { // todo "需要实现处理多个dll导出函数的头文件问题," // "是像zydis一样合并头文件还是修改gengo支持的方案好?不确定,都需要尝试一下," // "问题是输出文件是一个而不是多个" @@ -67,7 +71,7 @@ func bindOne(path string) { ), ) mylog.Check(pkg.Transform("HPRDBGCTRL", &clang.Options{ - Sources: []string{path}, + Sources: Sources, AdditionalParams: []string{ //"-DZYAN_NO_LIBC", //"-DZYAN_STATIC_ASSERT", @@ -83,16 +87,20 @@ func bindOne(path string) { //"-IC:\\Program Files (x86)\\Windows Kits\\10\\Include\\10.0.26100.0\\winrt", //"-IC:\\Program Files\\Microsoft Visual Studio\\2022\\Enterprise\\VC\\Tools\\MSVC\\14.40.33807\\include", - "-ID:\\fork\\HyperDbg\\hyperdbg\\hprdbgctrl", - "-ID:\\fork\\HyperDbg\\hyperdbg\\hprdbghv", - "-ID:\\fork\\HyperDbg\\hyperdbg\\hprdbgctrl\\header", - "-ID:\\fork\\HyperDbg\\hyperdbg\\include", - "-ID:\\fork\\HyperDbg\\hyperdbg\\dependencies", - "-ID:\\fork\\HyperDbg\\hyperdbg\\dependencies\\phnt", + //"-ID:\\fork\\HyperDbg\\hyperdbg\\hprdbgctrl", + //"-ID:\\fork\\HyperDbg\\hyperdbg\\hprdbghv", + //"-ID:\\fork\\HyperDbg\\hyperdbg\\hprdbgctrl\\header", + //"-ID:\\fork\\HyperDbg\\hyperdbg\\include", + //"-ID:\\fork\\HyperDbg\\hyperdbg\\dependencies", + //"-ID:\\fork\\HyperDbg\\hyperdbg\\dependencies\\phnt", + //"-ID:\\workspace\\workspace\\branch\\gui\\bin\\debug\\SDK", + "-I.", }, })) - // mylog.Check(pkg.WriteToDir("../../../bin/debug")) - pkg.Fprint(func(path_ string) (io.WriteCloser, error) { - return os.Create(path + ".go") - }) + return + mylog.Check(pkg.WriteToDir("../../../bin/debug")) + //return + //pkg.Fprint(func(path_ string) (io.WriteCloser, error) { + // return os.Create(path + ".go") + //}) } diff --git a/gengo/bind/sdkMerge/93081c5cac5595c980312ec52e6ca8ce-d89cd6ba37a3d23a1daf6af984d0f8df2da70838.zip b/gengo/bind/sdkMerge/93081c5cac5595c980312ec52e6ca8ce-d89cd6ba37a3d23a1daf6af984d0f8df2da70838.zip new file mode 100644 index 000000000..07ed70073 Binary files /dev/null and b/gengo/bind/sdkMerge/93081c5cac5595c980312ec52e6ca8ce-d89cd6ba37a3d23a1daf6af984d0f8df2da70838.zip differ diff --git a/gengo/bind/sdkMerge/HPRDBGCTRL.go b/gengo/bind/sdkMerge/HPRDBGCTRL.go new file mode 100644 index 000000000..740ff3285 --- /dev/null +++ b/gengo/bind/sdkMerge/HPRDBGCTRL.go @@ -0,0 +1,1617 @@ +// Code generated by gengo. DO NOT EDIT. +package sdk + +import ( + "unsafe" + "github.com/can1357/gengo/gengort" +) + +const GengoLibraryName = "HPRDBGCTRL" + +var GengoLibrary = gengort.NewLibrary(GengoLibraryName) + +// @brief enum for reasons why debuggee is paused +type DebuggeePausingReason int32 + +const ( + DEBUGGEE_PAUSING_REASON_NOT_PAUSED DebuggeePausingReason = 0 + DEBUGGEE_PAUSING_REASON_PAUSE DebuggeePausingReason = 1 + DEBUGGEE_PAUSING_REASON_REQUEST_FROM_DEBUGGER DebuggeePausingReason = 2 + DEBUGGEE_PAUSING_REASON_DEBUGGEE_STEPPED DebuggeePausingReason = 3 + DEBUGGEE_PAUSING_REASON_DEBUGGEE_TRACKING_STEPPED DebuggeePausingReason = 4 + DEBUGGEE_PAUSING_REASON_DEBUGGEE_SOFTWARE_BREAKPOINT_HIT DebuggeePausingReason = 5 + DEBUGGEE_PAUSING_REASON_DEBUGGEE_HARDWARE_DEBUG_REGISTER_HIT DebuggeePausingReason = 6 + DEBUGGEE_PAUSING_REASON_DEBUGGEE_CORE_SWITCHED DebuggeePausingReason = 7 + DEBUGGEE_PAUSING_REASON_DEBUGGEE_PROCESS_SWITCHED DebuggeePausingReason = 8 + DEBUGGEE_PAUSING_REASON_DEBUGGEE_THREAD_SWITCHED DebuggeePausingReason = 9 + DEBUGGEE_PAUSING_REASON_DEBUGGEE_COMMAND_EXECUTION_FINISHED DebuggeePausingReason = 10 + DEBUGGEE_PAUSING_REASON_DEBUGGEE_EVENT_TRIGGERED DebuggeePausingReason = 11 + DEBUGGEE_PAUSING_REASON_DEBUGGEE_STARTING_MODULE_LOADED DebuggeePausingReason = 12 + DEBUGGEE_PAUSING_REASON_DEBUGGEE_GENERAL_DEBUG_BREAK DebuggeePausingReason = 13 + DEBUGGEE_PAUSING_REASON_DEBUGGEE_GENERAL_THREAD_INTERCEPTED DebuggeePausingReason = 14 + DEBUGGEE_PAUSING_REASON_HARDWARE_BASED_DEBUGGEE_GENERAL_BREAK DebuggeePausingReason = 15 +) + +// @brief enum for requested action for HyperDbg packet +type DebuggerRemotePacketRequestedAction int32 + +const ( + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_USER_MODE_PAUSE DebuggerRemotePacketRequestedAction = 1 + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_USER_MODE_DO_NOT_READ_ANY_PACKET DebuggerRemotePacketRequestedAction = 2 + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_USER_MODE_DEBUGGER_VERSION DebuggerRemotePacketRequestedAction = 3 + DEBUGGER_REMOTE_PACKET_PING_AND_SEND_SUPPORTED_VERSION DebuggerRemotePacketRequestedAction = 4 + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_MODE_STEP DebuggerRemotePacketRequestedAction = 5 + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_MODE_CONTINUE DebuggerRemotePacketRequestedAction = 6 + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_MODE_CLOSE_AND_UNLOAD_DEBUGGEE DebuggerRemotePacketRequestedAction = 7 + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_MODE_CHANGE_CORE DebuggerRemotePacketRequestedAction = 8 + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_MODE_FLUSH_BUFFERS DebuggerRemotePacketRequestedAction = 9 + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_MODE_CALLSTACK DebuggerRemotePacketRequestedAction = 10 + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_MODE_TEST_QUERY DebuggerRemotePacketRequestedAction = 11 + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_MODE_CHANGE_PROCESS DebuggerRemotePacketRequestedAction = 12 + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_MODE_CHANGE_THREAD DebuggerRemotePacketRequestedAction = 13 + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_RUN_SCRIPT DebuggerRemotePacketRequestedAction = 14 + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_USER_INPUT_BUFFER DebuggerRemotePacketRequestedAction = 15 + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_SEARCH_QUERY DebuggerRemotePacketRequestedAction = 16 + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_REGISTER_EVENT DebuggerRemotePacketRequestedAction = 17 + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_ADD_ACTION_TO_EVENT DebuggerRemotePacketRequestedAction = 18 + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_QUERY_AND_MODIFY_EVENT DebuggerRemotePacketRequestedAction = 19 + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_READ_REGISTERS DebuggerRemotePacketRequestedAction = 20 + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_READ_MEMORY DebuggerRemotePacketRequestedAction = 21 + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_EDIT_MEMORY DebuggerRemotePacketRequestedAction = 22 + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_BP DebuggerRemotePacketRequestedAction = 23 + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_LIST_OR_MODIFY_BREAKPOINTS DebuggerRemotePacketRequestedAction = 24 + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_SYMBOL_RELOAD DebuggerRemotePacketRequestedAction = 25 + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_QUERY_PA2VA_AND_VA2PA DebuggerRemotePacketRequestedAction = 26 + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_SYMBOL_QUERY_PTE DebuggerRemotePacketRequestedAction = 27 + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_SET_SHORT_CIRCUITING_STATE DebuggerRemotePacketRequestedAction = 28 + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_INJECT_PAGE_FAULT DebuggerRemotePacketRequestedAction = 29 + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_NO_ACTION DebuggerRemotePacketRequestedAction = 30 + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_STARTED DebuggerRemotePacketRequestedAction = 31 + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_LOGGING_MECHANISM DebuggerRemotePacketRequestedAction = 32 + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_PAUSED_AND_CURRENT_INSTRUCTION DebuggerRemotePacketRequestedAction = 33 + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_CHANGING_CORE DebuggerRemotePacketRequestedAction = 34 + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_CHANGING_PROCESS DebuggerRemotePacketRequestedAction = 35 + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_CHANGING_THREAD DebuggerRemotePacketRequestedAction = 36 + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_RUNNING_SCRIPT DebuggerRemotePacketRequestedAction = 37 + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_FORMATS DebuggerRemotePacketRequestedAction = 38 + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_FLUSH DebuggerRemotePacketRequestedAction = 39 + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_CALLSTACK DebuggerRemotePacketRequestedAction = 40 + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_TEST_QUERY DebuggerRemotePacketRequestedAction = 41 + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_REGISTERING_EVENT DebuggerRemotePacketRequestedAction = 42 + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_ADDING_ACTION_TO_EVENT DebuggerRemotePacketRequestedAction = 43 + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_QUERY_AND_MODIFY_EVENT DebuggerRemotePacketRequestedAction = 44 + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_SHORT_CIRCUITING_EVENT DebuggerRemotePacketRequestedAction = 45 + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_READING_REGISTERS DebuggerRemotePacketRequestedAction = 46 + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_READING_MEMORY DebuggerRemotePacketRequestedAction = 47 + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_EDITING_MEMORY DebuggerRemotePacketRequestedAction = 48 + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_BP DebuggerRemotePacketRequestedAction = 49 + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_SHORT_CIRCUITING_STATE DebuggerRemotePacketRequestedAction = 50 + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_LIST_OR_MODIFY_BREAKPOINTS DebuggerRemotePacketRequestedAction = 51 + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_UPDATE_SYMBOL_INFO DebuggerRemotePacketRequestedAction = 52 + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RELOAD_SYMBOL_FINISHED DebuggerRemotePacketRequestedAction = 53 + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RELOAD_SEARCH_QUERY DebuggerRemotePacketRequestedAction = 54 + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_PTE DebuggerRemotePacketRequestedAction = 55 + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_VA2PA_AND_PA2VA DebuggerRemotePacketRequestedAction = 56 + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_BRINGING_PAGES_IN DebuggerRemotePacketRequestedAction = 57 +) + +// @brief enum for different packet types in HyperDbg packets +// +// @warning used in hwdbg +type DebuggerRemotePacketType int32 + +const ( + DEBUGGER_REMOTE_PACKET_TYPE_DEBUGGER_TO_DEBUGGEE_EXECUTE_ON_VMX_ROOT DebuggerRemotePacketType = 1 + DEBUGGER_REMOTE_PACKET_TYPE_DEBUGGER_TO_DEBUGGEE_EXECUTE_ON_USER_MODE DebuggerRemotePacketType = 2 + DEBUGGER_REMOTE_PACKET_TYPE_DEBUGGEE_TO_DEBUGGER DebuggerRemotePacketType = 3 + DEBUGGER_REMOTE_PACKET_TYPE_DEBUGGER_TO_DEBUGGEE_HARDWARE_LEVEL DebuggerRemotePacketType = 4 + DEBUGGER_REMOTE_PACKET_TYPE_DEBUGGEE_TO_DEBUGGER_HARDWARE_LEVEL DebuggerRemotePacketType = 5 +) + +// @brief Different levels of paging +type PagingLevel int32 + +const ( + PAGING_LEVEL_PAGE_TABLE PagingLevel = 0 + PAGING_LEVEL_PAGE_DIRECTORY PagingLevel = 1 + PAGING_LEVEL_PAGE_DIRECTORY_POINTER_TABLE PagingLevel = 2 + PAGING_LEVEL_PAGE_MAP_LEVEL4 PagingLevel = 3 +) + +// @brief Inum of intentions for buffers (buffer tag) +type PoolAllocationIntention int32 + +const ( + TRACKING_HOOKED_PAGES PoolAllocationIntention = 0 + EXEC_TRAMPOLINE PoolAllocationIntention = 1 + SPLIT_2MB_PAGING_TO_4KB_PAGE PoolAllocationIntention = 2 + DETOUR_HOOK_DETAILS PoolAllocationIntention = 3 + BREAKPOINT_DEFINITION_STRUCTURE PoolAllocationIntention = 4 + PROCESS_THREAD_HOLDER PoolAllocationIntention = 5 + INSTANT_REGULAR_EVENT_BUFFER PoolAllocationIntention = 6 + INSTANT_BIG_EVENT_BUFFER PoolAllocationIntention = 7 + INSTANT_REGULAR_EVENT_ACTION_BUFFER PoolAllocationIntention = 8 + INSTANT_BIG_EVENT_ACTION_BUFFER PoolAllocationIntention = 9 + INSTANT_REGULAR_SAFE_BUFFER_FOR_EVENTS PoolAllocationIntention = 10 + INSTANT_BIG_SAFE_BUFFER_FOR_EVENTS PoolAllocationIntention = 11 +) + +// /////////////////////////////////////////////// +type DebugRegisterType int32 + +const ( + BREAK_ON_INSTRUCTION_FETCH DebugRegisterType = 0 + BREAK_ON_WRITE_ONLY DebugRegisterType = 1 + BREAK_ON_IO_READ_OR_WRITE_NOT_SUPPORTED DebugRegisterType = 2 + BREAK_ON_READ_AND_WRITE_BUT_NOT_FETCH DebugRegisterType = 3 +) + +// /////////////////////////////////////////////// +type VmxExecutionMode int32 + +const ( + VMX_EXECUTION_MODE_NON_ROOT VmxExecutionMode = 0 + VMX_EXECUTION_MODE_ROOT VmxExecutionMode = 1 +) + +// @brief Type of calling the event +type VmmCallbackEventCallingStageType int32 + +const ( + VMM_CALLBACK_CALLING_STAGE_INVALID_EVENT_EMULATION VmmCallbackEventCallingStageType = 0 + VMM_CALLBACK_CALLING_STAGE_PRE_EVENT_EMULATION VmmCallbackEventCallingStageType = 1 + VMM_CALLBACK_CALLING_STAGE_POST_EVENT_EMULATION VmmCallbackEventCallingStageType = 2 + VMM_CALLBACK_CALLING_STAGE_ALL_EVENT_EMULATION VmmCallbackEventCallingStageType = 3 +) + +// @brief enum to query different process and thread interception mechanisms +type DebuggerThreadProcessTracing int32 + +const ( + DEBUGGER_THREAD_PROCESS_TRACING_INTERCEPT_CLOCK_INTERRUPTS_FOR_THREAD_CHANGE DebuggerThreadProcessTracing = 0 + DEBUGGER_THREAD_PROCESS_TRACING_INTERCEPT_CLOCK_INTERRUPTS_FOR_PROCESS_CHANGE DebuggerThreadProcessTracing = 1 + DEBUGGER_THREAD_PROCESS_TRACING_INTERCEPT_CLOCK_DEBUG_REGISTER_INTERCEPTION DebuggerThreadProcessTracing = 2 + DEBUGGER_THREAD_PROCESS_TRACING_INTERCEPT_CLOCK_WAITING_FOR_MOV_CR3_VM_EXITS DebuggerThreadProcessTracing = 3 +) + +// @brief Type of transferring buffer between user-to-kernel +type NotifyType int32 + +const ( + IRP_BASED NotifyType = 0 + EVENT_BASED NotifyType = 1 +) + +// @brief different type of memory addresses +type DebuggerHookMemoryType int32 + +const ( + DEBUGGER_MEMORY_HOOK_VIRTUAL_ADDRESS DebuggerHookMemoryType = 0 + DEBUGGER_MEMORY_HOOK_PHYSICAL_ADDRESS DebuggerHookMemoryType = 1 +) + +// @brief Exceptions enum +type ExceptionVectors int32 + +const ( + EXCEPTION_VECTOR_DIVIDE_ERROR ExceptionVectors = 0 + EXCEPTION_VECTOR_DEBUG_BREAKPOINT ExceptionVectors = 1 + EXCEPTION_VECTOR_NMI ExceptionVectors = 2 + EXCEPTION_VECTOR_BREAKPOINT ExceptionVectors = 3 + EXCEPTION_VECTOR_OVERFLOW ExceptionVectors = 4 + EXCEPTION_VECTOR_BOUND_RANGE_EXCEEDED ExceptionVectors = 5 + EXCEPTION_VECTOR_UNDEFINED_OPCODE ExceptionVectors = 6 + EXCEPTION_VECTOR_NO_MATH_COPROCESSOR ExceptionVectors = 7 + EXCEPTION_VECTOR_DOUBLE_FAULT ExceptionVectors = 8 + EXCEPTION_VECTOR_RESERVED0 ExceptionVectors = 9 + EXCEPTION_VECTOR_INVALID_TASK_SEGMENT_SELECTOR ExceptionVectors = 10 + EXCEPTION_VECTOR_SEGMENT_NOT_PRESENT ExceptionVectors = 11 + EXCEPTION_VECTOR_STACK_SEGMENT_FAULT ExceptionVectors = 12 + EXCEPTION_VECTOR_GENERAL_PROTECTION_FAULT ExceptionVectors = 13 + EXCEPTION_VECTOR_PAGE_FAULT ExceptionVectors = 14 + EXCEPTION_VECTOR_RESERVED1 ExceptionVectors = 15 + EXCEPTION_VECTOR_MATH_FAULT ExceptionVectors = 16 + EXCEPTION_VECTOR_ALIGNMENT_CHECK ExceptionVectors = 17 + EXCEPTION_VECTOR_MACHINE_CHECK ExceptionVectors = 18 + EXCEPTION_VECTOR_SIMD_FLOATING_POINT_NUMERIC_ERROR ExceptionVectors = 19 + EXCEPTION_VECTOR_VIRTUAL_EXCEPTION ExceptionVectors = 20 + EXCEPTION_VECTOR_RESERVED2 ExceptionVectors = 21 + EXCEPTION_VECTOR_RESERVED3 ExceptionVectors = 22 + EXCEPTION_VECTOR_RESERVED4 ExceptionVectors = 23 + EXCEPTION_VECTOR_RESERVED5 ExceptionVectors = 24 + EXCEPTION_VECTOR_RESERVED6 ExceptionVectors = 25 + EXCEPTION_VECTOR_RESERVED7 ExceptionVectors = 26 + EXCEPTION_VECTOR_RESERVED8 ExceptionVectors = 27 + EXCEPTION_VECTOR_RESERVED9 ExceptionVectors = 28 + EXCEPTION_VECTOR_RESERVED10 ExceptionVectors = 29 + EXCEPTION_VECTOR_RESERVED11 ExceptionVectors = 30 + EXCEPTION_VECTOR_RESERVED12 ExceptionVectors = 31 + APC_INTERRUPT ExceptionVectors = 31 + DPC_INTERRUPT ExceptionVectors = 47 + CLOCK_INTERRUPT ExceptionVectors = 209 + IPI_INTERRUPT ExceptionVectors = 225 + PMI_INTERRUPT ExceptionVectors = 254 +) + +// @brief The status of triggering events +type VmmCallbackTriggeringEventStatusType int32 + +const ( + VMM_CALLBACK_TRIGGERING_EVENT_STATUS_SUCCESSFUL_NO_INITIALIZED VmmCallbackTriggeringEventStatusType = 0 + VMM_CALLBACK_TRIGGERING_EVENT_STATUS_SUCCESSFUL VmmCallbackTriggeringEventStatusType = 0 + VMM_CALLBACK_TRIGGERING_EVENT_STATUS_SUCCESSFUL_IGNORE_EVENT VmmCallbackTriggeringEventStatusType = 1 + VMM_CALLBACK_TRIGGERING_EVENT_STATUS_DEBUGGER_NOT_ENABLED VmmCallbackTriggeringEventStatusType = 2 + VMM_CALLBACK_TRIGGERING_EVENT_STATUS_INVALID_EVENT_TYPE VmmCallbackTriggeringEventStatusType = 3 +) + +// @brief enum to show type of all HyperDbg events +type VmmEventTypeEnum int32 + +const ( + HIDDEN_HOOK_READ_AND_WRITE_AND_EXECUTE VmmEventTypeEnum = 0 + HIDDEN_HOOK_READ_AND_WRITE VmmEventTypeEnum = 1 + HIDDEN_HOOK_READ_AND_EXECUTE VmmEventTypeEnum = 2 + HIDDEN_HOOK_WRITE_AND_EXECUTE VmmEventTypeEnum = 3 + HIDDEN_HOOK_READ VmmEventTypeEnum = 4 + HIDDEN_HOOK_WRITE VmmEventTypeEnum = 5 + HIDDEN_HOOK_EXECUTE VmmEventTypeEnum = 6 + HIDDEN_HOOK_EXEC_DETOURS VmmEventTypeEnum = 7 + HIDDEN_HOOK_EXEC_CC VmmEventTypeEnum = 8 + SYSCALL_HOOK_EFER_SYSCALL VmmEventTypeEnum = 9 + SYSCALL_HOOK_EFER_SYSRET VmmEventTypeEnum = 10 + CPUID_INSTRUCTION_EXECUTION VmmEventTypeEnum = 11 + RDMSR_INSTRUCTION_EXECUTION VmmEventTypeEnum = 12 + WRMSR_INSTRUCTION_EXECUTION VmmEventTypeEnum = 13 + IN_INSTRUCTION_EXECUTION VmmEventTypeEnum = 14 + OUT_INSTRUCTION_EXECUTION VmmEventTypeEnum = 15 + EXCEPTION_OCCURRED VmmEventTypeEnum = 16 + EXTERNAL_INTERRUPT_OCCURRED VmmEventTypeEnum = 17 + DEBUG_REGISTERS_ACCESSED VmmEventTypeEnum = 18 + TSC_INSTRUCTION_EXECUTION VmmEventTypeEnum = 19 + PMC_INSTRUCTION_EXECUTION VmmEventTypeEnum = 20 + VMCALL_INSTRUCTION_EXECUTION VmmEventTypeEnum = 21 + CONTROL_REGISTER_MODIFIED VmmEventTypeEnum = 22 + CONTROL_REGISTER_READ VmmEventTypeEnum = 23 + CONTROL_REGISTER_3_MODIFIED VmmEventTypeEnum = 24 + TRAP_EXECUTION_MODE_CHANGED VmmEventTypeEnum = 25 + TRAP_EXECUTION_INSTRUCTION_TRACE VmmEventTypeEnum = 26 +) + +// @brief Type of Actions +type DebuggerEventActionTypeEnum int32 + +const ( + BREAK_TO_DEBUGGER DebuggerEventActionTypeEnum = 0 + RUN_SCRIPT DebuggerEventActionTypeEnum = 1 + RUN_CUSTOM_CODE DebuggerEventActionTypeEnum = 2 +) + +// @brief Type of handling !syscall or !sysret +type DebuggerEventSyscallSysretType int32 + +const ( + DEBUGGER_EVENT_SYSCALL_SYSRET_SAFE_ACCESS_MEMORY DebuggerEventSyscallSysretType = 0 + DEBUGGER_EVENT_SYSCALL_SYSRET_HANDLE_ALL_UD DebuggerEventSyscallSysretType = 1 +) + +// @brief Type of mode change traps +type DebuggerEventModeType int32 + +const ( + DEBUGGER_EVENT_MODE_TYPE_USER_MODE_AND_KERNEL_MODE DebuggerEventModeType = 1 + DEBUGGER_EVENT_MODE_TYPE_USER_MODE DebuggerEventModeType = 3 + DEBUGGER_EVENT_MODE_TYPE_KERNEL_MODE DebuggerEventModeType = 0 +) + +// @brief Type of tracing events +type DebuggerEventTraceType int32 + +const ( + DEBUGGER_EVENT_TRACE_TYPE_INVALID DebuggerEventTraceType = 0 + DEBUGGER_EVENT_TRACE_TYPE_STEP_IN DebuggerEventTraceType = 1 + DEBUGGER_EVENT_TRACE_TYPE_STEP_OUT DebuggerEventTraceType = 2 + DEBUGGER_EVENT_TRACE_TYPE_INSTRUMENTATION_STEP_IN DebuggerEventTraceType = 3 +) + +// @brief different types of modifying events request (enable/disable/clear) +type DebuggerModifyEventsType int32 + +const ( + DEBUGGER_MODIFY_EVENTS_QUERY_STATE DebuggerModifyEventsType = 0 + DEBUGGER_MODIFY_EVENTS_ENABLE DebuggerModifyEventsType = 1 + DEBUGGER_MODIFY_EVENTS_DISABLE DebuggerModifyEventsType = 2 + DEBUGGER_MODIFY_EVENTS_CLEAR DebuggerModifyEventsType = 3 +) + +// @brief Things to consider when applying resources +type ProtectedHvResourcesPassingOvers int32 + +const ( + PASSING_OVER_NONE ProtectedHvResourcesPassingOvers = 0 + PASSING_OVER_UD_EXCEPTIONS_FOR_SYSCALL_SYSRET_HOOK ProtectedHvResourcesPassingOvers = 1 + PASSING_OVER_EXCEPTION_EVENTS ProtectedHvResourcesPassingOvers = 2 + PASSING_OVER_INTERRUPT_EVENTS ProtectedHvResourcesPassingOvers = 3 + PASSING_OVER_TSC_EVENTS ProtectedHvResourcesPassingOvers = 4 + PASSING_OVER_MOV_TO_HW_DEBUG_REGS_EVENTS ProtectedHvResourcesPassingOvers = 5 + PASSING_OVER_MOV_TO_CONTROL_REGS_EVENTS ProtectedHvResourcesPassingOvers = 6 +) + +// @brief Type of protected (multi-used) resources +type ProtectedHvResourcesType int32 + +const ( + PROTECTED_HV_RESOURCES_EXCEPTION_BITMAP ProtectedHvResourcesType = 0 + PROTECTED_HV_RESOURCES_EXTERNAL_INTERRUPT_EXITING ProtectedHvResourcesType = 1 + PROTECTED_HV_RESOURCES_RDTSC_RDTSCP_EXITING ProtectedHvResourcesType = 2 + PROTECTED_HV_RESOURCES_MOV_TO_DEBUG_REGISTER_EXITING ProtectedHvResourcesType = 3 + PROTECTED_HV_RESOURCES_MOV_CONTROL_REGISTER_EXITING ProtectedHvResourcesType = 4 + PROTECTED_HV_RESOURCES_MOV_TO_CR3_EXITING ProtectedHvResourcesType = 5 +) + +// @brief different modes of reconstruct requests +type ReversingMachineReconstructMemoryMode int32 + +const ( + REVERSING_MACHINE_RECONSTRUCT_MEMORY_MODE_UNKNOWN ReversingMachineReconstructMemoryMode = 0 + REVERSING_MACHINE_RECONSTRUCT_MEMORY_MODE_USER_MODE ReversingMachineReconstructMemoryMode = 1 + REVERSING_MACHINE_RECONSTRUCT_MEMORY_MODE_KERNEL_MODE ReversingMachineReconstructMemoryMode = 2 +) + +// @brief different types of reconstruct requests +type ReversingMachineReconstructMemoryType int32 + +const ( + REVERSING_MACHINE_RECONSTRUCT_MEMORY_TYPE_UNKNOWN ReversingMachineReconstructMemoryType = 0 + REVERSING_MACHINE_RECONSTRUCT_MEMORY_TYPE_RECONSTRUCT ReversingMachineReconstructMemoryType = 1 + REVERSING_MACHINE_RECONSTRUCT_MEMORY_TYPE_PATTERN ReversingMachineReconstructMemoryType = 2 +) + +// @brief different types of prealloc requests +type DebuggerPreallocCommandType int32 + +const ( + DEBUGGER_PREALLOC_COMMAND_TYPE_THREAD_INTERCEPTION DebuggerPreallocCommandType = 0 + DEBUGGER_PREALLOC_COMMAND_TYPE_MONITOR DebuggerPreallocCommandType = 1 + DEBUGGER_PREALLOC_COMMAND_TYPE_EPTHOOK DebuggerPreallocCommandType = 2 + DEBUGGER_PREALLOC_COMMAND_TYPE_EPTHOOK2 DebuggerPreallocCommandType = 3 + DEBUGGER_PREALLOC_COMMAND_TYPE_REGULAR_EVENT DebuggerPreallocCommandType = 4 + DEBUGGER_PREALLOC_COMMAND_TYPE_BIG_EVENT DebuggerPreallocCommandType = 5 + DEBUGGER_PREALLOC_COMMAND_TYPE_REGULAR_SAFE_BUFFER DebuggerPreallocCommandType = 6 + DEBUGGER_PREALLOC_COMMAND_TYPE_BIG_SAFE_BUFFER DebuggerPreallocCommandType = 7 +) + +// @brief different types of preactivate requests +type DebuggerPreactivateCommandType int32 + +const DEBUGGER_PREACTIVATE_COMMAND_TYPE_MODE DebuggerPreactivateCommandType = 0 + +// @brief different types of reading memory +type DebuggerReadReadingType int32 + +const ( + READ_FROM_KERNEL DebuggerReadReadingType = 0 + READ_FROM_VMX_ROOT DebuggerReadReadingType = 1 +) + +// @brief different type of addresses +type DebuggerReadMemoryType int32 + +const ( + DEBUGGER_READ_PHYSICAL_ADDRESS DebuggerReadMemoryType = 0 + DEBUGGER_READ_VIRTUAL_ADDRESS DebuggerReadMemoryType = 1 +) + +// @brief the way that debugger should show +// the details of memory or disassemble them +type DebuggerShowMemoryStyle int32 + +const ( + DEBUGGER_SHOW_COMMAND_DT DebuggerShowMemoryStyle = 1 + DEBUGGER_SHOW_COMMAND_DISASSEMBLE64 DebuggerShowMemoryStyle = 2 + DEBUGGER_SHOW_COMMAND_DISASSEMBLE32 DebuggerShowMemoryStyle = 3 + DEBUGGER_SHOW_COMMAND_DB DebuggerShowMemoryStyle = 4 + DEBUGGER_SHOW_COMMAND_DC DebuggerShowMemoryStyle = 5 + DEBUGGER_SHOW_COMMAND_DQ DebuggerShowMemoryStyle = 6 + DEBUGGER_SHOW_COMMAND_DD DebuggerShowMemoryStyle = 7 + DEBUGGER_SHOW_COMMAND_DUMP DebuggerShowMemoryStyle = 8 +) + +// @brief test query used for test purposed +type DebuggerTestQueryState int32 + +const ( + TEST_QUERY_HALTING_CORE_STATUS DebuggerTestQueryState = 1 + TEST_QUERY_PREALLOCATED_POOL_STATE DebuggerTestQueryState = 2 + TEST_QUERY_TRAP_STATE DebuggerTestQueryState = 3 + TEST_BREAKPOINT_TURN_OFF_BPS DebuggerTestQueryState = 4 + TEST_BREAKPOINT_TURN_ON_BPS DebuggerTestQueryState = 5 + TEST_BREAKPOINT_TURN_OFF_BPS_AND_EVENTS_FOR_COMMANDS_IN_REMOTE_COMPUTER DebuggerTestQueryState = 6 + TEST_BREAKPOINT_TURN_ON_BPS_AND_EVENTS_FOR_COMMANDS_IN_REMOTE_COMPUTER DebuggerTestQueryState = 7 + TEST_SETTING_TARGET_TASKS_ON_HALTED_CORES_SYNCHRONOUS DebuggerTestQueryState = 8 + TEST_SETTING_TARGET_TASKS_ON_HALTED_CORES_ASYNCHRONOUS DebuggerTestQueryState = 9 + TEST_SETTING_TARGET_TASKS_ON_TARGET_HALTED_CORES DebuggerTestQueryState = 10 + TEST_BREAKPOINT_TURN_OFF_DBS DebuggerTestQueryState = 11 + TEST_BREAKPOINT_TURN_ON_DBS DebuggerTestQueryState = 12 +) + +// @brief different types of actions on MSRs +type DebuggerMsrActionType int32 + +const ( + DEBUGGER_MSR_READ DebuggerMsrActionType = 0 + DEBUGGER_MSR_WRITE DebuggerMsrActionType = 1 +) + +// @brief different type of addresses for editing memory +type DebuggerEditMemoryType int32 + +const ( + EDIT_PHYSICAL_MEMORY DebuggerEditMemoryType = 0 + EDIT_VIRTUAL_MEMORY DebuggerEditMemoryType = 1 +) + +// @brief size of editing memory +type DebuggerEditMemoryByteSize int32 + +const ( + EDIT_BYTE DebuggerEditMemoryByteSize = 0 + EDIT_DWORD DebuggerEditMemoryByteSize = 1 + EDIT_QWORD DebuggerEditMemoryByteSize = 2 +) + +// @brief different types of address for searching on memory +type DebuggerSearchMemoryType int32 + +const ( + SEARCH_PHYSICAL_MEMORY DebuggerSearchMemoryType = 0 + SEARCH_VIRTUAL_MEMORY DebuggerSearchMemoryType = 1 + SEARCH_PHYSICAL_FROM_VIRTUAL_MEMORY DebuggerSearchMemoryType = 2 +) + +// @brief different sizes on searching memory +type DebuggerSearchMemoryByteSize int32 + +const ( + SEARCH_BYTE DebuggerSearchMemoryByteSize = 0 + SEARCH_DWORD DebuggerSearchMemoryByteSize = 1 + SEARCH_QWORD DebuggerSearchMemoryByteSize = 2 +) + +// @brief different actions of switchings +type DebuggerAttachDetachUserModeProcessActionType int32 + +const ( + DEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS_ACTION_ATTACH DebuggerAttachDetachUserModeProcessActionType = 0 + DEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS_ACTION_DETACH DebuggerAttachDetachUserModeProcessActionType = 1 + DEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS_ACTION_REMOVE_HOOKS DebuggerAttachDetachUserModeProcessActionType = 2 + DEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS_ACTION_KILL_PROCESS DebuggerAttachDetachUserModeProcessActionType = 3 + DEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS_ACTION_PAUSE_PROCESS DebuggerAttachDetachUserModeProcessActionType = 4 + DEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS_ACTION_SWITCH_BY_PROCESS_OR_THREAD DebuggerAttachDetachUserModeProcessActionType = 5 + DEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS_ACTION_QUERY_COUNT_OF_ACTIVE_DEBUGGING_THREADS DebuggerAttachDetachUserModeProcessActionType = 6 +) + +// @brief different type of process or thread queries +type DebuggerQueryActiveProcessesOrThreadsTypes int32 + +const ( + DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_QUERY_PROCESS_COUNT DebuggerQueryActiveProcessesOrThreadsTypes = 1 + DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_QUERY_THREAD_COUNT DebuggerQueryActiveProcessesOrThreadsTypes = 2 + DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_QUERY_PROCESS_LIST DebuggerQueryActiveProcessesOrThreadsTypes = 3 + DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_QUERY_THREAD_LIST DebuggerQueryActiveProcessesOrThreadsTypes = 4 + DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_QUERY_CURRENT_PROCESS DebuggerQueryActiveProcessesOrThreadsTypes = 5 + DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_QUERY_CURRENT_THREAD DebuggerQueryActiveProcessesOrThreadsTypes = 6 +) + +// @brief different actions on showing or querying list of process or threads +type DebuggerQueryActiveProcessesOrThreadsActions int32 + +const ( + DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_ACTION_SHOW_INSTANTLY DebuggerQueryActiveProcessesOrThreadsActions = 1 + DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_ACTION_QUERY_COUNT DebuggerQueryActiveProcessesOrThreadsActions = 2 + DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_ACTION_QUERY_SAVE_DETAILS DebuggerQueryActiveProcessesOrThreadsActions = 3 +) + +// @brief callstack showing method +type DebuggerCallstackDisplayMethod int32 + +const ( + DEBUGGER_CALLSTACK_DISPLAY_METHOD_WITHOUT_PARAMS DebuggerCallstackDisplayMethod = 0 + DEBUGGER_CALLSTACK_DISPLAY_METHOD_WITH_PARAMS DebuggerCallstackDisplayMethod = 1 +) + +// @brief User-mode debugging actions +type DebuggerUdCommandActionType int32 + +const ( + DEBUGGER_UD_COMMAND_ACTION_TYPE_NONE DebuggerUdCommandActionType = 0 + DEBUGGER_UD_COMMAND_ACTION_TYPE_PAUSE DebuggerUdCommandActionType = 1 + DEBUGGER_UD_COMMAND_ACTION_TYPE_CONTINUE DebuggerUdCommandActionType = 2 + DEBUGGER_UD_COMMAND_ACTION_TYPE_REGULAR_STEP DebuggerUdCommandActionType = 3 +) + +// @brief Debugger process switch and process details +type DebuggeeDetailsAndSwitchProcessType int32 + +const ( + DEBUGGEE_DETAILS_AND_SWITCH_PROCESS_GET_PROCESS_DETAILS DebuggeeDetailsAndSwitchProcessType = 0 + DEBUGGEE_DETAILS_AND_SWITCH_PROCESS_GET_PROCESS_LIST DebuggeeDetailsAndSwitchProcessType = 1 + DEBUGGEE_DETAILS_AND_SWITCH_PROCESS_PERFORM_SWITCH DebuggeeDetailsAndSwitchProcessType = 2 +) + +// @brief Debugger thread switch and thread details +type DebuggeeDetailsAndSwitchThreadType int32 + +const ( + DEBUGGEE_DETAILS_AND_SWITCH_THREAD_PERFORM_SWITCH DebuggeeDetailsAndSwitchThreadType = 0 + DEBUGGEE_DETAILS_AND_SWITCH_THREAD_GET_THREAD_DETAILS DebuggeeDetailsAndSwitchThreadType = 1 + DEBUGGEE_DETAILS_AND_SWITCH_THREAD_GET_THREAD_LIST DebuggeeDetailsAndSwitchThreadType = 2 +) + +// @brief stepping and tracking types +type DebuggerRemoteSteppingRequest int32 + +const ( + DEBUGGER_REMOTE_STEPPING_REQUEST_STEP_IN DebuggerRemoteSteppingRequest = 0 + DEBUGGER_REMOTE_STEPPING_REQUEST_INSTRUMENTATION_STEP_IN DebuggerRemoteSteppingRequest = 1 + DEBUGGER_REMOTE_STEPPING_REQUEST_INSTRUMENTATION_STEP_IN_FOR_TRACKING DebuggerRemoteSteppingRequest = 2 + DEBUGGER_REMOTE_STEPPING_REQUEST_STEP_OVER DebuggerRemoteSteppingRequest = 3 + DEBUGGER_REMOTE_STEPPING_REQUEST_STEP_OVER_FOR_GU DebuggerRemoteSteppingRequest = 4 + DEBUGGER_REMOTE_STEPPING_REQUEST_STEP_OVER_FOR_GU_LAST_INSTRUCTION DebuggerRemoteSteppingRequest = 5 +) + +// @brief breakpoint modification types +type DebuggeeBreakpointModificationRequest int32 + +const ( + DEBUGGEE_BREAKPOINT_MODIFICATION_REQUEST_LIST_BREAKPOINTS DebuggeeBreakpointModificationRequest = 0 + DEBUGGEE_BREAKPOINT_MODIFICATION_REQUEST_ENABLE DebuggeeBreakpointModificationRequest = 1 + DEBUGGEE_BREAKPOINT_MODIFICATION_REQUEST_DISABLE DebuggeeBreakpointModificationRequest = 2 + DEBUGGEE_BREAKPOINT_MODIFICATION_REQUEST_CLEAR DebuggeeBreakpointModificationRequest = 3 +) + +// @brief Whether a jump is taken or not taken +type DebuggerConditionalJumpStatus int32 + +const ( + DEBUGGER_CONDITIONAL_JUMP_STATUS_ERROR DebuggerConditionalJumpStatus = 0 + DEBUGGER_CONDITIONAL_JUMP_STATUS_NOT_CONDITIONAL_JUMP DebuggerConditionalJumpStatus = 1 + DEBUGGER_CONDITIONAL_JUMP_STATUS_JUMP_IS_TAKEN DebuggerConditionalJumpStatus = 2 + DEBUGGER_CONDITIONAL_JUMP_STATUS_JUMP_IS_NOT_TAKEN DebuggerConditionalJumpStatus = 3 +) + +// @brief Different action of hwdbg +// +// @warning This file should be changed along with hwdbg files +type HwdbgActionEnums int32 + +const ( + HWDBG_ACTION_SEND_INSTANCE_INFO HwdbgActionEnums = 1 + HWDBG_ACTION_CONFIGURE_SCRIPT_BUFFER HwdbgActionEnums = 2 +) + +// @brief Different responses come from hwdbg +// +// @warning This file should be changed along with hwdbg files +type HwdbgResponseEnums int32 + +const ( + HWDBG_RESPONSE_SUCCESS_OR_ERROR_MESSAGE HwdbgResponseEnums = 1 + HWDBG_RESPONSE_INSTANCE_INFO HwdbgResponseEnums = 2 +) + +// @brief Different success or error codes in hwdbg +// +// @warning This file should be changed along with hwdbg files +type HwdbgSuccessOrErrorEnums int32 + +const ( + HWDBG_OPERATION_WAS_SUCCESSFUL HwdbgSuccessOrErrorEnums = 2147483647 + HWDBG_ERROR_INVALID_PACKET HwdbgSuccessOrErrorEnums = 1 +) + +type ListEntry struct { + Flink *ListEntry + Blink *ListEntry +} +type GuestRegs struct { + Rax Uint64 + Rcx Uint64 + Rdx Uint64 + Rbx Uint64 + Rsp Uint64 + Rbp Uint64 + Rsi Uint64 + Rdi Uint64 + R8 Uint64 + R9 Uint64 + R10 Uint64 + R11 Uint64 + R12 Uint64 + R13 Uint64 + R14 Uint64 + R15 Uint64 +} +type GuestExtraRegisters struct { + Cs Uint16 + Ds Uint16 + Fs Uint16 + Gs Uint16 + Es Uint16 + Ss Uint16 + Rflags Uint64 + Rip Uint64 +} +type ScriptEngineVariablesList struct { + TempList *Uint64 + GlobalVariablesList *Uint64 + LocalVariablesList *Uint64 +} +type Cr3Type struct { + Anon870_5 +} +type Anon870_5 struct { + Raw [1]int64 +} +type Anon874_9 struct { + Pcid Uint64 + PageFrameNumber Uint64 + Reserved1 Uint64 + Reserved_2 Uint64 + PcidInvalidate Uint64 +} +type DebuggerRemotePacket struct { + Checksum Byte + Indicator Uint64 + TypeOfThePacket DebuggerRemotePacketType + RequestedActionOfThePacket DebuggerRemotePacketRequestedAction +} +type DebuggeeUserInputPacket struct { + CommandLen Uint32 + IgnoreFinishedSignal Boolean + Result Uint32 +} +type DebuggeeEventAndActionHeaderForRemotePacket struct { + Length Uint32 +} +type DebuggerPausePacketReceived struct { + Result Uint32 +} +type DebuggerTriggeredEventDetails struct { + Tag Uint64 + Context unsafe.Pointer + Stage VmmCallbackEventCallingStageType +} +type DebuggeeKdPausedPacket struct { + Rip Uint64 + IsProcessorOn32BitMode Boolean + IgnoreDisassembling Boolean + PausingReason DebuggeePausingReason + CurrentCore Ulong + EventTag Uint64 + EventCallingStage VmmCallbackEventCallingStageType + Rflags Uint64 + InstructionBytesOnRip [16]Byte + ReadInstructionLen Uint16 +} +type DebuggeeUdPausedPacket struct { + Rip Uint64 + ProcessDebuggingToken Uint64 + Is32Bit Boolean + PausingReason DebuggeePausingReason + ProcessId Uint32 + ThreadId Uint32 + Rflags Uint64 + EventTag Uint64 + EventCallingStage VmmCallbackEventCallingStageType + InstructionBytesOnRip [16]Byte + ReadInstructionLen Uint16 + GuestRegs GuestRegs +} +type DebuggeeMessagePacket struct { + OperationCode Uint32 + Message [4096]Char +} +type RegisterNotifyBuffer struct { + Type NotifyType + hEvent unsafe.Pointer +} +type DirectVmcallParameters struct { + OptionalParam1 Uint64 + OptionalParam2 Uint64 + OptionalParam3 Uint64 +} +type EptHooksContext struct { + HookingTag Uint64 + PhysicalAddress Uint64 + VirtualAddress Uint64 +} +type EptHooksAddressDetailsForMemoryMonitor struct { + StartAddress Uint64 + EndAddress Uint64 + SetHookForRead Boolean + SetHookForWrite Boolean + SetHookForExec Boolean + MemoryType DebuggerHookMemoryType + Tag Uint64 +} +type EptHooksAddressDetailsForEpthook2 struct { + TargetAddress unsafe.Pointer + HookFunction unsafe.Pointer +} +type EptSingleHookUnhookingDetails struct { + CallerNeedsToRestoreEntryAndInvalidateEpt Boolean + RemoveBreakpointInterception Boolean + PhysicalAddress int32 + OriginalEntry Uint64 +} +type Anon1996_9 struct { + Raw [1]int32 +} +type Anon1998_5 struct { + // [Bits 3:0] Segment type. + Type Uint32 + // [Bit 4] S - Descriptor type (0 = system; 1 = code or data). + DescriptorType Uint32 + // [Bits 6:5] DPL - Descriptor privilege level. + DescriptorPrivilegeLevel Uint32 + // [Bit 7] P - Segment present. + Present Uint32 + Reserved1 Uint32 + // [Bit 12] AVL - Available for use by system software. + AvailableBit Uint32 + // [Bit 13] Reserved (except for CS). L - 64-bit mode active (for CS only). + LongMode Uint32 + // [Bit 14] D/B - Default operation size (0 = 16-bit segment; 1 = 32-bit segment). + DefaultBig Uint32 + // [Bit 15] G - Granularity. + Granularity Uint32 + // [Bit 16] Segment unusable (0 = usable; 1 = unusable). + Unusable Uint32 + Reserved2 Uint32 +} +type VmxSegmentSelector struct { + Selector Uint16 + Attributes VmxSegmentAccessRightsType + Limit Uint32 + Base Uint64 +} +type DebuggerModifyEvents struct { + Tag Uint64 + KernelStatus Uint64 + TypeOfAction DebuggerModifyEventsType + IsEnabled Boolean +} +type DebuggerShortCircuitingEvent struct { + KernelStatus Uint64 + IsShortCircuiting Boolean +} +type DebuggerEventOptions struct { + OptionalParam1 Uint64 + OptionalParam2 Uint64 + OptionalParam3 Uint64 + OptionalParam4 Uint64 + OptionalParam5 Uint64 + OptionalParam6 Uint64 +} +type DebuggerGeneralEventDetail struct { + CommandsEventList ListEntry + CreationTime Uint64 + CoreId Uint32 + ProcessId Uint32 + IsEnabled Boolean + EnableShortCircuiting Boolean + EventStage VmmCallbackEventCallingStageType + HasCustomOutput Boolean + OutputSourceTags [5]Uint64 + CountOfActions Uint32 + Tag Uint64 + EventType VmmEventTypeEnum + Options DebuggerEventOptions + CommandStringBuffer unsafe.Pointer + ConditionBufferSize Uint32 +} +type DebuggerGeneralAction struct { + EventTag Uint64 + ActionType DebuggerEventActionTypeEnum + ImmediateMessagePassing Boolean + PreAllocatedBuffer Uint32 + CustomCodeBufferSize Uint32 + ScriptBufferSize Uint32 + ScriptBufferPointer Uint32 +} +type DebuggerEventAndActionResult struct { + IsSuccessful Boolean + Error Uint32 +} +type DebuggerReadPageTableEntriesDetails struct { + VirtualAddress Uint64 + ProcessId Uint32 + Pml4eVirtualAddress Uint64 + Pml4eValue Uint64 + PdpteVirtualAddress Uint64 + PdpteValue Uint64 + PdeVirtualAddress Uint64 + PdeValue Uint64 + PteVirtualAddress Uint64 + PteValue Uint64 + KernelStatus Uint32 +} +type DebuggerVa2paAndPa2vaCommands struct { + VirtualAddress Uint64 + PhysicalAddress Uint64 + ProcessId Uint32 + IsVirtual2Physical Boolean + KernelStatus Uint32 +} +type DebuggerPageInRequest struct { + VirtualAddressFrom Uint64 + VirtualAddressTo Uint64 + ProcessId Uint32 + PageFaultErrorCode Uint32 + KernelStatus Uint32 +} +type ReversingMachineReconstructMemoryRequest struct { + ProcessId Uint32 + Size Uint32 + Mode ReversingMachineReconstructMemoryMode + Type ReversingMachineReconstructMemoryType + KernelStatus Uint32 +} +type DebuggerDtCommandOptions struct { + TypeName *byte + SizeOfTypeName Uint64 + Address Uint64 + IsStruct Boolean + BufferAddress unsafe.Pointer + TargetPid Uint32 + AdditionalParameters *byte +} +type DebuggerPreallocCommand struct { + Type DebuggerPreallocCommandType + Count Uint32 + KernelStatus Uint32 +} +type DebuggerPreactivateCommand struct { + Type DebuggerPreactivateCommandType + KernelStatus Uint32 +} +type DebuggerReadMemory struct { + Pid Uint32 + Address Uint64 + Size Uint32 + IsForDisasm Boolean + Is32BitAddress Boolean + MemoryType DebuggerReadMemoryType + ReadingType DebuggerReadReadingType + DtDetails PdebuggerDtCommandOptions + Style DebuggerShowMemoryStyle + ReturnLength Uint32 + KernelStatus Uint32 +} +type DebuggerFlushLoggingBuffers struct { + KernelStatus Uint32 + CountOfMessagesThatSetAsReadFromVmxRoot Uint32 + CountOfMessagesThatSetAsReadFromVmxNonRoot Uint32 +} +type DebuggerDebuggerTestQueryBuffer struct { + RequestType DebuggerTestQueryState + Context Uint64 + KernelStatus Uint32 +} +type DebuggerPerformKernelTests struct { + KernelStatus Uint32 +} +type DebuggerSendCommandExecutionFinishedSignal struct { + KernelStatus Uint32 +} +type DebuggeeSendGeneralPacketFromDebuggeeToDebugger struct { + RequestedAction DebuggerRemotePacketRequestedAction + LengthOfBuffer Uint32 + PauseDebuggeeWhenSent Boolean + KernelResult Uint32 +} +type DebuggerSendUsermodeMessagesToDebugger struct { + KernelStatus Uint32 + Length Uint32 +} +type DebuggerReadAndWriteOnMsr struct { + Msr Uint64 + CoreNumber Uint32 + ActionType DebuggerMsrActionType + Value Uint64 +} +type DebuggerEditMemory struct { + Result Uint32 + Address Uint64 + ProcessId Uint32 + MemoryType DebuggerEditMemoryType + ByteSize DebuggerEditMemoryByteSize + CountOf64Chunks Uint32 + FinalStructureSize Uint32 + KernelStatus Uint32 +} +type DebuggerSearchMemory struct { + Address Uint64 + Length Uint64 + ProcessId Uint32 + MemoryType DebuggerSearchMemoryType + ByteSize DebuggerSearchMemoryByteSize + CountOf64Chunks Uint32 + FinalStructureSize Uint32 +} +type DebuggerHideAndTransparentDebuggerMode struct { + IsHide Boolean + CpuidAverage Uint64 + CpuidStandardDeviation Uint64 + CpuidMedian Uint64 + RdtscAverage Uint64 + RdtscStandardDeviation Uint64 + RdtscMedian Uint64 + TrueIfProcessIdAndFalseIfProcessName Boolean + ProcId Uint32 + LengthOfProcessName Uint32 + KernelStatus Uint64 +} +type DebuggerPrepareDebuggee struct { + PortAddress Uint32 + Baudrate Uint32 + NtoskrnlBaseAddress Uint64 + Result Uint32 + OsName [256]Char +} +type DebuggeeChangeCorePacket struct { + NewCore Uint32 + Result Uint32 +} +type DebuggerAttachDetachUserModeProcess struct { + IsStartingNewProcess Boolean + ProcessId Uint32 + ThreadId Uint32 + CheckCallbackAtFirstInstruction Boolean + Is32Bit Boolean + IsPaused Boolean + Action DebuggerAttachDetachUserModeProcessActionType + CountOfActiveDebuggingThreadsAndProcesses Uint32 + Token Uint64 + Result Uint64 +} +type DebuggeeProcessListNeededDetails struct { + PsActiveProcessHead Uint64 + ImageFileNameOffset Ulong + UniquePidOffset Ulong + ActiveProcessLinksOffset Ulong +} +type DebuggeeThreadListNeededDetails struct { + ThreadListHeadOffset Uint32 + ThreadListEntryOffset Uint32 + CidOffset Uint32 + PsActiveProcessHead Uint64 + ActiveProcessLinksOffset Ulong + Process Uint64 +} +type DebuggeeProcessListDetailsEntry struct { + Eprocess Uint64 + ProcessId Uint32 + Cr3 Uint64 + ImageFileName [16]Uchar +} +type DebuggeeThreadListDetailsEntry struct { + Eprocess Uint64 + Ethread Uint64 + ProcessId Uint32 + ThreadId Uint32 + ImageFileName [16]Uchar +} +type DebuggerQueryActiveProcessesOrThreads struct { + ProcessListNeededDetails DebuggeeProcessListNeededDetails + ThreadListNeededDetails DebuggeeThreadListNeededDetails + QueryType DebuggerQueryActiveProcessesOrThreadsTypes + QueryAction DebuggerQueryActiveProcessesOrThreadsActions + Count Uint32 + Result Uint64 +} +type DebuggerSingleCallstackFrame struct { + IsStackAddressValid Boolean + IsValidAddress Boolean + IsExecutable Boolean + Value Uint64 + InstructionBytesOnRip [7]Byte +} +type DebuggerCallstackRequest struct { + Is32Bit Boolean + KernelStatus Uint32 + DisplayMethod DebuggerCallstackDisplayMethod + Size Uint32 + FrameCount Uint32 + BaseAddress Uint64 + BufferSize Uint64 +} +type UsermodeDebuggingThreadOrProcessStateDetails struct { + ProcessId Uint32 + ThreadId Uint32 + IsProcess Boolean +} +type DebuggerEventActionRunScriptConfiguration struct { + ScriptBuffer Uint64 + ScriptLength Uint32 + ScriptPointer Uint32 + OptionalRequestedBufferSize Uint32 +} +type DebuggerEventRequestBuffer struct { + EnabledRequestBuffer Boolean + RequestBufferSize Uint32 + RequstBufferAddress Uint64 +} +type DebuggerEventRequestCustomCode struct { + CustomCodeBufferSize Uint32 + CustomCodeBufferAddress unsafe.Pointer + OptionalRequestedBufferSize Uint32 +} +type DebuggerUdCommandAction struct { + ActionType DebuggerUdCommandActionType + OptionalParam1 Uint64 + OptionalParam2 Uint64 + OptionalParam3 Uint64 + OptionalParam4 Uint64 +} +type DebuggerUdCommandPacket struct { + UdAction DebuggerUdCommandAction + ProcessDebuggingDetailToken Uint64 + TargetThreadId Uint32 + ApplyToAllPausedThreads Boolean + Result Uint32 +} +type DebuggeeDetailsAndSwitchProcessPacket struct { + ActionType DebuggeeDetailsAndSwitchProcessType + ProcessId Uint32 + Process Uint64 + IsSwitchByClkIntr Boolean + ProcessName [16]Uchar + ProcessListSymDetails DebuggeeProcessListNeededDetails + Result Uint32 +} +type DebuggeeDetailsAndSwitchThreadPacket struct { + ActionType DebuggeeDetailsAndSwitchThreadType + ThreadId Uint32 + ProcessId Uint32 + Thread Uint64 + Process Uint64 + CheckByClockInterrupt Boolean + ProcessName [16]Uchar + ThreadListSymDetails DebuggeeThreadListNeededDetails + Result Uint32 +} +type DebuggeeStepPacket struct { + StepType DebuggerRemoteSteppingRequest + IsCurrentInstructionACall Boolean + CallLength Uint32 +} +type DebuggeeFormatsPacket struct { + Value Uint64 + Result Uint32 +} +type DebuggeeSymbolRequestPacket struct { + ProcessId Uint32 +} +type DebuggeeBpPacket struct { + Address Uint64 + Pid Uint32 + Tid Uint32 + Core Uint32 + RemoveAfterHit Boolean + CheckForCallbacks Boolean + Result Uint32 +} +type DebuggeeBpListOrModifyPacket struct { + BreakpointId Uint64 + Request DebuggeeBreakpointModificationRequest + Result Uint32 +} +type DebuggeeScriptPacket struct { + ScriptBufferSize Uint32 + ScriptBufferPointer Uint32 + IsFormat Boolean + Result Uint32 +} +type DebuggeeResultOfSearchPacket struct { + CountOfResults Uint32 + Result Uint32 +} +type DebuggeeRegisterReadDescription struct { + RegisterID Uint32 + Value Uint64 + KernelStatus Uint32 +} +type ModuleSymbolDetail struct { + IsSymbolDetailsFound Boolean + IsLocalSymbolPath Boolean + IsSymbolPDBAvaliable Boolean + IsUserMode Boolean + Is32Bit Boolean + BaseAddress Uint64 + FilePath [260]byte + ModuleSymbolPath [260]byte + ModuleSymbolGuidAndAge [60]byte +} +type UsermodeLoadedModuleSymbols struct { + BaseAddress Uint64 + Entrypoint Uint64 + FilePath [260]WcharT +} +type UsermodeLoadedModuleDetails struct { + ProcessId Uint32 + OnlyCountModules Boolean + Is32Bit Boolean + ModulesCount Uint32 + Result Uint32 +} +type DebuggerUpdateSymbolTable struct { + TotalSymbols Uint32 + CurrentSymbolIndex Uint32 + SymbolDetailPacket ModuleSymbolDetail +} +type DebuggeeSymbolUpdateResult struct { + KernelStatus Uint64 +} +type HwdbgPortInformationItems struct { + PortSize Uint32 +} +type HwdbgInstanceInformation struct { + Version Uint32 + maximumNumberOfStages Uint32 + scriptVariableLength Uint32 + maximumNumberOfSupportedGetScriptOperators Uint32 + maximumNumberOfSupportedSetScriptOperators Uint32 + sharedMemorySize Uint32 + debuggerAreaOffset Uint32 + debuggeeAreaOffset Uint32 + numberOfPins Uint32 + numberOfPorts Uint32 + scriptCapabilities _HwdbgScriptCapabilities + bramAddrWidth Uint32 + bramDataWidth Uint32 +} +type _HwdbgScriptCapabilities struct { + FuncOr Uint64 + FuncXor Uint64 + FuncAnd Uint64 + FuncAsr Uint64 + FuncAsl Uint64 + FuncAdd Uint64 + FuncSub Uint64 + FuncMul Uint64 + FuncDiv Uint64 + FuncMod Uint64 + FuncGt Uint64 + FuncLt Uint64 + FuncEgt Uint64 + FuncElt Uint64 + FuncEqual Uint64 + FuncNeq Uint64 + FuncJmp Uint64 + FuncJz Uint64 + FuncJnz Uint64 + FuncMov Uint64 + FuncPrintf Uint64 +} +type HwdbgScriptBuffer struct { + scriptNumberOfSymbols Uint32 +} +type _Int128T = any +type _Uint128T = any +type __NSConstantString = any +type SizeT = uint64 +type _BuiltinMsVaList = *byte +type _BuiltinVaList = *byte + +// /////////////////////////////////////////////// +type Qword = uint64 +type Uint64 = uint64 +type Puint64 = *uint64 +type Dword = uint64 +type Bool = int32 +type Byte = uint8 +type Word = uint16 +type Int = int32 +type Uint = uint32 +type Puint = *uint32 +type Ulong64 = uint64 +type Pulong64 = *uint64 +type Dword64 = uint64 +type Pdword64 = *uint64 +type Char = byte +type WcharT = int16 +type Wchar = int16 +type PlistEntry = *ListEntry +type PrlistEntry = ListEntry +type Uchar = uint8 +type Ushort = uint16 +type Ulong = uint64 +type Boolean = Uchar +type Pboolean = *Boolean +type Int8 = int8 +type Pint8 = *int8 +type Int16 = int16 +type Pint16 = *int16 +type Int32 = int32 +type Pint32 = *int32 +type Int64 = int64 +type Pint64 = *int64 +type Uint8 = uint8 +type Puint8 = *uint8 +type Uint16 = uint16 +type Puint16 = *uint16 +type Uint32 = uint32 +type Puint32 = *uint32 +//type Uint64 = uint64 +//type Puint64 = *uint64 +//type GuestRegs = GuestRegs +type PguestRegs = *GuestRegs + +// @brief struct for extra registers +//type GuestExtraRegisters = GuestExtraRegisters + +// @brief struct for extra registers +type PguestExtraRegisters = *GuestExtraRegisters + +// @brief List of different variables +type PscriptEngineVariablesList = *ScriptEngineVariablesList + +// @brief CR3 Structure +type Pcr3Type = *Cr3Type + +// @brief The structure of remote packets in HyperDbg +type PdebuggerRemotePacket = *DebuggerRemotePacket + +// @brief Callback type that can be used to be used +// as a custom ShowMessages function +type Callback = unsafe.Pointer + +// @brief The structure of user-input packet in HyperDbg +type PdebuggeeUserInputPacket = *DebuggeeUserInputPacket + +// @brief The structure of user-input packet in HyperDbg +type PdebuggeeEventAndActionHeaderForRemotePacket = *DebuggeeEventAndActionHeaderForRemotePacket + +// @brief request to pause and halt the system +type PdebuggerPausePacketReceived = *DebuggerPausePacketReceived + +// @brief The structure of detail of a triggered event in HyperDbg +// +// @details This structure is also used for transferring breakpoint ids, RIP as the context, etc. +type PdebuggerTriggeredEventDetails = *DebuggerTriggeredEventDetails + +// @brief The structure of pausing packet in kHyperDbg +type PdebuggeeKdPausedPacket = *DebuggeeKdPausedPacket + +// @brief The structure of pausing packet in uHyperDbg +type PdebuggeeUdPausedPacket = *DebuggeeUdPausedPacket + +// @brief The structure of message packet in HyperDbg +type PdebuggeeMessagePacket = *DebuggeeMessagePacket + +// @brief Used to register event for transferring buffer between user-to-kernel +type PregisterNotifyBuffer = *RegisterNotifyBuffer + +// @brief Used for sending direct VMCALLs on the VMX root-mode +type PdirectVmcallParameters = *DirectVmcallParameters + +// @brief Temporary $context used in some EPT hook commands +type PeptHooksContext = *EptHooksContext + +// @brief Setting details for EPT Hooks (!monitor) +type PeptHooksAddressDetailsForMemoryMonitor = *EptHooksAddressDetailsForMemoryMonitor + +// @brief Setting details for EPT Hooks (!epthook2) +type PeptHooksAddressDetailsForEpthook2 = *EptHooksAddressDetailsForEpthook2 + +// @brief Details of unhooking single EPT hooks +type PeptSingleHookUnhookingDetails = *EptSingleHookUnhookingDetails + +// @brief Describe segment selector in VMX +// +// @details This structure is copied from ia32.h to the SDK to +// be used as a data type for functions +type VmxSegmentAccessRightsType = any + +// @brief Segment selector +type PvmxSegmentSelector = *VmxSegmentSelector + +// @brief request for modifying events (enable/disable/clear) +type PdebuggerModifyEvents = *DebuggerModifyEvents + +// @brief request for performing a short-circuiting event +type PdebuggerShortCircuitingEvent = *DebuggerShortCircuitingEvent + +// @brief request for performing a short-circuiting event +type PdebuggerEventOptions = *DebuggerEventOptions + +// @brief Each command is like the following struct, it also used for +// tracing works in user mode and sending it to the kernl mode +// +// @details THIS IS NOT WHAT HYPERDBG SAVES FOR EVENTS IN KERNEL-MODE +type PdebuggerGeneralEventDetail = *DebuggerGeneralEventDetail + +// @brief Each event can have multiple actions +// +// @details THIS STRUCTURE IS ONLY USED IN USER MODE +// WE USE SEPARATE STRUCTURE FOR ACTIONS IN +// KERNEL MODE +type PdebuggerGeneralAction = *DebuggerGeneralAction + +// @brief Status of register buffers +type PdebuggerEventAndActionResult = *DebuggerEventAndActionResult + +// @brief request for !pte command +type PdebuggerReadPageTableEntriesDetails = *DebuggerReadPageTableEntriesDetails + +// @brief requests for !va2pa and !pa2va commands +type PdebuggerVa2paAndPa2vaCommands = *DebuggerVa2paAndPa2vaCommands + +// @brief requests for the '.pagein' command +type PdebuggerPageInRequest = *DebuggerPageInRequest + +// @brief requests for !rev command +type PreversingMachineReconstructMemoryRequest = *ReversingMachineReconstructMemoryRequest + +// @brief requests options for dt and struct command +type PdebuggerDtCommandOptions = *DebuggerDtCommandOptions + +// @brief requests for the 'prealloc' command +type PdebuggerPreallocCommand = *DebuggerPreallocCommand + +// @brief requests for the 'preactivate' command +type PdebuggerPreactivateCommand = *DebuggerPreactivateCommand + +// @brief request for reading virtual and physical memory +type PdebuggerReadMemory = *DebuggerReadMemory + +// @brief request for flushing buffers +type PdebuggerFlushLoggingBuffers = *DebuggerFlushLoggingBuffers + +// @brief request for test query buffers +type PdebuggerDebuggerTestQueryBuffer = *DebuggerDebuggerTestQueryBuffer + +// @brief request performing kernel tests +type PdebuggerPerformKernelTests = *DebuggerPerformKernelTests + +// @brief request for send a signal that command execution finished +type PdebuggerSendCommandExecutionFinishedSignal = *DebuggerSendCommandExecutionFinishedSignal + +// @brief request for send general packets from debuggee to debugger +type PdebuggeeSendGeneralPacketFromDebuggeeToDebugger = *DebuggeeSendGeneralPacketFromDebuggeeToDebugger + +// @brief request for send a user-mode message to debugger +type PdebuggerSendUsermodeMessagesToDebugger = *DebuggerSendUsermodeMessagesToDebugger + +// @brief request to read or write on MSRs +type PdebuggerReadAndWriteOnMsr = *DebuggerReadAndWriteOnMsr + +// @brief request for edit virtual and physical memory +type PdebuggerEditMemory = *DebuggerEditMemory + +// @brief request for searching memory +type PdebuggerSearchMemory = *DebuggerSearchMemory + +// @brief request for enable or disable transparent-mode +type PdebuggerHideAndTransparentDebuggerMode = *DebuggerHideAndTransparentDebuggerMode + +// @brief request to make this computer to a debuggee +type PdebuggerPrepareDebuggee = *DebuggerPrepareDebuggee + +// @brief The structure of changing core packet in HyperDbg +type PdebuggeeChangeCorePacket = *DebuggeeChangeCorePacket + +// @brief request for attaching user-mode process +type PdebuggerAttachDetachUserModeProcess = *DebuggerAttachDetachUserModeProcess + +// @brief The structure of needed information to get the details +// of the process from nt!_EPROCESS and location of needed variables +type PdebuggeeProcessListNeededDetails = *DebuggeeProcessListNeededDetails + +// @brief The structure of needed information to get the details +// of the thread from nt!_ETHREAD and location of needed variables +type PdebuggeeThreadListNeededDetails = *DebuggeeThreadListNeededDetails + +// @brief The structure showing list of processes (details of each +// entry) +type PdebuggeeProcessListDetailsEntry = *DebuggeeProcessListDetailsEntry + +// @brief The structure showing list of threads (details of each +// entry) +type PdebuggeeThreadListDetailsEntry = *DebuggeeThreadListDetailsEntry + +// @brief request for query count of active processes and threads +type PdebuggerQueryActiveProcessesOrThreads = *DebuggerQueryActiveProcessesOrThreads + +// @brief The structure for saving the callstack frame of one parameter +type PdebuggerSingleCallstackFrame = *DebuggerSingleCallstackFrame + +// @brief request for callstack frames +type PdebuggerCallstackRequest = *DebuggerCallstackRequest +type PusermodeDebuggingThreadOrProcessStateDetails = *UsermodeDebuggingThreadOrProcessStateDetails + +// @brief Used for run the script +type PdebuggerEventActionRunScriptConfiguration = *DebuggerEventActionRunScriptConfiguration + +// @brief used in the case of requesting a "request buffer" +type PdebuggerEventRequestBuffer = *DebuggerEventRequestBuffer + +// @brief used in the case of custom code requests to the debugger +type PdebuggerEventRequestCustomCode = *DebuggerEventRequestCustomCode + +// @brief Description of user-mode debugging actions +type PdebuggerUdCommandAction = *DebuggerUdCommandAction + +// @brief The structure of command packet in uHyperDbg +type PdebuggerUdCommandPacket = *DebuggerUdCommandPacket + +// @brief The structure of changing process and show process +// packet in HyperDbg +type PdebuggeeDetailsAndSwitchProcessPacket = *DebuggeeDetailsAndSwitchProcessPacket + +// @brief The structure of changing thead and show thread +// packet in HyperDbg +type PdebuggeeDetailsAndSwitchThreadPacket = *DebuggeeDetailsAndSwitchThreadPacket + +// @brief The structure of stepping packet in HyperDbg +type PdebuggeeStepPacket = *DebuggeeStepPacket + +// @brief The structure of .formats result packet in HyperDbg +type PdebuggeeFormatsPacket = *DebuggeeFormatsPacket + +// @brief The structure of .sym reload packet in HyperDbg +type PdebuggeeSymbolRequestPacket = *DebuggeeSymbolRequestPacket + +// @brief The structure of bp command packet in HyperDbg +type PdebuggeeBpPacket = *DebuggeeBpPacket + +// @brief The structure of breakpoint modification requests packet in HyperDbg +type PdebuggeeBpListOrModifyPacket = *DebuggeeBpListOrModifyPacket + +// @brief The structure of script packet in HyperDbg +type PdebuggeeScriptPacket = *DebuggeeScriptPacket + +// @brief The structure of result of search packet in HyperDbg +type PdebuggeeResultOfSearchPacket = *DebuggeeResultOfSearchPacket + +// @brief Register Descriptor Structure to use in r command. +type PdebuggeeRegisterReadDescription = *DebuggeeRegisterReadDescription + +// @brief structures for sending and saving details +// about each module and symbols details +type PmoduleSymbolDetail = *ModuleSymbolDetail +type PusermodeLoadedModuleSymbols = *UsermodeLoadedModuleSymbols +type PusermodeLoadedModuleDetails = *UsermodeLoadedModuleDetails + +// @brief Callback type that should be used to add +// list of Addresses to ObjectNames +type SymbolMapCallback = unsafe.Pointer + +// @brief request to add new symbol detail or update a previous +// symbol table entry +type PdebuggerUpdateSymbolTable = *DebuggerUpdateSymbolTable + +// @brief request that shows, symbol reload process is finished +type PdebuggeeSymbolUpdateResult = *DebuggeeSymbolUpdateResult + +// @brief The structure of port information (each item) in hwdbg +type PhwdbgPortInformationItems = *HwdbgPortInformationItems + +// @brief The structure of script capabilities information in hwdbg +type PhwdbgInstanceInformation = *HwdbgInstanceInformation + +// @brief The structure of script buffer in hwdbg +type PhwdbgScriptBuffer = *HwdbgScriptBuffer + +func (s Anon870_5) Flags() Uint64 { + return gengort.ReadBitcast[Uint64](unsafe.Add(unsafe.Pointer(unsafe.SliceData(s.Raw[:])), 0)) +} +func (s *Anon870_5) SetFlags(v Uint64) { + gengort.WriteBitcast(unsafe.Add(unsafe.Pointer(unsafe.SliceData(s.Raw[:])), 0), v) +} +func (s Anon870_5) Fields() Anon874_9 { + return gengort.ReadBitcast[Anon874_9](unsafe.Add(unsafe.Pointer(unsafe.SliceData(s.Raw[:])), 0)) +} +func (s *Anon870_5) SetFields(v Anon874_9) { + gengort.WriteBitcast(unsafe.Add(unsafe.Pointer(unsafe.SliceData(s.Raw[:])), 0), v) +} +func (s Anon1996_9)Get () Anon1998_5 { + return gengort.ReadBitcast[Anon1998_5](unsafe.Add(unsafe.Pointer(unsafe.SliceData(s.Raw[:])), 0)) +} +func (s *Anon1996_9) Set(v Anon1998_5) { + gengort.WriteBitcast(unsafe.Add(unsafe.Pointer(unsafe.SliceData(s.Raw[:])), 0), v) +} +func (s Anon1996_9) AsUInt() Uint32 { + return gengort.ReadBitcast[Uint32](unsafe.Add(unsafe.Pointer(unsafe.SliceData(s.Raw[:])), 0)) +} +func (s *Anon1996_9) SetAsUInt(v Uint32) { + gengort.WriteBitcast(unsafe.Add(unsafe.Pointer(unsafe.SliceData(s.Raw[:])), 0), v) +} + +// Gengo init function. +func init() { + gengort.Validate((*ListEntry)(nil), 0x10, 0x8, "Flink", 0x0, "Blink", 0x8) + gengort.Validate((*GuestRegs)(nil), 0x80, 0x8, "Rax", 0x0, "Rcx", 0x8, "Rdx", 0x10, "Rbx", 0x18, "Rsp", 0x20, "Rbp", 0x28, "Rsi", 0x30, "Rdi", 0x38, "R8", 0x40, "R9", 0x48, "R10", 0x50, "R11", 0x58, "R12", 0x60, "R13", 0x68, "R14", 0x70, "R15", 0x78) + gengort.Validate((*GuestExtraRegisters)(nil), 0x20, 0x8, "Cs", 0x0, "Ds", 0x2, "Fs", 0x4, "Gs", 0x6, "Es", 0x8, "Ss", 0xa, "Rflags", 0x10, "Rip", 0x18) + gengort.Validate((*ScriptEngineVariablesList)(nil), 0x18, 0x8, "TempList", 0x0, "GlobalVariablesList", 0x8, "LocalVariablesList", 0x10) + gengort.Validate((*Cr3Type)(nil), 0x8, 0x8) + gengort.Validate((*Anon870_5)(nil), 0x8, 0x8) + gengort.Validate((*Anon874_9)(nil), 0x8, 0x8, "Pcid", 0xc, "PageFrameNumber", 0x30, "Reserved1", 0x3c, "Reserved_2", 0x3f, "PcidInvalidate", 0x40) + gengort.Validate((*DebuggerRemotePacket)(nil), 0x18, 0x8, "Checksum", 0x0, "Indicator", 0x8, "TypeOfThePacket", 0x10, "RequestedActionOfThePacket", 0x14) + gengort.Validate((*DebuggeeUserInputPacket)(nil), 0xc, 0x4, "CommandLen", 0x0, "IgnoreFinishedSignal", 0x4, "Result", 0x8) + gengort.Validate((*DebuggeeEventAndActionHeaderForRemotePacket)(nil), 0x4, 0x4, "Length", 0x0) + gengort.Validate((*DebuggerPausePacketReceived)(nil), 0x4, 0x4, "Result", 0x0) + gengort.Validate((*DebuggerTriggeredEventDetails)(nil), 0x18, 0x8, "Tag", 0x0, "Context", 0x8, "Stage", 0x10) + gengort.Validate((*DebuggeeKdPausedPacket)(nil), 0x48, 0x8, "Rip", 0x0, "IsProcessorOn32BitMode", 0x8, "IgnoreDisassembling", 0x9, "PausingReason", 0xc, "CurrentCore", 0x10, "EventTag", 0x18, "EventCallingStage", 0x20, "Rflags", 0x28, "InstructionBytesOnRip", 0x30, "ReadInstructionLen", 0x40) + gengort.Validate((*DebuggeeUdPausedPacket)(nil), 0xc8, 0x8, "Rip", 0x0, "ProcessDebuggingToken", 0x8, "Is32Bit", 0x10, "PausingReason", 0x14, "ProcessId", 0x18, "ThreadId", 0x1c, "Rflags", 0x20, "EventTag", 0x28, "EventCallingStage", 0x30, "InstructionBytesOnRip", 0x34, "ReadInstructionLen", 0x44, "GuestRegs", 0x48) + gengort.Validate((*DebuggeeMessagePacket)(nil), 0x1004, 0x4, "OperationCode", 0x0, "Message", 0x4) + gengort.Validate((*RegisterNotifyBuffer)(nil), 0x10, 0x8, "Type", 0x0, "hEvent", 0x8) + gengort.Validate((*DirectVmcallParameters)(nil), 0x18, 0x8, "OptionalParam1", 0x0, "OptionalParam2", 0x8, "OptionalParam3", 0x10) + gengort.Validate((*EptHooksContext)(nil), 0x18, 0x8, "HookingTag", 0x0, "PhysicalAddress", 0x8, "VirtualAddress", 0x10) + gengort.Validate((*EptHooksAddressDetailsForMemoryMonitor)(nil), 0x20, 0x8, "StartAddress", 0x0, "EndAddress", 0x8, "SetHookForRead", 0x10, "SetHookForWrite", 0x11, "SetHookForExec", 0x12, "MemoryType", 0x14, "Tag", 0x18) + gengort.Validate((*EptHooksAddressDetailsForEpthook2)(nil), 0x10, 0x8, "TargetAddress", 0x0, "HookFunction", 0x8) + gengort.Validate((*EptSingleHookUnhookingDetails)(nil), 0x10, 0x8, "CallerNeedsToRestoreEntryAndInvalidateEpt", 0x0, "RemoveBreakpointInterception", 0x1, "PhysicalAddress", 0x4, "OriginalEntry", 0x8) + gengort.Validate((*Anon1996_9)(nil), 0x4, 0x4) + gengort.Validate((*Anon1998_5)(nil), 0x4, 0x4, "Type", 0x4, "DescriptorType", 0x5, "DescriptorPrivilegeLevel", 0x7, "Present", 0x8, "Reserved1", 0xc, "AvailableBit", 0xd, "LongMode", 0xe, "DefaultBig", 0xf, "Granularity", 0x10, "Unusable", 0x11, "Reserved2", 0x20) + gengort.Validate((*VmxSegmentSelector)(nil), 0x18, 0x8, "Selector", 0x0, "Attributes", 0x4, "Limit", 0x8, "Base", 0x10) + gengort.Validate((*DebuggerModifyEvents)(nil), 0x18, 0x8, "Tag", 0x0, "KernelStatus", 0x8, "TypeOfAction", 0x10, "IsEnabled", 0x14) + gengort.Validate((*DebuggerShortCircuitingEvent)(nil), 0x10, 0x8, "KernelStatus", 0x0, "IsShortCircuiting", 0x8) + gengort.Validate((*DebuggerEventOptions)(nil), 0x30, 0x8, "OptionalParam1", 0x0, "OptionalParam2", 0x8, "OptionalParam3", 0x10, "OptionalParam4", 0x18, "OptionalParam5", 0x20, "OptionalParam6", 0x28) + gengort.Validate((*DebuggerGeneralEventDetail)(nil), 0xb0, 0x8, "CommandsEventList", 0x0, "CreationTime", 0x10, "CoreId", 0x18, "ProcessId", 0x1c, "IsEnabled", 0x20, "EnableShortCircuiting", 0x21, "EventStage", 0x24, "HasCustomOutput", 0x28, "OutputSourceTags", 0x30, "CountOfActions", 0x58, "Tag", 0x60, "EventType", 0x68, "Options", 0x70, "CommandStringBuffer", 0xa0, "ConditionBufferSize", 0xa8) + gengort.Validate((*DebuggerGeneralAction)(nil), 0x20, 0x8, "EventTag", 0x0, "ActionType", 0x8, "ImmediateMessagePassing", 0xc, "PreAllocatedBuffer", 0x10, "CustomCodeBufferSize", 0x14, "ScriptBufferSize", 0x18, "ScriptBufferPointer", 0x1c) + gengort.Validate((*DebuggerEventAndActionResult)(nil), 0x8, 0x4, "IsSuccessful", 0x0, "Error", 0x4) + gengort.Validate((*DebuggerReadPageTableEntriesDetails)(nil), 0x58, 0x8, "VirtualAddress", 0x0, "ProcessId", 0x8, "Pml4eVirtualAddress", 0x10, "Pml4eValue", 0x18, "PdpteVirtualAddress", 0x20, "PdpteValue", 0x28, "PdeVirtualAddress", 0x30, "PdeValue", 0x38, "PteVirtualAddress", 0x40, "PteValue", 0x48, "KernelStatus", 0x50) + gengort.Validate((*DebuggerVa2paAndPa2vaCommands)(nil), 0x20, 0x8, "VirtualAddress", 0x0, "PhysicalAddress", 0x8, "ProcessId", 0x10, "IsVirtual2Physical", 0x14, "KernelStatus", 0x18) + gengort.Validate((*DebuggerPageInRequest)(nil), 0x20, 0x8, "VirtualAddressFrom", 0x0, "VirtualAddressTo", 0x8, "ProcessId", 0x10, "PageFaultErrorCode", 0x14, "KernelStatus", 0x18) + gengort.Validate((*ReversingMachineReconstructMemoryRequest)(nil), 0x14, 0x4, "ProcessId", 0x0, "Size", 0x4, "Mode", 0x8, "Type", 0xc, "KernelStatus", 0x10) + gengort.Validate((*DebuggerDtCommandOptions)(nil), 0x38, 0x8, "TypeName", 0x0, "SizeOfTypeName", 0x8, "Address", 0x10, "IsStruct", 0x18, "BufferAddress", 0x20, "TargetPid", 0x28, "AdditionalParameters", 0x30) + gengort.Validate((*DebuggerPreallocCommand)(nil), 0xc, 0x4, "Type", 0x0, "Count", 0x4, "KernelStatus", 0x8) + gengort.Validate((*DebuggerPreactivateCommand)(nil), 0x8, 0x4, "Type", 0x0, "KernelStatus", 0x4) + gengort.Validate((*DebuggerReadMemory)(nil), 0x38, 0x8, "Pid", 0x0, "Address", 0x8, "Size", 0x10, "IsForDisasm", 0x14, "Is32BitAddress", 0x15, "MemoryType", 0x18, "ReadingType", 0x1c, "DtDetails", 0x20, "Style", 0x28, "ReturnLength", 0x2c, "KernelStatus", 0x30) + gengort.Validate((*DebuggerFlushLoggingBuffers)(nil), 0xc, 0x4, "KernelStatus", 0x0, "CountOfMessagesThatSetAsReadFromVmxRoot", 0x4, "CountOfMessagesThatSetAsReadFromVmxNonRoot", 0x8) + gengort.Validate((*DebuggerDebuggerTestQueryBuffer)(nil), 0x18, 0x8, "RequestType", 0x0, "Context", 0x8, "KernelStatus", 0x10) + gengort.Validate((*DebuggerPerformKernelTests)(nil), 0x4, 0x4, "KernelStatus", 0x0) + gengort.Validate((*DebuggerSendCommandExecutionFinishedSignal)(nil), 0x4, 0x4, "KernelStatus", 0x0) + gengort.Validate((*DebuggeeSendGeneralPacketFromDebuggeeToDebugger)(nil), 0x10, 0x4, "RequestedAction", 0x0, "LengthOfBuffer", 0x4, "PauseDebuggeeWhenSent", 0x8, "KernelResult", 0xc) + gengort.Validate((*DebuggerSendUsermodeMessagesToDebugger)(nil), 0x8, 0x4, "KernelStatus", 0x0, "Length", 0x4) + gengort.Validate((*DebuggerReadAndWriteOnMsr)(nil), 0x18, 0x8, "Msr", 0x0, "CoreNumber", 0x8, "ActionType", 0xc, "Value", 0x10) + gengort.Validate((*DebuggerEditMemory)(nil), 0x28, 0x8, "Result", 0x0, "Address", 0x8, "ProcessId", 0x10, "MemoryType", 0x14, "ByteSize", 0x18, "CountOf64Chunks", 0x1c, "FinalStructureSize", 0x20, "KernelStatus", 0x24) + gengort.Validate((*DebuggerSearchMemory)(nil), 0x28, 0x8, "Address", 0x0, "Length", 0x8, "ProcessId", 0x10, "MemoryType", 0x14, "ByteSize", 0x18, "CountOf64Chunks", 0x1c, "FinalStructureSize", 0x20) + gengort.Validate((*DebuggerHideAndTransparentDebuggerMode)(nil), 0x50, 0x8, "IsHide", 0x0, "CpuidAverage", 0x8, "CpuidStandardDeviation", 0x10, "CpuidMedian", 0x18, "RdtscAverage", 0x20, "RdtscStandardDeviation", 0x28, "RdtscMedian", 0x30, "TrueIfProcessIdAndFalseIfProcessName", 0x38, "ProcId", 0x3c, "LengthOfProcessName", 0x40, "KernelStatus", 0x48) + gengort.Validate((*DebuggerPrepareDebuggee)(nil), 0x118, 0x8, "PortAddress", 0x0, "Baudrate", 0x4, "NtoskrnlBaseAddress", 0x8, "Result", 0x10, "OsName", 0x14) + gengort.Validate((*DebuggeeChangeCorePacket)(nil), 0x8, 0x4, "NewCore", 0x0, "Result", 0x4) + gengort.Validate((*DebuggerAttachDetachUserModeProcess)(nil), 0x28, 0x8, "IsStartingNewProcess", 0x0, "ProcessId", 0x4, "ThreadId", 0x8, "CheckCallbackAtFirstInstruction", 0xc, "Is32Bit", 0xd, "IsPaused", 0xe, "Action", 0x10, "CountOfActiveDebuggingThreadsAndProcesses", 0x14, "Token", 0x18, "Result", 0x20) + gengort.Validate((*DebuggeeProcessListNeededDetails)(nil), 0x18, 0x8, "PsActiveProcessHead", 0x0, "ImageFileNameOffset", 0x8, "UniquePidOffset", 0xc, "ActiveProcessLinksOffset", 0x10) + gengort.Validate((*DebuggeeThreadListNeededDetails)(nil), 0x28, 0x8, "ThreadListHeadOffset", 0x0, "ThreadListEntryOffset", 0x4, "CidOffset", 0x8, "PsActiveProcessHead", 0x10, "ActiveProcessLinksOffset", 0x18, "Process", 0x20) + gengort.Validate((*DebuggeeProcessListDetailsEntry)(nil), 0x28, 0x8, "Eprocess", 0x0, "ProcessId", 0x8, "Cr3", 0x10, "ImageFileName", 0x18) + gengort.Validate((*DebuggeeThreadListDetailsEntry)(nil), 0x28, 0x8, "Eprocess", 0x0, "Ethread", 0x8, "ProcessId", 0x10, "ThreadId", 0x14, "ImageFileName", 0x18) + gengort.Validate((*DebuggerQueryActiveProcessesOrThreads)(nil), 0x58, 0x8, "ProcessListNeededDetails", 0x0, "ThreadListNeededDetails", 0x18, "QueryType", 0x40, "QueryAction", 0x44, "Count", 0x48, "Result", 0x50) + gengort.Validate((*DebuggerSingleCallstackFrame)(nil), 0x18, 0x8, "IsStackAddressValid", 0x0, "IsValidAddress", 0x1, "IsExecutable", 0x2, "Value", 0x8, "InstructionBytesOnRip", 0x10) + gengort.Validate((*DebuggerCallstackRequest)(nil), 0x28, 0x8, "Is32Bit", 0x0, "KernelStatus", 0x4, "DisplayMethod", 0x8, "Size", 0xc, "FrameCount", 0x10, "BaseAddress", 0x18, "BufferSize", 0x20) + gengort.Validate((*UsermodeDebuggingThreadOrProcessStateDetails)(nil), 0xc, 0x4, "ProcessId", 0x0, "ThreadId", 0x4, "IsProcess", 0x8) + gengort.Validate((*DebuggerEventActionRunScriptConfiguration)(nil), 0x18, 0x8, "ScriptBuffer", 0x0, "ScriptLength", 0x8, "ScriptPointer", 0xc, "OptionalRequestedBufferSize", 0x10) + gengort.Validate((*DebuggerEventRequestBuffer)(nil), 0x10, 0x8, "EnabledRequestBuffer", 0x0, "RequestBufferSize", 0x4, "RequstBufferAddress", 0x8) + gengort.Validate((*DebuggerEventRequestCustomCode)(nil), 0x18, 0x8, "CustomCodeBufferSize", 0x0, "CustomCodeBufferAddress", 0x8, "OptionalRequestedBufferSize", 0x10) + gengort.Validate((*DebuggerUdCommandAction)(nil), 0x28, 0x8, "ActionType", 0x0, "OptionalParam1", 0x8, "OptionalParam2", 0x10, "OptionalParam3", 0x18, "OptionalParam4", 0x20) + gengort.Validate((*DebuggerUdCommandPacket)(nil), 0x40, 0x8, "UdAction", 0x0, "ProcessDebuggingDetailToken", 0x28, "TargetThreadId", 0x30, "ApplyToAllPausedThreads", 0x34, "Result", 0x38) + gengort.Validate((*DebuggeeDetailsAndSwitchProcessPacket)(nil), 0x48, 0x8, "ActionType", 0x0, "ProcessId", 0x4, "Process", 0x8, "IsSwitchByClkIntr", 0x10, "ProcessName", 0x11, "ProcessListSymDetails", 0x28, "Result", 0x40) + gengort.Validate((*DebuggeeDetailsAndSwitchThreadPacket)(nil), 0x68, 0x8, "ActionType", 0x0, "ThreadId", 0x4, "ProcessId", 0x8, "Thread", 0x10, "Process", 0x18, "CheckByClockInterrupt", 0x20, "ProcessName", 0x21, "ThreadListSymDetails", 0x38, "Result", 0x60) + gengort.Validate((*DebuggeeStepPacket)(nil), 0xc, 0x4, "StepType", 0x0, "IsCurrentInstructionACall", 0x4, "CallLength", 0x8) + gengort.Validate((*DebuggeeFormatsPacket)(nil), 0x10, 0x8, "Value", 0x0, "Result", 0x8) + gengort.Validate((*DebuggeeSymbolRequestPacket)(nil), 0x4, 0x4, "ProcessId", 0x0) + gengort.Validate((*DebuggeeBpPacket)(nil), 0x20, 0x8, "Address", 0x0, "Pid", 0x8, "Tid", 0xc, "Core", 0x10, "RemoveAfterHit", 0x14, "CheckForCallbacks", 0x15, "Result", 0x18) + gengort.Validate((*DebuggeeBpListOrModifyPacket)(nil), 0x10, 0x8, "BreakpointId", 0x0, "Request", 0x8, "Result", 0xc) + gengort.Validate((*DebuggeeScriptPacket)(nil), 0x10, 0x4, "ScriptBufferSize", 0x0, "ScriptBufferPointer", 0x4, "IsFormat", 0x8, "Result", 0xc) + gengort.Validate((*DebuggeeResultOfSearchPacket)(nil), 0x8, 0x4, "CountOfResults", 0x0, "Result", 0x4) + gengort.Validate((*DebuggeeRegisterReadDescription)(nil), 0x18, 0x8, "RegisterID", 0x0, "Value", 0x8, "KernelStatus", 0x10) + gengort.Validate((*ModuleSymbolDetail)(nil), 0x258, 0x8, "IsSymbolDetailsFound", 0x0, "IsLocalSymbolPath", 0x1, "IsSymbolPDBAvaliable", 0x2, "IsUserMode", 0x3, "Is32Bit", 0x4, "BaseAddress", 0x8, "FilePath", 0x10, "ModuleSymbolPath", 0x114, "ModuleSymbolGuidAndAge", 0x218) + gengort.Validate((*UsermodeLoadedModuleSymbols)(nil), 0x218, 0x8, "BaseAddress", 0x0, "Entrypoint", 0x8, "FilePath", 0x10) + gengort.Validate((*UsermodeLoadedModuleDetails)(nil), 0x10, 0x4, "ProcessId", 0x0, "OnlyCountModules", 0x4, "Is32Bit", 0x5, "ModulesCount", 0x8, "Result", 0xc) + gengort.Validate((*DebuggerUpdateSymbolTable)(nil), 0x260, 0x8, "TotalSymbols", 0x0, "CurrentSymbolIndex", 0x4, "SymbolDetailPacket", 0x8) + gengort.Validate((*DebuggeeSymbolUpdateResult)(nil), 0x8, 0x8, "KernelStatus", 0x0) + gengort.Validate((*HwdbgPortInformationItems)(nil), 0x4, 0x4, "PortSize", 0x0) + gengort.Validate((*HwdbgInstanceInformation)(nil), 0x38, 0x8, "Version", 0x0, "maximumNumberOfStages", 0x4, "scriptVariableLength", 0x8, "maximumNumberOfSupportedGetScriptOperators", 0xc, "maximumNumberOfSupportedSetScriptOperators", 0x10, "sharedMemorySize", 0x14, "debuggerAreaOffset", 0x18, "debuggeeAreaOffset", 0x1c, "numberOfPins", 0x20, "numberOfPorts", 0x24, "scriptCapabilities", 0x28, "bramAddrWidth", 0x30, "bramDataWidth", 0x34) + gengort.Validate((*_HwdbgScriptCapabilities)(nil), 0x8, 0x8, "FuncOr", 0x1, "FuncXor", 0x2, "FuncAnd", 0x3, "FuncAsr", 0x4, "FuncAsl", 0x5, "FuncAdd", 0x6, "FuncSub", 0x7, "FuncMul", 0x8, "FuncDiv", 0x9, "FuncMod", 0xa, "FuncGt", 0xb, "FuncLt", 0xc, "FuncEgt", 0xd, "FuncElt", 0xe, "FuncEqual", 0xf, "FuncNeq", 0x10, "FuncJmp", 0x11, "FuncJz", 0x12, "FuncJnz", 0x13, "FuncMov", 0x14, "FuncPrintf", 0x15) + gengort.Validate((*HwdbgScriptBuffer)(nil), 0x4, 0x4, "scriptNumberOfSymbols", 0x0) +} diff --git a/gengo/bind/sdkMerge/New Text Document.txt b/gengo/bind/sdkMerge/New Text Document.txt new file mode 100644 index 000000000..35990dd88 --- /dev/null +++ b/gengo/bind/sdkMerge/New Text Document.txt @@ -0,0 +1,18 @@ +func Test_transFile(t *testing.T) { + includePaths := []string{ + "D:/fork/cpp2go/test/hyperdbg/dependencies", + "D:/fork/cpp2go/test/hyperdbg/hprdbgctrl", + "D:/fork/cpp2go/test/hyperdbg/hprdbgctrl/header", + "D:/fork/cpp2go/test/hyperdbg/include", + "C:/Program Files/Microsoft Visual Studio/2022/Enterprise/VC/Tools/MSVC/14.40.33807/include", + "C:/Program Files/Microsoft Visual Studio/2022/Enterprise/VC/Tools/MSVC/14.40.33807/atlmfc/include", + "C:/Program Files/Microsoft Visual Studio/2022/Enterprise/VC/Auxiliary/VS/include", + "C:/Program Files (x86)/Windows Kits/10/Include/10.0.26100.0/ucrt", + "C:/Program Files (x86)/Windows Kits/10/Include/10.0.26100.0/um", + "C:/Program Files (x86)/Windows Kits/10/Include/10.0.26100.0/shared", + "C:/Program Files (x86)/Windows Kits/10/Include/10.0.26100.0/winrt", + "C:/Program Files (x86)/Windows Kits/10/Include/10.0.26100.0/cppwinrt", + "C:/Program Files (x86)/Windows Kits/NETFXSDK/4.8.1/Include/um", + } + + path := "D:\\fork\\cpp2go\\test\\hyperdbg\\hprdbgctrl\\code\\app\\hprdbgctrl" diff --git a/gengo/bind/sdkMerge/bug/CMakeLists.txt b/gengo/bind/sdkMerge/bug/CMakeLists.txt new file mode 100644 index 000000000..9a3a7ade7 --- /dev/null +++ b/gengo/bind/sdkMerge/bug/CMakeLists.txt @@ -0,0 +1,9 @@ +cmake_minimum_required(VERSION 3.28) +project(bug C) + +set(CMAKE_C_STANDARD 11) + +include_directories(.) + +add_executable(bug + bug.h) diff --git a/gengo/bind/sdkMerge/bug/bug.h b/gengo/bind/sdkMerge/bug/bug.h new file mode 100644 index 000000000..3584d7816 --- /dev/null +++ b/gengo/bind/sdkMerge/bug/bug.h @@ -0,0 +1,121 @@ +typedef unsigned long long QWORD; +typedef unsigned __int64 UINT64, *PUINT64; +typedef unsigned long DWORD; +typedef int BOOL; +typedef unsigned char BYTE; +typedef unsigned short WORD; +typedef int INT; +typedef unsigned int UINT; +typedef unsigned int * PUINT; +typedef unsigned __int64 ULONG64, *PULONG64; +typedef unsigned __int64 DWORD64, *PDWORD64; +typedef char CHAR; +typedef short WCHAR; +//typedef wchar_t WCHAR; +#define VOID void +#define PVOID void* +//#define LPVOID void* +//#define HANDLE void* + +typedef unsigned char UCHAR; +typedef unsigned short USHORT; +typedef unsigned long ULONG; + +typedef UCHAR BOOLEAN; // winnt +typedef BOOLEAN * PBOOLEAN; // winnt + +typedef signed char INT8, *PINT8; +typedef signed short INT16, *PINT16; +typedef signed int INT32, *PINT32; +typedef signed __int64 INT64, *PINT64; +typedef unsigned char UINT8, *PUINT8; +typedef unsigned short UINT16, *PUINT16; +typedef unsigned int UINT32, *PUINT32; +typedef unsigned __int64 UINT64, *PUINT64; + + #define X86_FLAGS_RESERVED_BITS 0xffc38028 + #define X86_FLAGS_FIXED 0x00000002 + + #define IOCTL_PREACTIVATE_FUNCTIONALITY \ + CTL_CODE(FILE_DEVICE_UNKNOWN, 0x820, METHOD_BUFFERED, FILE_ANY_ACCESS) + + typedef struct _CR3_TYPE + { + union + { + UINT64 Flags; + + struct + { + UINT64 Pcid : 12; + UINT64 PageFrameNumber : 36; + UINT64 Reserved1 : 12; + UINT64 Reserved_2 : 3; + UINT64 PcidInvalidate : 1; + } Fields; + }; + } CR3_TYPE, *PCR3_TYPE; + + + +// typedef struct xed_immdis_s { +// unsigned int currently_used_space :4; // current number of assigned bytes +// unsigned int max_allocated_space :4; // max allocation, 4 or 8 +// int present : 1; +// int immediate_is_unsigned : 1; +// } xed_immdis_t; + +//typedef union +//{ +// struct VMX_SEGMENT_ACCESS_RIGHTS_TYPE +// { +// /** +// * [Bits 3:0] Segment type. +// */ +// UINT32 Type : 4; +// +// /** +// * [Bit 4] S - Descriptor type (0 = system; 1 = code or data). +// */ +// UINT32 DescriptorType : 1; +// +// /** +// * [Bits 6:5] DPL - Descriptor privilege level. +// */ +// UINT32 DescriptorPrivilegeLevel : 2; +// +// /** +// * [Bit 7] P - Segment present. +// */ +// UINT32 Present : 1; +// +// UINT32 Reserved1 : 4; +// +// /** +// * [Bit 12] AVL - Available for use by system software. +// */ +// UINT32 AvailableBit : 1; +// +// /** +// * [Bit 13] Reserved (except for CS). L - 64-bit mode active (for CS only). +// */ +// UINT32 LongMode : 1; +// +// /** +// * [Bit 14] D/B - Default operation size (0 = 16-bit segment; 1 = 32-bit segment). +// */ +// UINT32 DefaultBig : 1; +// +// /** +// * [Bit 15] G - Granularity. +// */ +// UINT32 Granularity : 1; +// /** +// * [Bit 16] Segment unusable (0 = usable; 1 = unusable). +// */ +// UINT32 Unusable : 1; +// UINT32 Reserved2 : 15; +// }; +// +// UINT32 AsUInt; +//} VMX_SEGMENT_ACCESS_RIGHTS_TYPE; diff --git a/gengo/bind/sdkMerge/bug/bug_test.go b/gengo/bind/sdkMerge/bug/bug_test.go new file mode 100644 index 000000000..5d16d37d1 --- /dev/null +++ b/gengo/bind/sdkMerge/bug/bug_test.go @@ -0,0 +1,20 @@ +package bug + +import ( + "testing" + + "github.com/can1357/gengo/clang" + "github.com/can1357/gengo/gengo" + "github.com/ddkwork/golibrary/mylog" +) + +func TestBug(t *testing.T) { + pkg := gengo.NewPackage("bug") + path := "bug.h" + mylog.Check(pkg.Transform("bug", &clang.Options{ + Sources: []string{path}, + AdditionalParams: []string{}, + }), + ) + mylog.Check(pkg.WriteToDir("./tmp")) +} diff --git a/gengo/bind/sdkMerge/bug/tmp/bug.go b/gengo/bind/sdkMerge/bug/tmp/bug.go new file mode 100644 index 000000000..b6d7d3ebc --- /dev/null +++ b/gengo/bind/sdkMerge/bug/tmp/bug.go @@ -0,0 +1,95 @@ +// Code generated by gengo. DO NOT EDIT. +package bug + +import ( + "unsafe" + + "github.com/can1357/gengo/gengort" +) + +const GengoLibraryName = "bug" + +var GengoLibrary = gengort.NewLibrary(GengoLibraryName) + +type Cr3Type struct { + Anon44_6 +} +type Anon44_6 struct { + Raw [1]int64 +} +type Anon48_10 struct { + Pcid Uint64 + PageFrameNumber Uint64 + Reserved1 Uint64 + Reserved_2 Uint64 + PcidInvalidate Uint64 +} +type ( + _Int128T = any + _Uint128T = any + __NSConstantString = any + SizeT = uint64 + _BuiltinMsVaList = *byte + _BuiltinVaList = *byte + Qword = uint64 + Uint64 = uint64 + Puint64 = *uint64 + Dword = uint64 + Bool = int32 + Byte = uint8 + Word = uint16 + Int = int32 + Uint = uint32 + Puint = *uint32 + Ulong64 = uint64 + Pulong64 = *uint64 + Dword64 = uint64 + Pdword64 = *uint64 + Char = byte + Wchar = int16 + Uchar = uint8 + Ushort = uint16 + Ulong = uint64 + Boolean = Uchar + Pboolean = *Boolean + Int8 = int8 + Pint8 = *int8 + Int16 = int16 + Pint16 = *int16 + Int32 = int32 + Pint32 = *int32 + Int64 = int64 + Pint64 = *int64 + Uint8 = uint8 + Puint8 = *uint8 + Uint16 = uint16 + Puint16 = *uint16 + Uint32 = uint32 + Puint32 = *uint32 + Uint64 = uint64 + Puint64 = *uint64 + Pcr3Type = *Cr3Type +) + +func (s Anon44_6) Flags() Uint64 { + return gengort.ReadBitcast[Uint64](unsafe.Add(unsafe.Pointer(unsafe.SliceData(s.Raw[:])), 0)) +} + +func (s *Anon44_6) SetFlags(v Uint64) { + gengort.WriteBitcast(unsafe.Add(unsafe.Pointer(unsafe.SliceData(s.Raw[:])), 0), v) +} + +func (s Anon44_6) Fields() Anon48_10 { + return gengort.ReadBitcast[Anon48_10](unsafe.Add(unsafe.Pointer(unsafe.SliceData(s.Raw[:])), 0)) +} + +func (s *Anon44_6) SetFields(v Anon48_10) { + gengort.WriteBitcast(unsafe.Add(unsafe.Pointer(unsafe.SliceData(s.Raw[:])), 0), v) +} + +// Gengo init function. +func init() { + gengort.Validate((*Cr3Type)(nil), 0x8, 0x8) + gengort.Validate((*Anon44_6)(nil), 0x8, 0x8) + gengort.Validate((*Anon48_10)(nil), 0x8, 0x8, "Pcid", 0xc, "PageFrameNumber", 0x30, "Reserved1", 0x3c, "Reserved_2", 0x3f, "PcidInvalidate", 0x40) +} diff --git a/gengo/bind/sdkMerge/combined_headers.h b/gengo/bind/sdkMerge/combined_headers.h new file mode 100644 index 000000000..44797a4b4 --- /dev/null +++ b/gengo/bind/sdkMerge/combined_headers.h @@ -0,0 +1,4213 @@ +/** + * @file Constants.h + * @author Sina Karvandi (sina@hyperdbg.org) + * @brief HyperDbg's SDK constants + * @details This file contains definitions of constants + * used in HyperDbg + * @version 0.2 + * @date 2022-06-24 + * + * @copyright This project is released under the GNU Public License v3. + * + */ +#pragma once + +////////////////////////////////////////////////// +// Version Information // +////////////////////////////////////////////////// + +#define VERSION_MAJOR 1 +#define VERSION_MINOR 0 +#define VERSION_PATCH 0 + +// +// Example of __DATE__ string: "Jul 27 2012" +// 01234567890 + +#define BUILD_YEAR_CH0 (__DATE__[7]) +#define BUILD_YEAR_CH1 (__DATE__[8]) +#define BUILD_YEAR_CH2 (__DATE__[9]) +#define BUILD_YEAR_CH3 (__DATE__[10]) + +#define BUILD_MONTH_IS_JAN (__DATE__[0] == 'J' && __DATE__[1] == 'a' && __DATE__[2] == 'n') +#define BUILD_MONTH_IS_FEB (__DATE__[0] == 'F') +#define BUILD_MONTH_IS_MAR (__DATE__[0] == 'M' && __DATE__[1] == 'a' && __DATE__[2] == 'r') +#define BUILD_MONTH_IS_APR (__DATE__[0] == 'A' && __DATE__[1] == 'p') +#define BUILD_MONTH_IS_MAY (__DATE__[0] == 'M' && __DATE__[1] == 'a' && __DATE__[2] == 'y') +#define BUILD_MONTH_IS_JUN (__DATE__[0] == 'J' && __DATE__[1] == 'u' && __DATE__[2] == 'n') +#define BUILD_MONTH_IS_JUL (__DATE__[0] == 'J' && __DATE__[1] == 'u' && __DATE__[2] == 'l') +#define BUILD_MONTH_IS_AUG (__DATE__[0] == 'A' && __DATE__[1] == 'u') +#define BUILD_MONTH_IS_SEP (__DATE__[0] == 'S') +#define BUILD_MONTH_IS_OCT (__DATE__[0] == 'O') +#define BUILD_MONTH_IS_NOV (__DATE__[0] == 'N') +#define BUILD_MONTH_IS_DEC (__DATE__[0] == 'D') + +#define BUILD_MONTH_CH0 \ + ((BUILD_MONTH_IS_OCT || BUILD_MONTH_IS_NOV || BUILD_MONTH_IS_DEC) ? '1' : '0') + +#define BUILD_MONTH_CH1 \ + ( \ + (BUILD_MONTH_IS_JAN) ? '1' : (BUILD_MONTH_IS_FEB) ? '2' \ + : (BUILD_MONTH_IS_MAR) ? '3' \ + : (BUILD_MONTH_IS_APR) ? '4' \ + : (BUILD_MONTH_IS_MAY) ? '5' \ + : (BUILD_MONTH_IS_JUN) ? '6' \ + : (BUILD_MONTH_IS_JUL) ? '7' \ + : (BUILD_MONTH_IS_AUG) ? '8' \ + : (BUILD_MONTH_IS_SEP) ? '9' \ + : (BUILD_MONTH_IS_OCT) ? '0' \ + : (BUILD_MONTH_IS_NOV) ? '1' \ + : (BUILD_MONTH_IS_DEC) ? '2' \ + : /* error default */ '?') + +#define BUILD_DAY_CH0 ((__DATE__[4] >= '0') ? (__DATE__[4]) : '0') +#define BUILD_DAY_CH1 (__DATE__[5]) + +// +// Example of __TIME__ string: "21:06:19" +// 01234567 + +#define BUILD_HOUR_CH0 (__TIME__[0]) +#define BUILD_HOUR_CH1 (__TIME__[1]) + +#define BUILD_MIN_CH0 (__TIME__[3]) +#define BUILD_MIN_CH1 (__TIME__[4]) + +#define BUILD_SEC_CH0 (__TIME__[6]) +#define BUILD_SEC_CH1 (__TIME__[7]) + +#if VERSION_MAJOR > 100 + +# define VERSION_MAJOR_INIT \ + ((VERSION_MAJOR / 100) + '0'), \ + (((VERSION_MAJOR % 100) / 10) + '0'), \ + ((VERSION_MAJOR % 10) + '0') + +#elif VERSION_MAJOR > 10 + +# define VERSION_MAJOR_INIT \ + ((VERSION_MAJOR / 10) + '0'), \ + ((VERSION_MAJOR % 10) + '0') + +#else + +# define VERSION_MAJOR_INIT \ + (VERSION_MAJOR + '0') + +#endif + +#if VERSION_MINOR > 100 + +# define VERSION_MINOR_INIT \ + ((VERSION_MINOR / 100) + '0'), \ + (((VERSION_MINOR % 100) / 10) + '0'), \ + ((VERSION_MINOR % 10) + '0') + +#elif VERSION_MINOR > 10 + +# define VERSION_MINOR_INIT \ + ((VERSION_MINOR / 10) + '0'), \ + ((VERSION_MINOR % 10) + '0') + +#else + +# define VERSION_MINOR_INIT \ + (VERSION_MINOR + '0') + +#endif + +#if VERSION_PATCH > 100 + +# define VERSION_PATCH_INIT \ + ((VERSION_PATCH / 100) + '0'), \ + (((VERSION_PATCH % 100) / 10) + '0'), \ + ((VERSION_PATCH % 10) + '0') + +#elif VERSION_PATCH > 10 + +# define VERSION_PATCH_INIT \ + ((VERSION_PATCH / 10) + '0'), \ + ((VERSION_PATCH % 10) + '0') + +#else + +# define VERSION_PATCH_INIT \ + (VERSION_PATCH + '0') + +#endif + +#ifndef HYPERDBG_KERNEL_MODE + +const unsigned char BuildDateTime[] = { + BUILD_YEAR_CH0, + BUILD_YEAR_CH1, + BUILD_YEAR_CH2, + BUILD_YEAR_CH3, + '-', + BUILD_MONTH_CH0, + BUILD_MONTH_CH1, + '-', + BUILD_DAY_CH0, + BUILD_DAY_CH1, + ' ', + BUILD_HOUR_CH0, + BUILD_HOUR_CH1, + ':', + BUILD_MIN_CH0, + BUILD_MIN_CH1, + ':', + BUILD_SEC_CH0, + BUILD_SEC_CH1, + + '\0'}; + +const unsigned char CompleteVersion[] = { + 'v', + VERSION_MAJOR_INIT, + '.', + VERSION_MINOR_INIT, + '.', + VERSION_PATCH_INIT, + '\0'}; + +const unsigned char BuildVersion[] = { + BUILD_YEAR_CH0, + BUILD_YEAR_CH1, + BUILD_YEAR_CH2, + BUILD_YEAR_CH3, + BUILD_MONTH_CH0, + BUILD_MONTH_CH1, + BUILD_DAY_CH0, + BUILD_DAY_CH1, + '.', + BUILD_HOUR_CH0, + BUILD_HOUR_CH1, + BUILD_MIN_CH0, + BUILD_MIN_CH1, + + '\0'}; + +const unsigned char BuildSignature[] = { + VERSION_MAJOR_INIT, + '.', + VERSION_MINOR_INIT, + '.', + VERSION_PATCH_INIT, + '-', + BUILD_YEAR_CH0, + BUILD_YEAR_CH1, + BUILD_YEAR_CH2, + BUILD_YEAR_CH3, + BUILD_MONTH_CH0, + BUILD_MONTH_CH1, + BUILD_DAY_CH0, + BUILD_DAY_CH1, + '.', + BUILD_HOUR_CH0, + BUILD_HOUR_CH1, + BUILD_MIN_CH0, + BUILD_MIN_CH1, + + '\0'}; + +#endif // SCRIPT_ENGINE_KERNEL_MODE + +////////////////////////////////////////////////// +// Message Tracing // +////////////////////////////////////////////////// + +/** + * @brief Default buffer count of packets for message tracing + * @details number of packets storage for regular buffers + */ +#define MaximumPacketsCapacity 1000 + +/** + * @brief Default buffer count of packets for message tracing + * @details number of packets storage for priority buffers + */ +#define MaximumPacketsCapacityPriority 50 + +/** + * @brief Size of normal OS (processor) pages + */ +#define NORMAL_PAGE_SIZE 4096 // PAGE_SIZE + +/** + * @brief Size of each packet + */ +#define PacketChunkSize NORMAL_PAGE_SIZE + +/** + * @brief size of user-mode buffer + * @details Because of operation code at the start of the + * buffer + 1 for null-termminating + * + */ +#define UsermodeBufferSize sizeof(UINT32) + PacketChunkSize + 1 + +/** + * @brief size of buffer for serial + * @details the maximum packet size for sending over serial + * + */ +#define MaxSerialPacketSize 10 * NORMAL_PAGE_SIZE + +/** + * @brief Final storage size of message tracing + * + */ +#define LogBufferSize \ + MaximumPacketsCapacity *(PacketChunkSize + sizeof(BUFFER_HEADER)) + +/** + * @brief Final storage size of message tracing + * + */ +#define LogBufferSizePriority \ + MaximumPacketsCapacityPriority *(PacketChunkSize + sizeof(BUFFER_HEADER)) + +/** + * @brief limitation of Windows DbgPrint message size + * @details currently is not functional + * + */ +#define DbgPrintLimitation 512 + +/** + * @brief The seeds that user-mode codes use as the starter + * of their events' tag + * + */ +#define DebuggerEventTagStartSeed 0x1000000 + +/** + * @brief The seeds that user-mode thread detail token start with it + * @details This seed should not start with zero (0), otherwise it's + * interpreted as error + */ +#define DebuggerThreadDebuggingTagStartSeed 0x1000000 + +/** + * @brief The seeds that user-mode codes use as the starter + * of their output source tag + * + */ +#define DebuggerOutputSourceTagStartSeed 0x1 + +/** + * @brief Determines how many sources a debugger can have for + * a single event + * + */ +#define DebuggerOutputSourceMaximumRemoteSourceForSingleEvent 0x5 + +/** + * @brief The size of each chunk of memory used in the 'memcpy' function + * of the script engine for transferring buffers in the VMX-root mode + * + */ +#define DebuggerScriptEngineMemcpyMovingBufferSize 64 + +////////////////////////////////////////////////// +// EPT Hook // +////////////////////////////////////////////////// + +/** + * @brief Maximum number of initial pre-allocated EPT hooks + * + */ +#define MAXIMUM_NUMBER_OF_INITIAL_PREALLOCATED_EPT_HOOKS 5 + +////////////////////////////////////////////////// +// Instant Event Configs // +////////////////////////////////////////////////// + +/** + * @brief Maximum number of (regular) instant events that are pre-allocated + * + */ +#define MAXIMUM_REGULAR_INSTANT_EVENTS 20 + +/** + * @brief Maximum number of (big) instant events that are pre-allocated + * + */ +#define MAXIMUM_BIG_INSTANT_EVENTS 0 + +/** + * @brief Pre-allocated size for a regular event + conditions buffer + * + */ +#define REGULAR_INSTANT_EVENT_CONDITIONAL_BUFFER sizeof(DEBUGGER_EVENT) + 100 + +/** + * @brief Pre-allocated size for a big event + conditions buffer + * + */ +#define BIG_INSTANT_EVENT_CONDITIONAL_BUFFER sizeof(DEBUGGER_EVENT) + PAGE_SIZE + +/** + * @brief Pre-allocated size for a regular action + custom code or script buffer + * + */ +#define REGULAR_INSTANT_EVENT_ACTION_BUFFER sizeof(DEBUGGER_EVENT_ACTION) + (PAGE_SIZE * 2) + +/** + * @brief Pre-allocated size for a big action + custom code or script buffer + * + */ +#define BIG_INSTANT_EVENT_ACTION_BUFFER sizeof(DEBUGGER_EVENT_ACTION) + MaxSerialPacketSize + +/** + * @brief Pre-allocated size for a regular requested safe buffer + * + */ +#define REGULAR_INSTANT_EVENT_REQUESTED_SAFE_BUFFER PAGE_SIZE + +/** + * @brief Pre-allocated size for a big requested safe buffer + * + */ +#define BIG_INSTANT_EVENT_REQUESTED_SAFE_BUFFER MaxSerialPacketSize + +////////////////////////////////////////////////// +// Remote Connection // +////////////////////////////////////////////////// + +/** + * @brief default port of HyperDbg for listening by + * debuggee (server, guest) + * + */ +#define DEFAULT_PORT "50000" + +/** + * @brief Packet size for TCP connections + * @details Note that we might add something to the kernel buffers + * that's why we add 0x100 to it + */ +#define COMMUNICATION_BUFFER_SIZE PacketChunkSize + 0x100 + +////////////////////////////////////////////////// +// VMCALL Numbers // +////////////////////////////////////////////////// + +/** + * @brief The start number of VMCALL number allowed to be + * used by top-level drivers + * + */ +#define TOP_LEVEL_DRIVERS_VMCALL_STARTING_NUMBER 0x00000200 + +/** + * @brief The start number of VMCALL number allowed to be + * used by top-level drivers + * + */ +#define TOP_LEVEL_DRIVERS_VMCALL_ENDING_NUMBER TOP_LEVEL_DRIVERS_VMCALL_STARTING_NUMBER + 0x100 + +////////////////////////////////////////////////// +// Operation Codes // +////////////////////////////////////////////////// + +/** + * @brief If a operation use this bit in its Operation code, + * then it means that the operation should be performed + * mandatorily in debuggee and should not be sent to the debugger + */ +#define OPERATION_MANDATORY_DEBUGGEE_BIT (1 << 31) + +/** + * @brief Message logs id that comes from kernel-mode to + * user-mode + * @details Message area >= 0x5 + */ +#define OPERATION_LOG_INFO_MESSAGE 1U +#define OPERATION_LOG_WARNING_MESSAGE 2U +#define OPERATION_LOG_ERROR_MESSAGE 3U +#define OPERATION_LOG_NON_IMMEDIATE_MESSAGE 4U +#define OPERATION_LOG_WITH_TAG 5U + +#define OPERATION_COMMAND_FROM_DEBUGGER_CLOSE_AND_UNLOAD_VMM \ + 6U | OPERATION_MANDATORY_DEBUGGEE_BIT +#define OPERATION_DEBUGGEE_USER_INPUT 7U | OPERATION_MANDATORY_DEBUGGEE_BIT +#define OPERATION_DEBUGGEE_REGISTER_EVENT 8U | OPERATION_MANDATORY_DEBUGGEE_BIT +#define OPERATION_DEBUGGEE_ADD_ACTION_TO_EVENT \ + 9 | OPERATION_MANDATORY_DEBUGGEE_BIT +#define OPERATION_DEBUGGEE_CLEAR_EVENTS 10U | OPERATION_MANDATORY_DEBUGGEE_BIT +#define OPERATION_DEBUGGEE_CLEAR_EVENTS_WITHOUT_NOTIFYING_DEBUGGER 11U | OPERATION_MANDATORY_DEBUGGEE_BIT +#define OPERATION_HYPERVISOR_DRIVER_IS_SUCCESSFULLY_LOADED \ + 12U | OPERATION_MANDATORY_DEBUGGEE_BIT +#define OPERATION_HYPERVISOR_DRIVER_END_OF_IRPS \ + 13U | OPERATION_MANDATORY_DEBUGGEE_BIT +#define OPERATION_COMMAND_FROM_DEBUGGER_RELOAD_SYMBOL \ + 14U | OPERATION_MANDATORY_DEBUGGEE_BIT + +#define OPERATION_NOTIFICATION_FROM_USER_DEBUGGER_PAUSE \ + 15U | OPERATION_MANDATORY_DEBUGGEE_BIT + +////////////////////////////////////////////////// +// Breakpoints & Debug Breakpoints // +////////////////////////////////////////////////// + +/** + * @brief maximum number of buffers to be allocated for a single + * breakpoint + */ +#define MAXIMUM_BREAKPOINTS_WITHOUT_CONTINUE 100 + +/** + * @brief maximum number of thread/process ids to be allocated for a simultaneous + * debugging + * @details it shows the maximum number of threads/processes that HyperDbg sets + * trap flag for them + * + */ +#define MAXIMUM_NUMBER_OF_THREAD_INFORMATION_FOR_TRAPS 200 + +////////////////////////////////////////////////// +// Pool tags used in HyperDbg // +////////////////////////////////////////////////// + +/** + * @brief Pool tag + * + */ +#define POOLTAG 0x48444247 // [H]yper[DBG] (HDBG) + +////////////////////////////////////////////////// +// End of Buffer Detection // +////////////////////////////////////////////////// + +/** + * @brief count of characters for serial end of buffer + */ +#define SERIAL_END_OF_BUFFER_CHARS_COUNT 0x4 + +/** + * @brief characters of the buffer that we set at the end of + * buffers for serial + */ +#define SERIAL_END_OF_BUFFER_CHAR_1 0x00 +#define SERIAL_END_OF_BUFFER_CHAR_2 0x80 +#define SERIAL_END_OF_BUFFER_CHAR_3 0xEE +#define SERIAL_END_OF_BUFFER_CHAR_4 0xFF + +/** + * @brief count of characters for tcp end of buffer + */ +#define TCP_END_OF_BUFFER_CHARS_COUNT 0x4 + +/** + * @brief characters of the buffer that we set at the end of + * buffers for tcp + */ +#define TCP_END_OF_BUFFER_CHAR_1 0x10 +#define TCP_END_OF_BUFFER_CHAR_2 0x20 +#define TCP_END_OF_BUFFER_CHAR_3 0x33 +#define TCP_END_OF_BUFFER_CHAR_4 0x44 + +////////////////////////////////////////////////// +// Name of OS // +////////////////////////////////////////////////// + +/** + * @brief maximum name for OS name buffer + * + */ +#define MAXIMUM_CHARACTER_FOR_OS_NAME 256 + +////////////////////////////////////////////////// +// Processor Details // +////////////////////////////////////////////////// + +/** + * @brief maximum instruction size in Intel + */ +#define MAXIMUM_INSTR_SIZE 16 + +/** + * @brief maximum size for call instruction in Intel + */ +#define MAXIMUM_CALL_INSTR_SIZE 7 + +////////////////////////////////////////////////// +// Symbols Details // +////////////////////////////////////////////////// + +/** + * @brief maximum supported modules to load + * their symbol information + */ +#define MAXIMUM_SUPPORTED_SYMBOLS 1000 + +/** + * @brief maximum size for GUID and Age of PE + * @detail It seems that 33 bytes is enough but let's + * have more space because there might be sth that we + * missed :) + */ +#define MAXIMUM_GUID_AND_AGE_SIZE 60 + +////////////////////////////////////////////////// +// Debuggee Communication // +////////////////////////////////////////////////// + +/** + * @brief constant indicator of a HyperDbg packet + * @warning used in hwdbg + * + */ +#define INDICATOR_OF_HYPERDBG_PACKET \ + 0x4859504552444247 // HYPERDBG = 0x4859504552444247 + +////////////////////////////////////////////////// +// Command Details // +////////////////////////////////////////////////// + +/** + * @brief maximum results that will be returned by !s* s* + * command + * + */ +#define MaximumSearchResults 0x1000 + +////////////////////////////////////////////////// +// Script Engine // +////////////////////////////////////////////////// + +/** + * @brief EFLAGS/RFLAGS + * + */ +#define X86_FLAGS_CF (1 << 0) +#define X86_FLAGS_PF (1 << 2) +#define X86_FLAGS_AF (1 << 4) +#define X86_FLAGS_ZF (1 << 6) +#define X86_FLAGS_SF (1 << 7) +#define X86_FLAGS_TF (1 << 8) +#define X86_FLAGS_IF (1 << 9) +#define X86_FLAGS_DF (1 << 10) +#define X86_FLAGS_OF (1 << 11) +#define X86_FLAGS_STATUS_MASK (0xfff) +#define X86_FLAGS_IOPL_MASK (3 << 12) +#define X86_FLAGS_IOPL_SHIFT (12) +#define X86_FLAGS_IOPL_SHIFT_2ND_BIT (13) +#define X86_FLAGS_NT (1 << 14) +#define X86_FLAGS_RF (1 << 16) +#define X86_FLAGS_VM (1 << 17) +#define X86_FLAGS_AC (1 << 18) +#define X86_FLAGS_VIF (1 << 19) +#define X86_FLAGS_VIP (1 << 20) +#define X86_FLAGS_ID (1 << 21) +#define X86_FLAGS_RESERVED_ONES 0x2 +#define X86_FLAGS_RESERVED 0xffc0802a + +#define X86_FLAGS_RESERVED_BITS 0xffc38028 +#define X86_FLAGS_FIXED 0x00000002 + +#ifndef LOWORD +# define LOWORD(l) ((WORD)(l)) +#endif // !LOWORD + +#ifndef HIWORD +# define HIWORD(l) ((WORD)(((DWORD)(l) >> 16) & 0xFFFF)) +#endif // !HIWORD + +#ifndef LOBYTE +# define LOBYTE(w) ((BYTE)(w)) +#endif // !LOBYTE + +#ifndef HIBYTE +# define HIBYTE(w) ((BYTE)(((WORD)(w) >> 8) & 0xFF)) +#endif // !HIBYTE + +#define MAX_TEMP_COUNT 128 + +#define MAX_STACK_BUFFER_COUNT 128 + +// TODO: Extract number of variables from input of ScriptEngine +// and allocate variableList Dynamically. +#define MAX_VAR_COUNT 512 + +#define MAX_FUNCTION_NAME_LENGTH 32 + +////////////////////////////////////////////////// +// Debugger // +////////////////////////////////////////////////// + +/** + * @brief Apply event modifications to all tags + * + */ +#define DEBUGGER_MODIFY_EVENTS_APPLY_TO_ALL_TAG 0xffffffffffffffff + +/** + * @brief Maximum length for a function (to be used in showing distance + * from symbol functions in the 'u' command) + * + */ +#define DISASSEMBLY_MAXIMUM_DISTANCE_FROM_OBJECT_NAME 0xffff + +/** + * @brief Read and write MSRs to all cores + * + */ +#define DEBUGGER_READ_AND_WRITE_ON_MSR_APPLY_ALL_CORES 0xffffffff + +/** + * @brief Apply the event to all the cores + * + */ +#define DEBUGGER_DEBUGGEE_IS_RUNNING_NO_CORE 0xffffffff + +/** + * @brief Apply the event to all the cores + * + */ +#define DEBUGGER_EVENT_APPLY_TO_ALL_CORES 0xffffffff + +/** + * @brief Apply the event to all the processes + * + */ +#define DEBUGGER_EVENT_APPLY_TO_ALL_PROCESSES 0xffffffff + +/** + * @brief Apply to all Model Specific Registers + * + */ +#define DEBUGGER_EVENT_MSR_READ_OR_WRITE_ALL_MSRS 0xffffffff + +/** + * @brief Apply to all first 32 exceptions + * + */ +#define DEBUGGER_EVENT_EXCEPTIONS_ALL_FIRST_32_ENTRIES 0xffffffff + +/** + * @brief Apply to all syscalls and sysrets + * + */ +#define DEBUGGER_EVENT_SYSCALL_ALL_SYSRET_OR_SYSCALLS 0xffffffff + +/** + * @brief Apply to all I/O ports + * + */ +#define DEBUGGER_EVENT_ALL_IO_PORTS 0xffffffff + +/** + * @brief The constant to apply to all cores for bp command + * + */ +#define DEBUGGEE_BP_APPLY_TO_ALL_CORES 0xffffffff + +/** + * @brief The constant to apply to all processes for bp command + * + */ +#define DEBUGGEE_BP_APPLY_TO_ALL_PROCESSES 0xffffffff + +/** + * @brief The constant to apply to all threads for bp command + * + */ +#define DEBUGGEE_BP_APPLY_TO_ALL_THREADS 0xffffffff + +/** + * @brief for reading all registers in r command. + * + */ +#define DEBUGGEE_SHOW_ALL_REGISTERS 0xffffffff + + +/** + * @file BasicTypes.h + * @author Sina Karvandi (sina@hyperdbg.org) + * @brief HyperDbg's SDK Headers For Basic Datatypes + * @details This file contains definitions of basic datatypes + * @version 0.2 + * @date 2022-06-28 + * + * @copyright This project is released under the GNU Public License v3. + * + */ +#pragma once + +#pragma warning(disable : 4201) // Suppress nameless struct/union warning + +////////////////////////////////////////////////// +// Basic Datatypes // +////////////////////////////////////////////////// + +typedef unsigned long long QWORD; +typedef unsigned __int64 UINT64, *PUINT64; +typedef unsigned long DWORD; +typedef int BOOL; +typedef unsigned char BYTE; +typedef unsigned short WORD; +typedef int INT; +typedef unsigned int UINT; +typedef unsigned int * PUINT; +typedef unsigned __int64 ULONG64, *PULONG64; +typedef unsigned __int64 DWORD64, *PDWORD64; +typedef char CHAR; +//typedef wchar_t WCHAR; +typedef short wchar_t ; +typedef short WCHAR; +#define VOID void +#define PVOID void * +#define LPVOID void * +#define HANDLE void * +#define SIZE_T int +#define time_t UINT64 +#define MAX_PATH 260 +typedef struct _LIST_ENTRY { + struct _LIST_ENTRY *Flink; + struct _LIST_ENTRY *Blink; +} LIST_ENTRY, *PLIST_ENTRY, PRLIST_ENTRY; + +//#define static_assert(cond, msg) typedef char static_assertion_##msg[(!!(cond))*2-1]//todo bug,mock error + +typedef unsigned char UCHAR; +typedef unsigned short USHORT; +typedef unsigned long ULONG; + +typedef UCHAR BOOLEAN; // winnt +typedef BOOLEAN * PBOOLEAN; // winnt + +typedef signed char INT8, *PINT8; +typedef signed short INT16, *PINT16; +typedef signed int INT32, *PINT32; +typedef signed __int64 INT64, *PINT64; +typedef unsigned char UINT8, *PUINT8; +typedef unsigned short UINT16, *PUINT16; +typedef unsigned int UINT32, *PUINT32; +typedef unsigned __int64 UINT64, *PUINT64; + +#define NULL_ZERO 0 +#define NULL64_ZERO 0ull + +#define FALSE 0 +#define TRUE 1 + +#define UPPER_56_BITS 0xffffffffffffff00 +#define UPPER_48_BITS 0xffffffffffff0000 +#define UPPER_32_BITS 0xffffffff00000000 +#define LOWER_32_BITS 0x00000000ffffffff +#define LOWER_16_BITS 0x000000000000ffff +#define LOWER_8_BITS 0x00000000000000ff +#define SECOND_LOWER_8_BITS 0x000000000000ff00 +#define UPPER_48_BITS_AND_LOWER_8_BITS 0xffffffffffff00ff + +// +// DO NOT FUCKING TOUCH THIS STRUCTURE WITHOUT COORDINATION WITH SINA +// +typedef struct GUEST_REGS +{ + // + // DO NOT FUCKING TOUCH THIS STRUCTURE WITHOUT COORDINATION WITH SINA + // + + UINT64 rax; // 0x00 + UINT64 rcx; // 0x08 + UINT64 rdx; // 0x10 + UINT64 rbx; // 0x18 + UINT64 rsp; // 0x20 + UINT64 rbp; // 0x28 + UINT64 rsi; // 0x30 + UINT64 rdi; // 0x38 + UINT64 r8; // 0x40 + UINT64 r9; // 0x48 + UINT64 r10; // 0x50 + UINT64 r11; // 0x58 + UINT64 r12; // 0x60 + UINT64 r13; // 0x68 + UINT64 r14; // 0x70 + UINT64 r15; // 0x78 + + // + // DO NOT FUCKING TOUCH THIS STRUCTURE WITHOUT COORDINATION WITH SINA + // + +} GUEST_REGS, *PGUEST_REGS; + +/** + * @brief struct for extra registers + * + */ +typedef struct GUEST_EXTRA_REGISTERS +{ + UINT16 CS; + UINT16 DS; + UINT16 FS; + UINT16 GS; + UINT16 ES; + UINT16 SS; + UINT64 RFLAGS; + UINT64 RIP; +} GUEST_EXTRA_REGISTERS, *PGUEST_EXTRA_REGISTERS; + +/** + * @brief List of different variables + */ +typedef struct _SCRIPT_ENGINE_VARIABLES_LIST +{ + UINT64 * TempList; + UINT64 * GlobalVariablesList; + UINT64 * LocalVariablesList; + +} SCRIPT_ENGINE_VARIABLES_LIST, *PSCRIPT_ENGINE_VARIABLES_LIST; + +/** + * @brief CR3 Structure + * + */ +typedef struct _CR3_TYPE +{ + union + { + UINT64 Flags; + + struct + { + UINT64 Pcid : 12; + UINT64 PageFrameNumber : 36; + UINT64 Reserved1 : 12; + UINT64 Reserved_2 : 3; + UINT64 PcidInvalidate : 1; + } Fields; + }; +} CR3_TYPE, *PCR3_TYPE; + + +/** + * @file ErrorCodes.h + * @author Sina Karvandi (sina@hyperdbg.org) + * @brief HyperDbg's SDK Error codes + * @details This file contains definitions of error codes used in HyperDbg + * @version 0.2 + * @date 2022-06-24 + * + * @copyright This project is released under the GNU Public License v3. + * + */ +#pragma once + +////////////////////////////////////////////////// +// Success Codes // +////////////////////////////////////////////////// + +/** + * @brief General value to indicate that the operation or + * request was successful + * + */ +#define DEBUGGER_OPERATION_WAS_SUCCESSFUL 0xFFFFFFFF + +////////////////////////////////////////////////// +// Error Codes // +////////////////////////////////////////////////// + +/** + * @brief error, the tag not exist + * + */ +#define DEBUGGER_ERROR_TAG_NOT_EXISTS 0xc0000000 + +/** + * @brief error, invalid type of action + * + */ +#define DEBUGGER_ERROR_INVALID_ACTION_TYPE 0xc0000001 + +/** + * @brief error, the action buffer size is invalid + * + */ +#define DEBUGGER_ERROR_ACTION_BUFFER_SIZE_IS_ZERO 0xc0000002 + +/** + * @brief error, the event type is unknown + * + */ +#define DEBUGGER_ERROR_EVENT_TYPE_IS_INVALID 0xc0000003 + +/** + * @brief error, enable to create event + * + */ +#define DEBUGGER_ERROR_UNABLE_TO_CREATE_EVENT 0xc0000004 + +/** + * @brief error, invalid address specified for debugger + * + */ +#define DEBUGGER_ERROR_INVALID_ADDRESS 0xc0000005 + +/** + * @brief error, the core id is invalid + * + */ +#define DEBUGGER_ERROR_INVALID_CORE_ID 0xc0000006 + +/** + * @brief error, the index is greater than 32 in !exception command + * + */ +#define DEBUGGER_ERROR_EXCEPTION_INDEX_EXCEED_FIRST_32_ENTRIES 0xc0000007 + +/** + * @brief error, the index for !interrupt command is not between 32 to 256 + * + */ +#define DEBUGGER_ERROR_INTERRUPT_INDEX_IS_NOT_VALID 0xc0000008 + +/** + * @brief error, unable to hide the debugger and enter to transparent-mode + * + */ +#define DEBUGGER_ERROR_UNABLE_TO_HIDE_OR_UNHIDE_DEBUGGER 0xc0000009 + +/** + * @brief error, the debugger is already in transparent-mode + * + */ +#define DEBUGGER_ERROR_DEBUGGER_ALREADY_UHIDE 0xc000000a + +/** + * @brief error, invalid parameters in !e* e* commands + * + */ +#define DEBUGGER_ERROR_EDIT_MEMORY_STATUS_INVALID_PARAMETER 0xc000000b + +/** + * @brief error, an invalid address is specified based on current cr3 + * in !e* or e* commands + * + */ +#define DEBUGGER_ERROR_EDIT_MEMORY_STATUS_INVALID_ADDRESS_BASED_ON_CURRENT_PROCESS \ + 0xc000000c + +/** + * @brief error, an invalid address is specified based on anotehr process's cr3 + * in !e* or e* commands + * + */ +#define DEBUGGER_ERROR_EDIT_MEMORY_STATUS_INVALID_ADDRESS_BASED_ON_OTHER_PROCESS \ + 0xc000000d + +/** + * @brief error, invalid tag for 'events' command (tag id is unknown for kernel) + * + */ +#define DEBUGGER_ERROR_MODIFY_EVENTS_INVALID_TAG 0xc000000e + +/** + * @brief error, type of action (enable/disable/clear) is wrong + * + */ +#define DEBUGGER_ERROR_MODIFY_EVENTS_INVALID_TYPE_OF_ACTION 0xc000000f + +/** + * @brief error, invalid parameters steppings actions + * + */ +#define DEBUGGER_ERROR_STEPPING_INVALID_PARAMETER 0xc0000010 + +/** + * @brief error, thread is invalid (not found) or disabled in + * stepping (step-in & step-out) requests + * + */ +#define DEBUGGER_ERROR_STEPPINGS_EITHER_THREAD_NOT_FOUND_OR_DISABLED 0xc0000011 + +/** + * @brief error, baud rate is invalid + * + */ +#define DEBUGGER_ERROR_PREPARING_DEBUGGEE_INVALID_BAUDRATE 0xc0000012 + +/** + * @brief error, serial port address is invalid + * + */ +#define DEBUGGER_ERROR_PREPARING_DEBUGGEE_INVALID_SERIAL_PORT 0xc0000013 + +/** + * @brief error, invalid core selected in changing core in remote debuggee + * + */ +#define DEBUGGER_ERROR_PREPARING_DEBUGGEE_INVALID_CORE_IN_REMOTE_DEBUGGE \ + 0xc0000014 + +/** + * @brief error, invalid process selected in changing process in remote debuggee + * + */ +#define DEBUGGER_ERROR_PREPARING_DEBUGGEE_UNABLE_TO_SWITCH_TO_NEW_PROCESS \ + 0xc0000015 + +/** + * @brief error, unable to run script in remote debuggee + * + */ +#define DEBUGGER_ERROR_PREPARING_DEBUGGEE_TO_RUN_SCRIPT 0xc0000016 + +/** + * @brief error, invalid register number + * + */ +#define DEBUGGER_ERROR_INVALID_REGISTER_NUMBER 0xc0000017 + +/** + * @brief error, maximum pools were used without continuing debuggee + * + */ +#define DEBUGGER_ERROR_MAXIMUM_BREAKPOINT_WITHOUT_CONTINUE 0xc0000018 + +/** + * @brief error, breakpoint already exists on the target address + * + */ +#define DEBUGGER_ERROR_BREAKPOINT_ALREADY_EXISTS_ON_THE_ADDRESS 0xc0000019 + +/** + * @brief error, breakpoint id not found + * + */ +#define DEBUGGER_ERROR_BREAKPOINT_ID_NOT_FOUND 0xc000001a + +/** + * @brief error, breakpoint already disabled + * + */ +#define DEBUGGER_ERROR_BREAKPOINT_ALREADY_DISABLED 0xc000001b + +/** + * @brief error, breakpoint already enabled + * + */ +#define DEBUGGER_ERROR_BREAKPOINT_ALREADY_ENABLED 0xc000001c + +/** + * @brief error, memory type is invalid + * + */ +#define DEBUGGER_ERROR_MEMORY_TYPE_INVALID 0xc000001d + +/** + * @brief error, the process id is invalid + * + */ +#define DEBUGGER_ERROR_INVALID_PROCESS_ID 0xc000001e + +/** + * @brief error, for event specific reasons the event is not + * applied + * + */ +#define DEBUGGER_ERROR_EVENT_IS_NOT_APPLIED 0xc000001f + +/** + * @brief error, for process switch or process details, invalid parameter + * + */ +#define DEBUGGER_ERROR_DETAILS_OR_SWITCH_PROCESS_INVALID_PARAMETER 0xc0000020 + +/** + * @brief error, for thread switch or thread details, invalid parameter + * + */ +#define DEBUGGER_ERROR_DETAILS_OR_SWITCH_THREAD_INVALID_PARAMETER 0xc0000021 + +/** + * @brief error, maximum breakpoint for a single page is hit + * + */ +#define DEBUGGER_ERROR_MAXIMUM_BREAKPOINT_FOR_A_SINGLE_PAGE_IS_HIT 0xc0000022 + +/** + * @brief error, there is no pre-allocated buffer + * + */ +#define DEBUGGER_ERROR_PRE_ALLOCATED_BUFFER_IS_EMPTY 0xc0000023 + +/** + * @brief error, in the EPT handler, it could not split the 2MB pages to + * 512 entries of 4 KB pages + * + */ +#define DEBUGGER_ERROR_EPT_COULD_NOT_SPLIT_THE_LARGE_PAGE_TO_4KB_PAGES 0xc0000024 + +/** + * @brief error, failed to get PML1 entry of the target address + * + */ +#define DEBUGGER_ERROR_EPT_FAILED_TO_GET_PML1_ENTRY_OF_TARGET_ADDRESS 0xc0000025 + +/** + * @brief error, multiple EPT Hooks or Monitors are applied on a single page + * + */ +#define DEBUGGER_ERROR_EPT_MULTIPLE_HOOKS_IN_A_SINGLE_PAGE 0xc0000026 + +/** + * @brief error, could not build the EPT Hook + * + */ +#define DEBUGGER_ERROR_COULD_NOT_BUILD_THE_EPT_HOOK 0xc0000027 + +/** + * @brief error, could not find the type of allocation + * + */ +#define DEBUGGER_ERROR_COULD_NOT_FIND_ALLOCATION_TYPE 0xc0000028 + +/** + * @brief error, could not find the index of test query + * + */ +#define DEBUGGER_ERROR_INVALID_TEST_QUERY_INDEX 0xc0000029 + +/** + * @brief error, failed to attach to the target user-mode process + * + */ +#define DEBUGGER_ERROR_UNABLE_TO_ATTACH_TO_TARGET_USER_MODE_PROCESS 0xc000002a + +/** + * @brief error, failed to remove hooks as entrypoint is not reached yet + * @details The caller of this functionality should keep sending the previous + * IOCTL until the hook is remove successfully + * + */ +#define DEBUGGER_ERROR_UNABLE_TO_REMOVE_HOOKS_ENTRYPOINT_NOT_REACHED 0xc000002b + +/** + * @brief error, could not remove the previous hook + * + */ +#define DEBUGGER_ERROR_UNABLE_TO_REMOVE_HOOKS 0xc000002c + +/** + * @brief error, the needed routines for debugging is not initialized + * + */ +#define DEBUGGER_ERROR_FUNCTIONS_FOR_INITIALIZING_PEB_ADDRESSES_ARE_NOT_INITIALIZED 0xc000002d + +/** + * @brief error, unable to get 32-bit or 64-bit of the target process + * + */ +#define DEBUGGER_ERROR_UNABLE_TO_DETECT_32_BIT_OR_64_BIT_PROCESS 0xc000002e + +/** + * @brief error, unable to kill the target process + * + */ +#define DEBUGGER_ERROR_UNABLE_TO_KILL_THE_PROCESS 0xc000002f + +/** + * @brief error, invalid thread debugging token + * + */ +#define DEBUGGER_ERROR_INVALID_THREAD_DEBUGGING_TOKEN 0xc0000030 + +/** + * @brief error, unable to pause the process's threads + * + */ +#define DEBUGGER_ERROR_UNABLE_TO_PAUSE_THE_PROCESS_THREADS 0xc0000031 + +/** + * @brief error, user debugger already attached to this process + * + */ +#define DEBUGGER_ERROR_UNABLE_TO_ATTACH_TO_AN_ALREADY_ATTACHED_PROCESS 0xc0000032 + +/** + * @brief error, the user debugger is not attached to the target process + * + */ +#define DEBUGGER_ERROR_THE_USER_DEBUGGER_NOT_ATTACHED_TO_THE_PROCESS 0xc0000033 + +/** + * @brief error, cannot detach from the process as there are paused threads + * + */ +#define DEBUGGER_ERROR_UNABLE_TO_DETACH_AS_THERE_ARE_PAUSED_THREADS 0xc0000034 + +/** + * @brief error, cannot switch to new thread as the process id or thread id is not found + * + */ +#define DEBUGGER_ERROR_UNABLE_TO_SWITCH_PROCESS_ID_OR_THREAD_ID_IS_INVALID 0xc0000035 + +/** + * @brief error, cannot switch to new thread the process doesn't contain an active thread + * + */ +#define DEBUGGER_ERROR_UNABLE_TO_SWITCH_THERE_IS_NO_THREAD_ON_THE_PROCESS 0xc0000036 + +/** + * @brief error, unable to get modules + * + */ +#define DEBUGGER_ERROR_UNABLE_TO_GET_MODULES_OF_THE_PROCESS 0xc0000037 + +/** + * @brief error, unable to get the callstack + * + */ +#define DEBUGGER_ERROR_UNABLE_TO_GET_CALLSTACK 0xc0000038 + +/** + * @brief error, unable to query count of processes or threads + * + */ +#define DEBUGGER_ERROR_UNABLE_TO_QUERY_COUNT_OF_PROCESSES_OR_THREADS 0xc0000039 + +/** + * @brief error, using short-circuiting event with post-event mode is + * not supported in HyperDbg + * + */ +#define DEBUGGER_ERROR_USING_SHORT_CIRCUITING_EVENT_WITH_POST_EVENT_MODE_IS_FORBIDDEDN 0xc000003a + +/** + * @brief error, unknown test query is received + * + */ +#define DEBUGGER_ERROR_UNKNOWN_TEST_QUERY_RECEIVED 0xc000003b + +/** + * @brief error, for reading from memory in case of invalid parameters + * + */ +#define DEBUGGER_ERROR_READING_MEMORY_INVALID_PARAMETER 0xc000003c + +/** + * @brief error, the list of threads/process trap flag is full + * + */ +#define DEBUGGER_ERROR_THE_TRAP_FLAG_LIST_IS_FULL 0xc000003d + +/** + * @brief error, unable to kill the target process. process does not exists + * + */ +#define DEBUGGER_ERROR_UNABLE_TO_KILL_THE_PROCESS_DOES_NOT_EXISTS 0xc000003e + +/** + * @brief error, the execution mode is incorrect + * + */ +#define DEBUGGER_ERROR_MODE_EXECUTION_IS_INVALID 0xc000003f + +/** + * @brief error, the process id cannot be specified while the debugger is in VMX-root mode + * + */ +#define DEBUGGER_ERROR_PROCESS_ID_CANNOT_BE_SPECIFIED_WHILE_APPLYING_EVENT_FROM_VMX_ROOT_MODE 0xc0000040 + +/** + * @brief error, the preallocated buffer is not enough for storing event+conditional buffer + * + */ +#define DEBUGGER_ERROR_INSTANT_EVENT_PREALLOCATED_BUFFER_IS_NOT_ENOUGH_FOR_EVENT_AND_CONDITIONALS 0xc0000041 + +/** + * @brief error, the regular preallocated buffer not found + * + */ +#define DEBUGGER_ERROR_INSTANT_EVENT_REGULAR_PREALLOCATED_BUFFER_NOT_FOUND 0xc0000042 + +/** + * @brief error, the big preallocated buffer not found + * + */ +#define DEBUGGER_ERROR_INSTANT_EVENT_BIG_PREALLOCATED_BUFFER_NOT_FOUND 0xc0000043 + +/** + * @brief error, enable to create action (cannot allocate buffer) + * + */ +#define DEBUGGER_ERROR_UNABLE_TO_CREATE_ACTION_CANNOT_ALLOCATE_BUFFER 0xc0000044 + +/** + * @brief error, the regular preallocated buffer not found (for action) + * + */ +#define DEBUGGER_ERROR_INSTANT_EVENT_ACTION_REGULAR_PREALLOCATED_BUFFER_NOT_FOUND 0xc0000045 + +/** + * @brief error, the big preallocated buffer not found (for action) + * + */ +#define DEBUGGER_ERROR_INSTANT_EVENT_ACTION_BIG_PREALLOCATED_BUFFER_NOT_FOUND 0xc0000046 + +/** + * @brief error, the preallocated buffer is not enough for storing action buffer + * + */ +#define DEBUGGER_ERROR_INSTANT_EVENT_PREALLOCATED_BUFFER_IS_NOT_ENOUGH_FOR_ACTION_BUFFER 0xc0000047 + +/** + * @brief error, the requested optional buffer is bigger than send/receive stack of the debugger + * + */ +#define DEBUGGER_ERROR_INSTANT_EVENT_REQUESTED_OPTIONAL_BUFFER_IS_BIGGER_THAN_DEBUGGERS_SEND_RECEIVE_STACK 0xc0000048 + +/** + * @brief error, the requested safe buffer does not exist (regular) + * + */ +#define DEBUGGER_ERROR_INSTANT_EVENT_REGULAR_REQUESTED_SAFE_BUFFER_NOT_FOUND 0xc0000049 + +/** + * @brief error, the requested safe buffer does not exists (big) + * + */ +#define DEBUGGER_ERROR_INSTANT_EVENT_BIG_REQUESTED_SAFE_BUFFER_NOT_FOUND 0xc000004a + +/** + * @brief error, the preallocated buffer is not enough for storing safe requested buffer + * + */ +#define DEBUGGER_ERROR_INSTANT_EVENT_PREALLOCATED_BUFFER_IS_NOT_ENOUGH_FOR_REQUESTED_SAFE_BUFFER 0xc000004b + +/** + * @brief error, enable to create requested safe buffer (cannot allocate buffer) + * + */ +#define DEBUGGER_ERROR_UNABLE_TO_ALLOCATE_REQUESTED_SAFE_BUFFER 0xc000004c + +/** + * @brief error, could not find the type of preactivation + * + */ +#define DEBUGGER_ERROR_COULD_NOT_FIND_PREACTIVATION_TYPE 0xc000004d + +/** + * @brief error, the mode exec trap is not already initialized + * + */ +#define DEBUGGER_ERROR_THE_MODE_EXEC_TRAP_IS_NOT_INITIALIZED 0xc000004e + +/** + * @brief error, the target event(s) is/are disabled but cannot clear them because the buffer of the user-mode + * priority is full + * + */ +#define DEBUGGER_ERROR_THE_TARGET_EVENT_IS_DISABLED_BUT_CANNOT_BE_CLEARED_PRIRITY_BUFFER_IS_FULL 0xc000004f + +/** + * @brief error, not all cores are locked (probably due to a race condition in HyperDbg) in + * instant-event mechanism + * + */ +#define DEBUGGER_ERROR_NOT_ALL_CORES_ARE_LOCKED_FOR_APPLYING_INSTANT_EVENT 0xc0000050 + +/** + * @brief error, switching to the target core is not possible because core is not locked + * (probably due to a race condition in HyperDbg) + * + */ +#define DEBUGGER_ERROR_TARGET_SWITCHING_CORE_IS_NOT_LOCKED 0xc0000051 + +/** + * @brief error, invalid physical address + * + */ +#define DEBUGGER_ERROR_INVALID_PHYSICAL_ADDRESS 0xc0000052 + +// +// WHEN YOU ADD ANYTHING TO THIS LIST OF ERRORS, THEN +// MAKE SURE TO ADD AN ERROR MESSAGE TO ShowErrorMessage(UINT32 Error) +// FUNCTION +// + +/** + * @file Connection.h + * @author Sina Karvandi (sina@hyperdbg.org) + * @brief HyperDbg's SDK Headers For Native Structures, Enums and Constants + * @details These datatypes are used in all devices like HDL (FPGAs) + * @version 0.2 + * @date 2022-07-14 + * + * @copyright This project is released under the GNU Public License v3. + * + */ +#pragma once + +/** + * @brief enum for reasons why debuggee is paused + * + */ +typedef enum _DEBUGGEE_PAUSING_REASON +{ + + // + // For both kernel & user debugger + // + DEBUGGEE_PAUSING_REASON_NOT_PAUSED = 0, + DEBUGGEE_PAUSING_REASON_PAUSE, + DEBUGGEE_PAUSING_REASON_REQUEST_FROM_DEBUGGER, + DEBUGGEE_PAUSING_REASON_DEBUGGEE_STEPPED, + DEBUGGEE_PAUSING_REASON_DEBUGGEE_TRACKING_STEPPED, + DEBUGGEE_PAUSING_REASON_DEBUGGEE_SOFTWARE_BREAKPOINT_HIT, + DEBUGGEE_PAUSING_REASON_DEBUGGEE_HARDWARE_DEBUG_REGISTER_HIT, + DEBUGGEE_PAUSING_REASON_DEBUGGEE_CORE_SWITCHED, + DEBUGGEE_PAUSING_REASON_DEBUGGEE_PROCESS_SWITCHED, + DEBUGGEE_PAUSING_REASON_DEBUGGEE_THREAD_SWITCHED, + DEBUGGEE_PAUSING_REASON_DEBUGGEE_COMMAND_EXECUTION_FINISHED, + DEBUGGEE_PAUSING_REASON_DEBUGGEE_EVENT_TRIGGERED, + DEBUGGEE_PAUSING_REASON_DEBUGGEE_STARTING_MODULE_LOADED, + + // + // Only for user-debugger + // + DEBUGGEE_PAUSING_REASON_DEBUGGEE_GENERAL_DEBUG_BREAK, + DEBUGGEE_PAUSING_REASON_DEBUGGEE_GENERAL_THREAD_INTERCEPTED, + + // + // Only used for hardware debugging + // + DEBUGGEE_PAUSING_REASON_HARDWARE_BASED_DEBUGGEE_GENERAL_BREAK, + +} DEBUGGEE_PAUSING_REASON; + +/** + * @brief enum for requested action for HyperDbg packet + * + */ +typedef enum _DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION +{ + + // + // Debugger to debuggee (user-mode execution) + // + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_USER_MODE_PAUSE = 1, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_USER_MODE_DO_NOT_READ_ANY_PACKET, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_USER_MODE_DEBUGGER_VERSION, + + // + // Debuggee to debugger (user-mode execution) + // + DEBUGGER_REMOTE_PACKET_PING_AND_SEND_SUPPORTED_VERSION, + + // + // Debugger to debuggee (vmx-root mode execution) + // + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_MODE_STEP, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_MODE_CONTINUE, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_MODE_CLOSE_AND_UNLOAD_DEBUGGEE, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_MODE_CHANGE_CORE, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_MODE_FLUSH_BUFFERS, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_MODE_CALLSTACK, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_MODE_TEST_QUERY, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_MODE_CHANGE_PROCESS, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_MODE_CHANGE_THREAD, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_RUN_SCRIPT, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_USER_INPUT_BUFFER, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_SEARCH_QUERY, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_REGISTER_EVENT, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_ADD_ACTION_TO_EVENT, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_QUERY_AND_MODIFY_EVENT, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_READ_REGISTERS, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_READ_MEMORY, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_EDIT_MEMORY, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_BP, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_LIST_OR_MODIFY_BREAKPOINTS, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_SYMBOL_RELOAD, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_QUERY_PA2VA_AND_VA2PA, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_SYMBOL_QUERY_PTE, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_SET_SHORT_CIRCUITING_STATE, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_INJECT_PAGE_FAULT, + + // + // Debuggee to debugger + // + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_NO_ACTION, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_STARTED, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_LOGGING_MECHANISM, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_PAUSED_AND_CURRENT_INSTRUCTION, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_CHANGING_CORE, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_CHANGING_PROCESS, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_CHANGING_THREAD, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_RUNNING_SCRIPT, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_FORMATS, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_FLUSH, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_CALLSTACK, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_TEST_QUERY, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_REGISTERING_EVENT, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_ADDING_ACTION_TO_EVENT, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_QUERY_AND_MODIFY_EVENT, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_SHORT_CIRCUITING_EVENT, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_READING_REGISTERS, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_READING_MEMORY, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_EDITING_MEMORY, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_BP, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_SHORT_CIRCUITING_STATE, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_LIST_OR_MODIFY_BREAKPOINTS, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_UPDATE_SYMBOL_INFO, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RELOAD_SYMBOL_FINISHED, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RELOAD_SEARCH_QUERY, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_PTE, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_VA2PA_AND_PA2VA, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_BRINGING_PAGES_IN, + + // + // hardware debuggee to debugger + // + + // + // hardware debugger to debuggee + // + +} DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION; + +/** + * @brief enum for different packet types in HyperDbg packets + * @warning used in hwdbg + * + */ +typedef enum _DEBUGGER_REMOTE_PACKET_TYPE +{ + + // + // Debugger to debuggee (vmx-root) + // + DEBUGGER_REMOTE_PACKET_TYPE_DEBUGGER_TO_DEBUGGEE_EXECUTE_ON_VMX_ROOT = 1, + + // + // Debugger to debuggee (user-mode) + // + DEBUGGER_REMOTE_PACKET_TYPE_DEBUGGER_TO_DEBUGGEE_EXECUTE_ON_USER_MODE = 2, + + // + // Debuggee to debugger (user-mode and kernel-mode, vmx-root mode) + // + DEBUGGER_REMOTE_PACKET_TYPE_DEBUGGEE_TO_DEBUGGER = 3, + + // + // Debugger to debuggee (hardware), used in hwdbg + // + DEBUGGER_REMOTE_PACKET_TYPE_DEBUGGER_TO_DEBUGGEE_HARDWARE_LEVEL = 4, + + // + // Debuggee to debugger (hardware), used in hwdbg + // + DEBUGGER_REMOTE_PACKET_TYPE_DEBUGGEE_TO_DEBUGGER_HARDWARE_LEVEL = 5, + +} DEBUGGER_REMOTE_PACKET_TYPE; + +/** + * @brief The structure of remote packets in HyperDbg + * + */ +typedef struct _DEBUGGER_REMOTE_PACKET +{ + BYTE Checksum; + UINT64 Indicator; /* Shows the type of the packet */ + DEBUGGER_REMOTE_PACKET_TYPE TypeOfThePacket; + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION RequestedActionOfThePacket; + +} DEBUGGER_REMOTE_PACKET, *PDEBUGGER_REMOTE_PACKET; + +/** + * @file DataTypes.h + * @author Sina Karvandi (sina@hyperdbg.org) + * @brief HyperDbg's SDK data type definitions + * @details This file contains definitions of structures, enums, etc. + * used in HyperDbg + * @version 0.2 + * @date 2022-06-22 + * + * @copyright This project is released under the GNU Public License v3. + * + */ +#pragma once + +////////////////////////////////////////////////// +// Memory Stages // +////////////////////////////////////////////////// + +/** + * @brief Different levels of paging + * + */ +typedef enum _PAGING_LEVEL +{ + PagingLevelPageTable = 0, + PagingLevelPageDirectory, + PagingLevelPageDirectoryPointerTable, + PagingLevelPageMapLevel4 +} PAGING_LEVEL; + +////////////////////////////////////////////////// +// Pool Manager // +////////////////////////////////////////////////// + +/** + * @brief Inum of intentions for buffers (buffer tag) + * + */ +typedef enum _POOL_ALLOCATION_INTENTION +{ + TRACKING_HOOKED_PAGES, + EXEC_TRAMPOLINE, + SPLIT_2MB_PAGING_TO_4KB_PAGE, + DETOUR_HOOK_DETAILS, + BREAKPOINT_DEFINITION_STRUCTURE, + PROCESS_THREAD_HOLDER, + + // + // Instant event buffers + // + INSTANT_REGULAR_EVENT_BUFFER, + INSTANT_BIG_EVENT_BUFFER, + INSTANT_REGULAR_EVENT_ACTION_BUFFER, + INSTANT_BIG_EVENT_ACTION_BUFFER, + + // + // Use for request safe buffers of the event + // + INSTANT_REGULAR_SAFE_BUFFER_FOR_EVENTS, + INSTANT_BIG_SAFE_BUFFER_FOR_EVENTS, + +} POOL_ALLOCATION_INTENTION; + +////////////////////////////////////////////////// +// Debug Registers Modifications // +////////////////////////////////////////////////// + +typedef enum _DEBUG_REGISTER_TYPE +{ + BREAK_ON_INSTRUCTION_FETCH, + BREAK_ON_WRITE_ONLY, + BREAK_ON_IO_READ_OR_WRITE_NOT_SUPPORTED, + BREAK_ON_READ_AND_WRITE_BUT_NOT_FETCH +} DEBUG_REGISTER_TYPE; + +////////////////////////////////////////////////// +// Execution Stages // +////////////////////////////////////////////////// + +typedef enum _VMX_EXECUTION_MODE +{ + VmxExecutionModeNonRoot = FALSE, + VmxExecutionModeRoot = TRUE +} VMX_EXECUTION_MODE; + +/** + * @brief Type of calling the event + * + */ +typedef enum _VMM_CALLBACK_EVENT_CALLING_STAGE_TYPE +{ + VMM_CALLBACK_CALLING_STAGE_INVALID_EVENT_EMULATION = 0, + VMM_CALLBACK_CALLING_STAGE_PRE_EVENT_EMULATION = 1, + VMM_CALLBACK_CALLING_STAGE_POST_EVENT_EMULATION = 2, + VMM_CALLBACK_CALLING_STAGE_ALL_EVENT_EMULATION = 3 + +} VMM_CALLBACK_EVENT_CALLING_STAGE_TYPE; + +/** + * @brief enum to query different process and thread interception mechanisms + * + */ +typedef enum _DEBUGGER_THREAD_PROCESS_TRACING +{ + + DEBUGGER_THREAD_PROCESS_TRACING_INTERCEPT_CLOCK_INTERRUPTS_FOR_THREAD_CHANGE, + DEBUGGER_THREAD_PROCESS_TRACING_INTERCEPT_CLOCK_INTERRUPTS_FOR_PROCESS_CHANGE, + DEBUGGER_THREAD_PROCESS_TRACING_INTERCEPT_CLOCK_DEBUG_REGISTER_INTERCEPTION, + DEBUGGER_THREAD_PROCESS_TRACING_INTERCEPT_CLOCK_WAITING_FOR_MOV_CR3_VM_EXITS, + +} DEBUGGER_THREAD_PROCESS_TRACING; + +////////////////////////////////////////////////// +// Callback Definitions // +////////////////////////////////////////////////// + +/** + * @brief Callback type that can be used to be used + * as a custom ShowMessages function + * + */ +typedef int (*Callback)(const char * Text); + +////////////////////////////////////////////////// +// Communications // +////////////////////////////////////////////////// + +/** + * @brief The structure of user-input packet in HyperDbg + * + */ +typedef struct _DEBUGGEE_USER_INPUT_PACKET +{ + UINT32 CommandLen; + BOOLEAN IgnoreFinishedSignal; + UINT32 Result; + + // + // The user's input is here + // + +} DEBUGGEE_USER_INPUT_PACKET, *PDEBUGGEE_USER_INPUT_PACKET; + +/** + * @brief The structure of user-input packet in HyperDbg + * + */ +typedef struct _DEBUGGEE_EVENT_AND_ACTION_HEADER_FOR_REMOTE_PACKET +{ + UINT32 Length; + + // + // The buffer for event and action is here + // + +} DEBUGGEE_EVENT_AND_ACTION_HEADER_FOR_REMOTE_PACKET, + *PDEBUGGEE_EVENT_AND_ACTION_HEADER_FOR_REMOTE_PACKET; + +////////////////////////////////////////////////// +// Pausing // +////////////////////////////////////////////////// + +#define SIZEOF_DEBUGGER_PAUSE_PACKET_RECEIVED \ + sizeof(DEBUGGER_PAUSE_PACKET_RECEIVED) + +/** + * @brief request to pause and halt the system + * + */ +typedef struct _DEBUGGER_PAUSE_PACKET_RECEIVED +{ + UINT32 Result; // Result from kernel + +} DEBUGGER_PAUSE_PACKET_RECEIVED, *PDEBUGGER_PAUSE_PACKET_RECEIVED; + +/* ============================================================================================== + */ + +/** + * @brief The structure of detail of a triggered event in HyperDbg + * @details This structure is also used for transferring breakpoint ids, RIP as the context, etc. + * + */ +typedef struct _DEBUGGER_TRIGGERED_EVENT_DETAILS +{ + UINT64 Tag; /* in breakpoints Tag is breakpoint id, not event tag */ + PVOID Context; + VMM_CALLBACK_EVENT_CALLING_STAGE_TYPE Stage; + +} DEBUGGER_TRIGGERED_EVENT_DETAILS, *PDEBUGGER_TRIGGERED_EVENT_DETAILS; + +/* ============================================================================================== + */ + +/** + * @brief The structure of pausing packet in kHyperDbg + * + */ +typedef struct _DEBUGGEE_KD_PAUSED_PACKET +{ + UINT64 Rip; + BOOLEAN IsProcessorOn32BitMode; // if true shows that the address should be interpreted in 32-bit mode + BOOLEAN IgnoreDisassembling; // if check if diassembling should be ignored or not + DEBUGGEE_PAUSING_REASON PausingReason; + ULONG CurrentCore; + UINT64 EventTag; + VMM_CALLBACK_EVENT_CALLING_STAGE_TYPE EventCallingStage; + UINT64 Rflags; + BYTE InstructionBytesOnRip[MAXIMUM_INSTR_SIZE]; + UINT16 ReadInstructionLen; + +} DEBUGGEE_KD_PAUSED_PACKET, *PDEBUGGEE_KD_PAUSED_PACKET; + +/* ============================================================================================== + */ + +/** + * @brief The structure of pausing packet in uHyperDbg + * + */ +typedef struct _DEBUGGEE_UD_PAUSED_PACKET +{ + UINT64 Rip; + UINT64 ProcessDebuggingToken; + BOOLEAN Is32Bit; // if true shows that the address should be interpreted in 32-bit mode + DEBUGGEE_PAUSING_REASON PausingReason; + UINT32 ProcessId; + UINT32 ThreadId; + UINT64 Rflags; + UINT64 EventTag; + VMM_CALLBACK_EVENT_CALLING_STAGE_TYPE EventCallingStage; + BYTE InstructionBytesOnRip[MAXIMUM_INSTR_SIZE]; + UINT16 ReadInstructionLen; + GUEST_REGS GuestRegs; + +} DEBUGGEE_UD_PAUSED_PACKET, *PDEBUGGEE_UD_PAUSED_PACKET; + +/** + * @brief check so the DEBUGGEE_UD_PAUSED_PACKET should be smaller than packet size + * + */ +//static_assert(sizeof(DEBUGGEE_UD_PAUSED_PACKET) < PacketChunkSize, +// "err (static_assert), size of PacketChunkSize should be bigger than DEBUGGEE_UD_PAUSED_PACKET"); + +////////////////////////////////////////////////// +// Message Tracing Enums // +////////////////////////////////////////////////// + +/** + * @brief Type of transferring buffer between user-to-kernel + * + */ +typedef enum _NOTIFY_TYPE +{ + IRP_BASED, + EVENT_BASED +} NOTIFY_TYPE; + +////////////////////////////////////////////////// +// Structures // +////////////////////////////////////////////////// + +/** + * @brief The structure of message packet in HyperDbg + * + */ +typedef struct _DEBUGGEE_MESSAGE_PACKET +{ + UINT32 OperationCode; + CHAR Message[PacketChunkSize]; + +} DEBUGGEE_MESSAGE_PACKET, *PDEBUGGEE_MESSAGE_PACKET; + +/** + * @brief Used to register event for transferring buffer between user-to-kernel + * + */ +typedef struct _REGISTER_NOTIFY_BUFFER +{ + NOTIFY_TYPE Type; + HANDLE hEvent; + +} REGISTER_NOTIFY_BUFFER, *PREGISTER_NOTIFY_BUFFER; + +////////////////////////////////////////////////// +// Direct VMCALL // +////////////////////////////////////////////////// + +/** + * @brief Used for sending direct VMCALLs on the VMX root-mode + * + */ +typedef struct _DIRECT_VMCALL_PARAMETERS +{ + UINT64 OptionalParam1; + UINT64 OptionalParam2; + UINT64 OptionalParam3; + +} DIRECT_VMCALL_PARAMETERS, *PDIRECT_VMCALL_PARAMETERS; + +////////////////////////////////////////////////// +// EPT Hook // +////////////////////////////////////////////////// + +/** + * @brief different type of memory addresses + * + */ +typedef enum _DEBUGGER_HOOK_MEMORY_TYPE +{ + DEBUGGER_MEMORY_HOOK_VIRTUAL_ADDRESS, + DEBUGGER_MEMORY_HOOK_PHYSICAL_ADDRESS +} DEBUGGER_HOOK_MEMORY_TYPE; + +/** + * @brief Temporary $context used in some EPT hook commands + * + */ +typedef struct _EPT_HOOKS_CONTEXT +{ + UINT64 HookingTag; // This is same as the event tag + UINT64 PhysicalAddress; + UINT64 VirtualAddress; +} EPT_HOOKS_CONTEXT, *PEPT_HOOKS_CONTEXT; + +/** + * @brief Setting details for EPT Hooks (!monitor) + * + */ +typedef struct _EPT_HOOKS_ADDRESS_DETAILS_FOR_MEMORY_MONITOR +{ + UINT64 StartAddress; + UINT64 EndAddress; + BOOLEAN SetHookForRead; + BOOLEAN SetHookForWrite; + BOOLEAN SetHookForExec; + DEBUGGER_HOOK_MEMORY_TYPE MemoryType; + UINT64 Tag; + +} EPT_HOOKS_ADDRESS_DETAILS_FOR_MEMORY_MONITOR, *PEPT_HOOKS_ADDRESS_DETAILS_FOR_MEMORY_MONITOR; + +/** + * @brief Setting details for EPT Hooks (!epthook2) + * + */ +typedef struct _EPT_HOOKS_ADDRESS_DETAILS_FOR_EPTHOOK2 +{ + PVOID TargetAddress; + PVOID HookFunction; + +} EPT_HOOKS_ADDRESS_DETAILS_FOR_EPTHOOK2, *PEPT_HOOKS_ADDRESS_DETAILS_FOR_EPTHOOK2; + +/** + * @brief Details of unhooking single EPT hooks + * + */ +typedef struct _EPT_SINGLE_HOOK_UNHOOKING_DETAILS +{ + BOOLEAN CallerNeedsToRestoreEntryAndInvalidateEpt; + BOOLEAN RemoveBreakpointInterception; + SIZE_T PhysicalAddress; + UINT64 /* EPT_PML1_ENTRY */ OriginalEntry; + +} EPT_SINGLE_HOOK_UNHOOKING_DETAILS, *PEPT_SINGLE_HOOK_UNHOOKING_DETAILS; + +////////////////////////////////////////////////// +// Segment Types // +////////////////////////////////////////////////// + +/** + * @brief Describe segment selector in VMX + * @details This structure is copied from ia32.h to the SDK to + * be used as a data type for functions + * + */ +typedef union +{ + struct + { + /** + * [Bits 3:0] Segment type. + */ + UINT32 Type : 4; + + /** + * [Bit 4] S - Descriptor type (0 = system; 1 = code or data). + */ + UINT32 DescriptorType : 1; + + /** + * [Bits 6:5] DPL - Descriptor privilege level. + */ + UINT32 DescriptorPrivilegeLevel : 2; + + /** + * [Bit 7] P - Segment present. + */ + UINT32 Present : 1; + + UINT32 Reserved1 : 4; + + /** + * [Bit 12] AVL - Available for use by system software. + */ + UINT32 AvailableBit : 1; + + /** + * [Bit 13] Reserved (except for CS). L - 64-bit mode active (for CS only). + */ + UINT32 LongMode : 1; + + /** + * [Bit 14] D/B - Default operation size (0 = 16-bit segment; 1 = 32-bit segment). + */ + UINT32 DefaultBig : 1; + + /** + * [Bit 15] G - Granularity. + */ + UINT32 Granularity : 1; + /** + * [Bit 16] Segment unusable (0 = usable; 1 = unusable). + */ + UINT32 Unusable : 1; + UINT32 Reserved2 : 15; + }; + + UINT32 AsUInt; +} VMX_SEGMENT_ACCESS_RIGHTS_TYPE; + +/** + * @brief Segment selector + * + */ +typedef struct _VMX_SEGMENT_SELECTOR +{ + UINT16 Selector; + VMX_SEGMENT_ACCESS_RIGHTS_TYPE Attributes; + UINT32 Limit; + UINT64 Base; +} VMX_SEGMENT_SELECTOR, *PVMX_SEGMENT_SELECTOR; + +/** + * @file Ioctls.h + * @author Sina Karvandi (sina@hyperdbg.org) + * @brief HyperDbg's SDK IOCTL codes + * @details This file contains definitions of IOCTLs used in HyperDbg + * @version 0.2 + * @date 2022-06-24 + * + * @copyright This project is released under the GNU Public License v3. + * + */ +#pragma once + +////////////////////////////////////////////////// +// Definitions // +////////////////////////////////////////////////// + +// +// The following controls are mainly defined in +// + +// +// Macro definition for defining IOCTL and FSCTL function control codes. Note +// that function codes 0-2047 are reserved for Microsoft Corporation, and +// 2048-4095 are reserved for customers. +// +#ifndef CTL_CODE + +# define CTL_CODE(DeviceType, Function, Method, Access) ( \ + ((DeviceType) << 16) | ((Access) << 14) | ((Function) << 2) | (Method)) + +#endif // ! CTL_CODE + +#ifndef FILE_ANY_ACCESS + +# define FILE_ANY_ACCESS 0 + +#endif // !FILE_ANY_ACCESS + +// +// Define the method codes for how buffers are passed for I/O and FS controls +// + +#ifndef METHOD_BUFFERED + +# define METHOD_BUFFERED 0 + +#endif // !METHOD_BUFFERED + +#ifndef FILE_DEVICE_UNKNOWN + +# define FILE_DEVICE_UNKNOWN 0x00000022 + +#endif // !FILE_DEVICE_UNKNOWN + +////////////////////////////////////////////////// +// IOCTLs // +////////////////////////////////////////////////// + +/** + * @brief ioctl, register a new event + * + */ +#define IOCTL_REGISTER_EVENT \ + CTL_CODE(FILE_DEVICE_UNKNOWN, 0x800, METHOD_BUFFERED, FILE_ANY_ACCESS) + +/** + * @brief ioctl, irp pending mechanism for reading from message tracing buffers + * + */ +#define IOCTL_RETURN_IRP_PENDING_PACKETS_AND_DISALLOW_IOCTL \ + CTL_CODE(FILE_DEVICE_UNKNOWN, 0x801, METHOD_BUFFERED, FILE_ANY_ACCESS) + +/** + * @brief ioctl, to terminate vmx and exit form debugger + * + */ +#define IOCTL_TERMINATE_VMX \ + CTL_CODE(FILE_DEVICE_UNKNOWN, 0x802, METHOD_BUFFERED, FILE_ANY_ACCESS) + +/** + * @brief ioctl, request to read memory + * + */ +#define IOCTL_DEBUGGER_READ_MEMORY \ + CTL_CODE(FILE_DEVICE_UNKNOWN, 0x803, METHOD_BUFFERED, FILE_ANY_ACCESS) + +/** + * @brief ioctl, request to read or write on a special MSR + * + */ +#define IOCTL_DEBUGGER_READ_OR_WRITE_MSR \ + CTL_CODE(FILE_DEVICE_UNKNOWN, 0x804, METHOD_BUFFERED, FILE_ANY_ACCESS) + +/** + * @brief ioctl, request to read page table entries + * + */ +#define IOCTL_DEBUGGER_READ_PAGE_TABLE_ENTRIES_DETAILS \ + CTL_CODE(FILE_DEVICE_UNKNOWN, 0x805, METHOD_BUFFERED, FILE_ANY_ACCESS) + +/** + * @brief ioctl, register an event + * + */ +#define IOCTL_DEBUGGER_REGISTER_EVENT \ + CTL_CODE(FILE_DEVICE_UNKNOWN, 0x806, METHOD_BUFFERED, FILE_ANY_ACCESS) + +/** + * @brief ioctl, add action to event + * + */ +#define IOCTL_DEBUGGER_ADD_ACTION_TO_EVENT \ + CTL_CODE(FILE_DEVICE_UNKNOWN, 0x807, METHOD_BUFFERED, FILE_ANY_ACCESS) + +/** + * @brief ioctl, request to enable or disable transparent-mode + * + */ +#define IOCTL_DEBUGGER_HIDE_AND_UNHIDE_TO_TRANSPARENT_THE_DEBUGGER \ + CTL_CODE(FILE_DEVICE_UNKNOWN, 0x808, METHOD_BUFFERED, FILE_ANY_ACCESS) + +/** + * @brief ioctl, for !va2pa and !pa2va commands + * + */ +#define IOCTL_DEBUGGER_VA2PA_AND_PA2VA_COMMANDS \ + CTL_CODE(FILE_DEVICE_UNKNOWN, 0x809, METHOD_BUFFERED, FILE_ANY_ACCESS) + +/** + * @brief ioctl, request to edit virtual and physical memory + * + */ +#define IOCTL_DEBUGGER_EDIT_MEMORY \ + CTL_CODE(FILE_DEVICE_UNKNOWN, 0x80a, METHOD_BUFFERED, FILE_ANY_ACCESS) + +/** + * @brief ioctl, request to search virtual and physical memory + * + */ +#define IOCTL_DEBUGGER_SEARCH_MEMORY \ + CTL_CODE(FILE_DEVICE_UNKNOWN, 0x80b, METHOD_BUFFERED, FILE_ANY_ACCESS) + +/** + * @brief ioctl, request to modify an event (enable/disable/clear) + * + */ +#define IOCTL_DEBUGGER_MODIFY_EVENTS \ + CTL_CODE(FILE_DEVICE_UNKNOWN, 0x80c, METHOD_BUFFERED, FILE_ANY_ACCESS) + +/** + * @brief ioctl, flush the kernel buffers + * + */ +#define IOCTL_DEBUGGER_FLUSH_LOGGING_BUFFERS \ + CTL_CODE(FILE_DEVICE_UNKNOWN, 0x80d, METHOD_BUFFERED, FILE_ANY_ACCESS) + +/** + * @brief ioctl, attach or detach user-mode processes + * + */ +#define IOCTL_DEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS \ + CTL_CODE(FILE_DEVICE_UNKNOWN, 0x80e, METHOD_BUFFERED, FILE_ANY_ACCESS) + +/** + * @brief ioctl, print states (Deprecated) + * + * + */ +#define IOCTL_DEBUGGER_PRINT \ + CTL_CODE(FILE_DEVICE_UNKNOWN, 0x80f, METHOD_BUFFERED, FILE_ANY_ACCESS) + +/** + * @brief ioctl, prepare debuggee + * + */ +#define IOCTL_PREPARE_DEBUGGEE \ + CTL_CODE(FILE_DEVICE_UNKNOWN, 0x810, METHOD_BUFFERED, FILE_ANY_ACCESS) + +/** + * @brief ioctl, pause and halt the system + * + */ +#define IOCTL_PAUSE_PACKET_RECEIVED \ + CTL_CODE(FILE_DEVICE_UNKNOWN, 0x811, METHOD_BUFFERED, FILE_ANY_ACCESS) + +/** + * @brief ioctl, send a signal that execution of command finished + * + */ +#define IOCTL_SEND_SIGNAL_EXECUTION_IN_DEBUGGEE_FINISHED \ + CTL_CODE(FILE_DEVICE_UNKNOWN, 0x812, METHOD_BUFFERED, FILE_ANY_ACCESS) + +/** + * @brief ioctl, send user-mode messages to the debugger + * + */ +#define IOCTL_SEND_USERMODE_MESSAGES_TO_DEBUGGER \ + CTL_CODE(FILE_DEVICE_UNKNOWN, 0x813, METHOD_BUFFERED, FILE_ANY_ACCESS) + +/** + * @brief ioctl, send general buffer from debuggee to debugger + * + */ +#define IOCTL_SEND_GENERAL_BUFFER_FROM_DEBUGGEE_TO_DEBUGGER \ + CTL_CODE(FILE_DEVICE_UNKNOWN, 0x814, METHOD_BUFFERED, FILE_ANY_ACCESS) + +/** + * @brief ioctl, to perform kernel-side tests + * + */ +#define IOCTL_PERFROM_KERNEL_SIDE_TESTS \ + CTL_CODE(FILE_DEVICE_UNKNOWN, 0x815, METHOD_BUFFERED, FILE_ANY_ACCESS) + +/** + * @brief ioctl, to reserve pre-allocated pools + * + */ +#define IOCTL_RESERVE_PRE_ALLOCATED_POOLS \ + CTL_CODE(FILE_DEVICE_UNKNOWN, 0x816, METHOD_BUFFERED, FILE_ANY_ACCESS) + +/** + * @brief ioctl, to send user debugger commands + * + */ +#define IOCTL_SEND_USER_DEBUGGER_COMMANDS \ + CTL_CODE(FILE_DEVICE_UNKNOWN, 0x817, METHOD_BUFFERED, FILE_ANY_ACCESS) + +/** + * @brief ioctl, to get active threads/processes that are debugging + * + */ +#define IOCTL_GET_DETAIL_OF_ACTIVE_THREADS_AND_PROCESSES \ + CTL_CODE(FILE_DEVICE_UNKNOWN, 0x818, METHOD_BUFFERED, FILE_ANY_ACCESS) + +/** + * @brief ioctl, to get user mode modules details + * + */ +#define IOCTL_GET_USER_MODE_MODULE_DETAILS \ + CTL_CODE(FILE_DEVICE_UNKNOWN, 0x819, METHOD_BUFFERED, FILE_ANY_ACCESS) + +/** + * @brief ioctl, query count of active threads or processes + * + */ +#define IOCTL_QUERY_COUNT_OF_ACTIVE_PROCESSES_OR_THREADS \ + CTL_CODE(FILE_DEVICE_UNKNOWN, 0x81a, METHOD_BUFFERED, FILE_ANY_ACCESS) + +/** + * @brief ioctl, to get list threads/processes + * + */ +#define IOCTL_GET_LIST_OF_THREADS_AND_PROCESSES \ + CTL_CODE(FILE_DEVICE_UNKNOWN, 0x81b, METHOD_BUFFERED, FILE_ANY_ACCESS) + +/** + * @brief ioctl, query the current process details + * + */ +#define IOCTL_QUERY_CURRENT_PROCESS \ + CTL_CODE(FILE_DEVICE_UNKNOWN, 0x81c, METHOD_BUFFERED, FILE_ANY_ACCESS) + +/** + * @brief ioctl, query the current thread details + * + */ +#define IOCTL_QUERY_CURRENT_THREAD \ + CTL_CODE(FILE_DEVICE_UNKNOWN, 0x81d, METHOD_BUFFERED, FILE_ANY_ACCESS) + +/** + * @brief ioctl, request service from the reversing machine + * + */ +#define IOCTL_REQUEST_REV_MACHINE_SERVICE \ + CTL_CODE(FILE_DEVICE_UNKNOWN, 0x81e, METHOD_BUFFERED, FILE_ANY_ACCESS) + +/** + * @brief ioctl, request to bring pages in + * + */ +#define IOCTL_DEBUGGER_BRING_PAGES_IN \ + CTL_CODE(FILE_DEVICE_UNKNOWN, 0x81f, METHOD_BUFFERED, FILE_ANY_ACCESS) + +/** + * @brief ioctl, to preactivate a functionality + * + */ +#define IOCTL_PREACTIVATE_FUNCTIONALITY \ + CTL_CODE(FILE_DEVICE_UNKNOWN, 0x820, METHOD_BUFFERED, FILE_ANY_ACCESS) + +/** + * @file Events.h + * @author Sina Karvandi (sina@hyperdbg.org) + * @brief HyperDbg's SDK Headers for Events + * @details This file contains definitions of event datatypes + * @version 0.2 + * @date 2022-06-28 + * + * @copyright This project is released under the GNU Public License v3. + * + */ +#pragma once + +////////////////////////////////////////////////// +// System Events // +////////////////////////////////////////////////// + +/** + * @brief Exceptions enum + * + */ +typedef enum _EXCEPTION_VECTORS +{ + EXCEPTION_VECTOR_DIVIDE_ERROR, + EXCEPTION_VECTOR_DEBUG_BREAKPOINT, + EXCEPTION_VECTOR_NMI, + EXCEPTION_VECTOR_BREAKPOINT, + EXCEPTION_VECTOR_OVERFLOW, + EXCEPTION_VECTOR_BOUND_RANGE_EXCEEDED, + EXCEPTION_VECTOR_UNDEFINED_OPCODE, + EXCEPTION_VECTOR_NO_MATH_COPROCESSOR, + EXCEPTION_VECTOR_DOUBLE_FAULT, + EXCEPTION_VECTOR_RESERVED0, + EXCEPTION_VECTOR_INVALID_TASK_SEGMENT_SELECTOR, + EXCEPTION_VECTOR_SEGMENT_NOT_PRESENT, + EXCEPTION_VECTOR_STACK_SEGMENT_FAULT, + EXCEPTION_VECTOR_GENERAL_PROTECTION_FAULT, + EXCEPTION_VECTOR_PAGE_FAULT, + EXCEPTION_VECTOR_RESERVED1, + EXCEPTION_VECTOR_MATH_FAULT, + EXCEPTION_VECTOR_ALIGNMENT_CHECK, + EXCEPTION_VECTOR_MACHINE_CHECK, + EXCEPTION_VECTOR_SIMD_FLOATING_POINT_NUMERIC_ERROR, + EXCEPTION_VECTOR_VIRTUAL_EXCEPTION, + EXCEPTION_VECTOR_RESERVED2, + EXCEPTION_VECTOR_RESERVED3, + EXCEPTION_VECTOR_RESERVED4, + EXCEPTION_VECTOR_RESERVED5, + EXCEPTION_VECTOR_RESERVED6, + EXCEPTION_VECTOR_RESERVED7, + EXCEPTION_VECTOR_RESERVED8, + EXCEPTION_VECTOR_RESERVED9, + EXCEPTION_VECTOR_RESERVED10, + EXCEPTION_VECTOR_RESERVED11, + EXCEPTION_VECTOR_RESERVED12, + + // + // NT (Windows) specific exception vectors. + // + APC_INTERRUPT = 31, + DPC_INTERRUPT = 47, + CLOCK_INTERRUPT = 209, + IPI_INTERRUPT = 225, + PMI_INTERRUPT = 254, + +} EXCEPTION_VECTORS; + +////////////////////////////////////////////////// +// Callback Enums // +////////////////////////////////////////////////// + +/** + * @brief The status of triggering events + * + */ +typedef enum _VMM_CALLBACK_TRIGGERING_EVENT_STATUS_TYPE +{ + VMM_CALLBACK_TRIGGERING_EVENT_STATUS_SUCCESSFUL_NO_INITIALIZED = 0, + VMM_CALLBACK_TRIGGERING_EVENT_STATUS_SUCCESSFUL = 0, + VMM_CALLBACK_TRIGGERING_EVENT_STATUS_SUCCESSFUL_IGNORE_EVENT = 1, + VMM_CALLBACK_TRIGGERING_EVENT_STATUS_DEBUGGER_NOT_ENABLED = 2, + VMM_CALLBACK_TRIGGERING_EVENT_STATUS_INVALID_EVENT_TYPE = 3, + +} VMM_CALLBACK_TRIGGERING_EVENT_STATUS_TYPE; + +////////////////////////////////////////////////// +// Event Details // +////////////////////////////////////////////////// + +/** + * @brief enum to show type of all HyperDbg events + * + */ +typedef enum _VMM_EVENT_TYPE_ENUM +{ + + // + // EPT Memory Monitoring Events + // + HIDDEN_HOOK_READ_AND_WRITE_AND_EXECUTE, + HIDDEN_HOOK_READ_AND_WRITE, + HIDDEN_HOOK_READ_AND_EXECUTE, + HIDDEN_HOOK_WRITE_AND_EXECUTE, + HIDDEN_HOOK_READ, + HIDDEN_HOOK_WRITE, + HIDDEN_HOOK_EXECUTE, + + // + // EPT Hook Events + // + HIDDEN_HOOK_EXEC_DETOURS, + HIDDEN_HOOK_EXEC_CC, + + // + // System-call Events + // + SYSCALL_HOOK_EFER_SYSCALL, + SYSCALL_HOOK_EFER_SYSRET, + + // + // CPUID Instruction Execution Events + // + CPUID_INSTRUCTION_EXECUTION, + + // + // Model-Specific Registers (MSRs) Reads/Modifications Events + // + RDMSR_INSTRUCTION_EXECUTION, + WRMSR_INSTRUCTION_EXECUTION, + + // + // PMIO Events + // + IN_INSTRUCTION_EXECUTION, + OUT_INSTRUCTION_EXECUTION, + + // + // Interrupts/Exceptions/Faults Events + // + EXCEPTION_OCCURRED, + EXTERNAL_INTERRUPT_OCCURRED, + + // + // Debug Registers Events + // + DEBUG_REGISTERS_ACCESSED, + + // + // Timing & Performance Events + // + TSC_INSTRUCTION_EXECUTION, + PMC_INSTRUCTION_EXECUTION, + + // + // VMCALL Instruction Execution Events + // + VMCALL_INSTRUCTION_EXECUTION, + + // + // Control Registers Events + // + CONTROL_REGISTER_MODIFIED, + CONTROL_REGISTER_READ, + CONTROL_REGISTER_3_MODIFIED, + + // + // Execution Trap Events + // + TRAP_EXECUTION_MODE_CHANGED, + TRAP_EXECUTION_INSTRUCTION_TRACE, + +} VMM_EVENT_TYPE_ENUM; + +/** + * @brief Type of Actions + * + */ +typedef enum _DEBUGGER_EVENT_ACTION_TYPE_ENUM +{ + BREAK_TO_DEBUGGER, + RUN_SCRIPT, + RUN_CUSTOM_CODE + +} DEBUGGER_EVENT_ACTION_TYPE_ENUM; + +/** + * @brief Type of handling !syscall or !sysret + * + */ +typedef enum _DEBUGGER_EVENT_SYSCALL_SYSRET_TYPE +{ + DEBUGGER_EVENT_SYSCALL_SYSRET_SAFE_ACCESS_MEMORY = 0, + DEBUGGER_EVENT_SYSCALL_SYSRET_HANDLE_ALL_UD = 1, + +} DEBUGGER_EVENT_SYSCALL_SYSRET_TYPE; + +#define SIZEOF_DEBUGGER_MODIFY_EVENTS sizeof(DEBUGGER_MODIFY_EVENTS) + +/** + * @brief Type of mode change traps + * + */ +typedef enum _DEBUGGER_EVENT_MODE_TYPE +{ + DEBUGGER_EVENT_MODE_TYPE_USER_MODE_AND_KERNEL_MODE = 1, + DEBUGGER_EVENT_MODE_TYPE_USER_MODE = 3, + DEBUGGER_EVENT_MODE_TYPE_KERNEL_MODE = 0, + DEBUGGER_EVENT_MODE_TYPE_INVALID = 0xffffffff, + +} DEBUGGER_EVENT_MODE_TYPE; + +/** + * @brief Type of tracing events + * + */ +typedef enum _DEBUGGER_EVENT_TRACE_TYPE +{ + DEBUGGER_EVENT_TRACE_TYPE_INVALID = 0, + DEBUGGER_EVENT_TRACE_TYPE_STEP_IN = 1, + DEBUGGER_EVENT_TRACE_TYPE_STEP_OUT = 2, + DEBUGGER_EVENT_TRACE_TYPE_INSTRUMENTATION_STEP_IN = 3, + +} DEBUGGER_EVENT_TRACE_TYPE; + +/** + * @brief different types of modifying events request (enable/disable/clear) + * + */ +typedef enum _DEBUGGER_MODIFY_EVENTS_TYPE +{ + DEBUGGER_MODIFY_EVENTS_QUERY_STATE, + DEBUGGER_MODIFY_EVENTS_ENABLE, + DEBUGGER_MODIFY_EVENTS_DISABLE, + DEBUGGER_MODIFY_EVENTS_CLEAR, +} DEBUGGER_MODIFY_EVENTS_TYPE; + +/** + * @brief request for modifying events (enable/disable/clear) + * + */ +typedef struct _DEBUGGER_MODIFY_EVENTS +{ + UINT64 Tag; // Tag of the target event that we want to modify + UINT64 KernelStatus; // Kernel put the status in this field + DEBUGGER_MODIFY_EVENTS_TYPE + TypeOfAction; // Determines what's the action (enable | disable | clear) + BOOLEAN IsEnabled; // Determines what's the action (enable | disable | clear) + +} DEBUGGER_MODIFY_EVENTS, *PDEBUGGER_MODIFY_EVENTS; + +/** + * @brief request for performing a short-circuiting event + * + */ +typedef struct _DEBUGGER_SHORT_CIRCUITING_EVENT +{ + UINT64 KernelStatus; // Kernel put the status in this field + BOOLEAN IsShortCircuiting; // Determines whether to perform short circuting (on | off) + +} DEBUGGER_SHORT_CIRCUITING_EVENT, *PDEBUGGER_SHORT_CIRCUITING_EVENT; + +////////////////////////////////////////////////// +// Event Options // +////////////////////////////////////////////////// + +/** + * @brief request for performing a short-circuiting event + * + */ +typedef struct _DEBUGGER_EVENT_OPTIONS +{ + UINT64 OptionalParam1; // Optional parameter + UINT64 OptionalParam2; // Optional parameter + UINT64 OptionalParam3; // Optional parameter + UINT64 OptionalParam4; // Optional parameter + UINT64 OptionalParam5; // Optional parameter + UINT64 OptionalParam6; // Optional parameter + +} DEBUGGER_EVENT_OPTIONS, *PDEBUGGER_EVENT_OPTIONS; + +////////////////////////////////////////////////// +// Enums For Event And Debugger Resources // +////////////////////////////////////////////////// + +/** + * @brief Things to consider when applying resources + * + */ +typedef enum _PROTECTED_HV_RESOURCES_PASSING_OVERS +{ + // + // for exception bitmap + // + PASSING_OVER_NONE = 0, + PASSING_OVER_UD_EXCEPTIONS_FOR_SYSCALL_SYSRET_HOOK = 1, + PASSING_OVER_EXCEPTION_EVENTS, + + // + // for external interupts-exitings + // + PASSING_OVER_INTERRUPT_EVENTS, + + // + // for external rdtsc/p exitings + // + PASSING_OVER_TSC_EVENTS, + + // + // for external mov to hardware debug registers exitings + // + PASSING_OVER_MOV_TO_HW_DEBUG_REGS_EVENTS, + + // + // for external mov to control registers exitings + // + PASSING_OVER_MOV_TO_CONTROL_REGS_EVENTS, + +} PROTECTED_HV_RESOURCES_PASSING_OVERS; + +/** + * @brief Type of protected (multi-used) resources + * + */ +typedef enum _PROTECTED_HV_RESOURCES_TYPE +{ + PROTECTED_HV_RESOURCES_EXCEPTION_BITMAP, + + PROTECTED_HV_RESOURCES_EXTERNAL_INTERRUPT_EXITING, + + PROTECTED_HV_RESOURCES_RDTSC_RDTSCP_EXITING, + + PROTECTED_HV_RESOURCES_MOV_TO_DEBUG_REGISTER_EXITING, + + PROTECTED_HV_RESOURCES_MOV_CONTROL_REGISTER_EXITING, + + PROTECTED_HV_RESOURCES_MOV_TO_CR3_EXITING, + +} PROTECTED_HV_RESOURCES_TYPE; + +////////////////////////////////////////////////// +// Event Details // +////////////////////////////////////////////////// + +/** + * @brief Each command is like the following struct, it also used for + * tracing works in user mode and sending it to the kernl mode + * @details THIS IS NOT WHAT HYPERDBG SAVES FOR EVENTS IN KERNEL-MODE + */ +typedef struct _DEBUGGER_GENERAL_EVENT_DETAIL +{ + LIST_ENTRY + CommandsEventList; // Linked-list of commands list (used for tracing purpose + // in user mode) + + time_t CreationTime; // Date of creating this event + + UINT32 CoreId; // determines the core index to apply this event to, if it's + // 0xffffffff means that we have to apply it to all cores + + UINT32 ProcessId; // determines the process id to apply this to + // only that 0xffffffff means that we have to + // apply it to all processes + + BOOLEAN IsEnabled; + + BOOLEAN EnableShortCircuiting; // indicates whether the short-circuiting event + // is enabled or not for this event + + VMM_CALLBACK_EVENT_CALLING_STAGE_TYPE EventStage; // reveals the calling stage of the event + // (whether it's a all- pre- or post- event) + + BOOLEAN HasCustomOutput; // Shows whether this event has a custom output + // source or not + + UINT64 + OutputSourceTags + [DebuggerOutputSourceMaximumRemoteSourceForSingleEvent]; // tags of + // multiple + // sources which + // can be used to + // send the event + // results of + // scripts to + // remote sources + + UINT32 CountOfActions; + + UINT64 Tag; // is same as operation code + VMM_EVENT_TYPE_ENUM EventType; + + DEBUGGER_EVENT_OPTIONS Options; + + PVOID CommandStringBuffer; + + UINT32 ConditionBufferSize; + +} DEBUGGER_GENERAL_EVENT_DETAIL, *PDEBUGGER_GENERAL_EVENT_DETAIL; + +/** + * @brief Each event can have multiple actions + * @details THIS STRUCTURE IS ONLY USED IN USER MODE + * WE USE SEPARATE STRUCTURE FOR ACTIONS IN + * KERNEL MODE + */ +typedef struct _DEBUGGER_GENERAL_ACTION +{ + UINT64 EventTag; + DEBUGGER_EVENT_ACTION_TYPE_ENUM ActionType; + BOOLEAN ImmediateMessagePassing; + UINT32 PreAllocatedBuffer; + + UINT32 CustomCodeBufferSize; + UINT32 ScriptBufferSize; + UINT32 ScriptBufferPointer; + +} DEBUGGER_GENERAL_ACTION, *PDEBUGGER_GENERAL_ACTION; + +/** + * @brief Status of register buffers + * + */ +typedef struct _DEBUGGER_EVENT_AND_ACTION_RESULT +{ + BOOLEAN IsSuccessful; + UINT32 Error; // If IsSuccessful was, FALSE + +} DEBUGGER_EVENT_AND_ACTION_RESULT, *PDEBUGGER_EVENT_AND_ACTION_RESULT; + +#define SIZEOF_REGISTER_EVENT sizeof(REGISTER_NOTIFY_BUFFER) + +/** + * @file RequestStructures.h + * @author Sina Karvandi (sina@hyperdbg.org) + * @brief HyperDbg's SDK Headers Request Packets + * @details This file contains definitions of request packets (enums, structs) + * @version 0.2 + * @date 2022-06-28 + * + * @copyright This project is released under the GNU Public License v3. + * + */ +#pragma once + +#define SIZEOF_DEBUGGER_READ_PAGE_TABLE_ENTRIES_DETAILS \ + sizeof(DEBUGGER_READ_PAGE_TABLE_ENTRIES_DETAILS) + +/** + * @brief request for !pte command + * + */ +typedef struct _DEBUGGER_READ_PAGE_TABLE_ENTRIES_DETAILS +{ + UINT64 VirtualAddress; + UINT32 ProcessId; + + UINT64 Pml4eVirtualAddress; + UINT64 Pml4eValue; + + UINT64 PdpteVirtualAddress; + UINT64 PdpteValue; + + UINT64 PdeVirtualAddress; + UINT64 PdeValue; + + UINT64 PteVirtualAddress; + UINT64 PteValue; + + UINT32 KernelStatus; + +} DEBUGGER_READ_PAGE_TABLE_ENTRIES_DETAILS, + *PDEBUGGER_READ_PAGE_TABLE_ENTRIES_DETAILS; + +/* ============================================================================================== + */ + +#define SIZEOF_DEBUGGER_VA2PA_AND_PA2VA_COMMANDS \ + sizeof(DEBUGGER_VA2PA_AND_PA2VA_COMMANDS) + +/** + * @brief requests for !va2pa and !pa2va commands + * + */ +typedef struct _DEBUGGER_VA2PA_AND_PA2VA_COMMANDS +{ + UINT64 VirtualAddress; + UINT64 PhysicalAddress; + UINT32 ProcessId; + BOOLEAN IsVirtual2Physical; + UINT32 KernelStatus; + +} DEBUGGER_VA2PA_AND_PA2VA_COMMANDS, *PDEBUGGER_VA2PA_AND_PA2VA_COMMANDS; + +/* ============================================================================================== + */ +#define SIZEOF_DEBUGGER_PAGE_IN_REQUEST \ + sizeof(DEBUGGER_PAGE_IN_REQUEST) + +/** + * @brief requests for the '.pagein' command + * + */ +typedef struct _DEBUGGER_PAGE_IN_REQUEST +{ + UINT64 VirtualAddressFrom; + UINT64 VirtualAddressTo; + UINT32 ProcessId; + UINT32 PageFaultErrorCode; + UINT32 KernelStatus; + +} DEBUGGER_PAGE_IN_REQUEST, *PDEBUGGER_PAGE_IN_REQUEST; + +/* ============================================================================================== + */ + +/** + * @brief different modes of reconstruct requests + * + */ +typedef enum _REVERSING_MACHINE_RECONSTRUCT_MEMORY_MODE +{ + REVERSING_MACHINE_RECONSTRUCT_MEMORY_MODE_UNKNOWN = 0, + REVERSING_MACHINE_RECONSTRUCT_MEMORY_MODE_USER_MODE, + REVERSING_MACHINE_RECONSTRUCT_MEMORY_MODE_KERNEL_MODE, +} REVERSING_MACHINE_RECONSTRUCT_MEMORY_MODE; + +/** + * @brief different types of reconstruct requests + * + */ +typedef enum _REVERSING_MACHINE_RECONSTRUCT_MEMORY_TYPE +{ + REVERSING_MACHINE_RECONSTRUCT_MEMORY_TYPE_UNKNOWN = 0, + REVERSING_MACHINE_RECONSTRUCT_MEMORY_TYPE_RECONSTRUCT, + REVERSING_MACHINE_RECONSTRUCT_MEMORY_TYPE_PATTERN, +} REVERSING_MACHINE_RECONSTRUCT_MEMORY_TYPE; + +#define SIZEOF_REVERSING_MACHINE_RECONSTRUCT_MEMORY_REQUEST \ + sizeof(REVERSING_MACHINE_RECONSTRUCT_MEMORY_REQUEST) + +/** + * @brief requests for !rev command + * + */ +typedef struct _REVERSING_MACHINE_RECONSTRUCT_MEMORY_REQUEST +{ + UINT32 ProcessId; + UINT32 Size; + REVERSING_MACHINE_RECONSTRUCT_MEMORY_MODE Mode; + REVERSING_MACHINE_RECONSTRUCT_MEMORY_TYPE Type; + UINT32 KernelStatus; + +} REVERSING_MACHINE_RECONSTRUCT_MEMORY_REQUEST, *PREVERSING_MACHINE_RECONSTRUCT_MEMORY_REQUEST; + +/* ============================================================================================== + */ + +#define SIZEOF_DEBUGGER_DT_COMMAND_OPTIONS \ + sizeof(DEBUGGER_DT_COMMAND_OPTIONS) + +/** + * @brief requests options for dt and struct command + * + */ +typedef struct _DEBUGGER_DT_COMMAND_OPTIONS +{ + const char * TypeName; + UINT64 SizeOfTypeName; + UINT64 Address; + BOOLEAN IsStruct; + PVOID BufferAddress; + UINT32 TargetPid; + const char * AdditionalParameters; + +} DEBUGGER_DT_COMMAND_OPTIONS, *PDEBUGGER_DT_COMMAND_OPTIONS; + +/* ============================================================================================== + */ + +/** + * @brief different types of prealloc requests + * + */ +typedef enum _DEBUGGER_PREALLOC_COMMAND_TYPE +{ + DEBUGGER_PREALLOC_COMMAND_TYPE_THREAD_INTERCEPTION, + DEBUGGER_PREALLOC_COMMAND_TYPE_MONITOR, + DEBUGGER_PREALLOC_COMMAND_TYPE_EPTHOOK, + DEBUGGER_PREALLOC_COMMAND_TYPE_EPTHOOK2, + DEBUGGER_PREALLOC_COMMAND_TYPE_REGULAR_EVENT, + DEBUGGER_PREALLOC_COMMAND_TYPE_BIG_EVENT, + DEBUGGER_PREALLOC_COMMAND_TYPE_REGULAR_SAFE_BUFFER, + DEBUGGER_PREALLOC_COMMAND_TYPE_BIG_SAFE_BUFFER, + +} DEBUGGER_PREALLOC_COMMAND_TYPE; + +#define SIZEOF_DEBUGGER_PREALLOC_COMMAND \ + sizeof(DEBUGGER_PREALLOC_COMMAND) + +/** + * @brief requests for the 'prealloc' command + * + */ +typedef struct _DEBUGGER_PREALLOC_COMMAND +{ + DEBUGGER_PREALLOC_COMMAND_TYPE Type; + UINT32 Count; + UINT32 KernelStatus; + +} DEBUGGER_PREALLOC_COMMAND, *PDEBUGGER_PREALLOC_COMMAND; + +/* ============================================================================================== + */ + +/** + * @brief different types of preactivate requests + * + */ +typedef enum _DEBUGGER_PREACTIVATE_COMMAND_TYPE +{ + DEBUGGER_PREACTIVATE_COMMAND_TYPE_MODE, + +} DEBUGGER_PREACTIVATE_COMMAND_TYPE; + +#define SIZEOF_DEBUGGER_PREACTIVATE_COMMAND \ + sizeof(DEBUGGER_PREACTIVATE_COMMAND) + +/** + * @brief requests for the 'preactivate' command + * + */ +typedef struct _DEBUGGER_PREACTIVATE_COMMAND +{ + DEBUGGER_PREACTIVATE_COMMAND_TYPE Type; + UINT32 KernelStatus; + +} DEBUGGER_PREACTIVATE_COMMAND, *PDEBUGGER_PREACTIVATE_COMMAND; + +/* ============================================================================================== + */ + +#define SIZEOF_DEBUGGER_READ_MEMORY sizeof(DEBUGGER_READ_MEMORY) + +/** + * @brief different types of reading memory + * + */ +typedef enum _DEBUGGER_READ_READING_TYPE +{ + READ_FROM_KERNEL, + READ_FROM_VMX_ROOT +} DEBUGGER_READ_READING_TYPE; + +/** + * @brief different type of addresses + * + */ +typedef enum _DEBUGGER_READ_MEMORY_TYPE +{ + DEBUGGER_READ_PHYSICAL_ADDRESS, + DEBUGGER_READ_VIRTUAL_ADDRESS +} DEBUGGER_READ_MEMORY_TYPE; + +/** + * @brief the way that debugger should show + * the details of memory or disassemble them + * + */ +typedef enum _DEBUGGER_SHOW_MEMORY_STYLE +{ + DEBUGGER_SHOW_COMMAND_DT = 1, + DEBUGGER_SHOW_COMMAND_DISASSEMBLE64, + DEBUGGER_SHOW_COMMAND_DISASSEMBLE32, + DEBUGGER_SHOW_COMMAND_DB, + DEBUGGER_SHOW_COMMAND_DC, + DEBUGGER_SHOW_COMMAND_DQ, + DEBUGGER_SHOW_COMMAND_DD, + DEBUGGER_SHOW_COMMAND_DUMP +} DEBUGGER_SHOW_MEMORY_STYLE; + +/** + * @brief request for reading virtual and physical memory + * + */ +typedef struct _DEBUGGER_READ_MEMORY +{ + UINT32 Pid; // Read from cr3 of what process + UINT64 Address; + UINT32 Size; + BOOLEAN IsForDisasm; // Debugger sets whether the read memory is for diassembler or not + BOOLEAN Is32BitAddress; // Debuggee sets the status of address + DEBUGGER_READ_MEMORY_TYPE MemoryType; + DEBUGGER_READ_READING_TYPE ReadingType; + PDEBUGGER_DT_COMMAND_OPTIONS DtDetails; + DEBUGGER_SHOW_MEMORY_STYLE Style; // not used in local debugging + UINT32 ReturnLength; // not used in local debugging + UINT32 KernelStatus; // not used in local debugging + + // + // Here is the target buffer (actual memory) + // + +} DEBUGGER_READ_MEMORY, *PDEBUGGER_READ_MEMORY; + +/* ============================================================================================== + */ + +#define SIZEOF_DEBUGGER_FLUSH_LOGGING_BUFFERS \ + sizeof(DEBUGGER_FLUSH_LOGGING_BUFFERS) + +/** + * @brief request for flushing buffers + * + */ +typedef struct _DEBUGGER_FLUSH_LOGGING_BUFFERS +{ + UINT32 KernelStatus; + UINT32 CountOfMessagesThatSetAsReadFromVmxRoot; + UINT32 CountOfMessagesThatSetAsReadFromVmxNonRoot; + +} DEBUGGER_FLUSH_LOGGING_BUFFERS, *PDEBUGGER_FLUSH_LOGGING_BUFFERS; + +/* ============================================================================================== + */ + +#define SIZEOF_DEBUGGER_TEST_QUERY_BUFFER \ + sizeof(DEBUGGER_TEST_QUERY_BUFFER) + +/** + * @brief test query used for test purposed + * + */ +typedef enum _DEBUGGER_TEST_QUERY_STATE +{ + TEST_QUERY_HALTING_CORE_STATUS = 1, // Query constant to show detail of halting of core + TEST_QUERY_PREALLOCATED_POOL_STATE = 2, // Query pre-allocated pool state + TEST_QUERY_TRAP_STATE = 3, // Query trap state + TEST_BREAKPOINT_TURN_OFF_BPS = 4, // Turn off the breakpoints (#BP) + TEST_BREAKPOINT_TURN_ON_BPS = 5, // Turn on the breakpoints (#BP) + TEST_BREAKPOINT_TURN_OFF_BPS_AND_EVENTS_FOR_COMMANDS_IN_REMOTE_COMPUTER = 6, // Turn off the breakpoints and events for executing the commands in the remote computer + TEST_BREAKPOINT_TURN_ON_BPS_AND_EVENTS_FOR_COMMANDS_IN_REMOTE_COMPUTER = 7, // Turn on the breakpoints and events for executing the commands in the remote computer + TEST_SETTING_TARGET_TASKS_ON_HALTED_CORES_SYNCHRONOUS = 8, // For testing synchronized event + TEST_SETTING_TARGET_TASKS_ON_HALTED_CORES_ASYNCHRONOUS = 9, // For testing unsynchronized event + TEST_SETTING_TARGET_TASKS_ON_TARGET_HALTED_CORES = 10, // Send the task to the halted core + TEST_BREAKPOINT_TURN_OFF_DBS = 11, // Turn off the debug breaks (#DB) + TEST_BREAKPOINT_TURN_ON_DBS = 12, // Turn on the debug breaks (#DB) + +} DEBUGGER_TEST_QUERY_STATE; + +/** + * @brief request for test query buffers + * + */ +typedef struct _DEBUGGER_DEBUGGER_TEST_QUERY_BUFFER +{ + DEBUGGER_TEST_QUERY_STATE RequestType; + UINT64 Context; + UINT32 KernelStatus; + +} DEBUGGER_DEBUGGER_TEST_QUERY_BUFFER, *PDEBUGGER_DEBUGGER_TEST_QUERY_BUFFER; + +/* ============================================================================================== + */ + +#define SIZEOF_DEBUGGER_PERFORM_KERNEL_TESTS \ + sizeof(DEBUGGER_PERFORM_KERNEL_TESTS) + +/** + * @brief request performing kernel tests + * + */ +typedef struct _DEBUGGER_PERFORM_KERNEL_TESTS +{ + UINT32 KernelStatus; + +} DEBUGGER_PERFORM_KERNEL_TESTS, *PDEBUGGER_PERFORM_KERNEL_TESTS; + +/* ============================================================================================== + */ + +#define SIZEOF_DEBUGGER_SEND_COMMAND_EXECUTION_FINISHED_SIGNAL \ + sizeof(DEBUGGER_SEND_COMMAND_EXECUTION_FINISHED_SIGNAL) + +/** + * @brief request for send a signal that command execution finished + * + */ +typedef struct _DEBUGGER_SEND_COMMAND_EXECUTION_FINISHED_SIGNAL +{ + UINT32 KernelStatus; + +} DEBUGGER_SEND_COMMAND_EXECUTION_FINISHED_SIGNAL, + *PDEBUGGER_SEND_COMMAND_EXECUTION_FINISHED_SIGNAL; + +/* ============================================================================================== + */ + +#define SIZEOF_DEBUGGEE_SEND_GENERAL_PACKET_FROM_DEBUGGEE_TO_DEBUGGER \ + sizeof(DEBUGGEE_SEND_GENERAL_PACKET_FROM_DEBUGGEE_TO_DEBUGGER) + +/** + * @brief request for send general packets from debuggee to debugger + * + */ +typedef struct _DEBUGGEE_SEND_GENERAL_PACKET_FROM_DEBUGGEE_TO_DEBUGGER +{ + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION RequestedAction; + UINT32 LengthOfBuffer; + BOOLEAN PauseDebuggeeWhenSent; + UINT32 KernelResult; + + // + // The buffer for the general packet is here + // + +} DEBUGGEE_SEND_GENERAL_PACKET_FROM_DEBUGGEE_TO_DEBUGGER, + *PDEBUGGEE_SEND_GENERAL_PACKET_FROM_DEBUGGEE_TO_DEBUGGER; + +/* ============================================================================================== + */ + +#define SIZEOF_DEBUGGER_SEND_USERMODE_MESSAGES_TO_DEBUGGER \ + sizeof(DEBUGGER_SEND_USERMODE_MESSAGES_TO_DEBUGGER) + +/** + * @brief request for send a user-mode message to debugger + * + */ +typedef struct _DEBUGGER_SEND_USERMODE_MESSAGES_TO_DEBUGGER +{ + UINT32 KernelStatus; + UINT32 Length; + + // + // Here is the messages + // + +} DEBUGGER_SEND_USERMODE_MESSAGES_TO_DEBUGGER, + *PDEBUGGER_SEND_USERMODE_MESSAGES_TO_DEBUGGER; + +/* ============================================================================================== + */ + +#define SIZEOF_DEBUGGER_READ_AND_WRITE_ON_MSR \ + sizeof(DEBUGGER_READ_AND_WRITE_ON_MSR) + +/** + * @brief different types of actions on MSRs + * + */ +typedef enum _DEBUGGER_MSR_ACTION_TYPE +{ + DEBUGGER_MSR_READ, + DEBUGGER_MSR_WRITE +} DEBUGGER_MSR_ACTION_TYPE; + +/** + * @brief request to read or write on MSRs + * + */ +typedef struct _DEBUGGER_READ_AND_WRITE_ON_MSR +{ + UINT64 Msr; // It's actually a 32-Bit value but let's not mess with a register + UINT32 CoreNumber; // specifies the core to execute wrmsr or read the msr + // (DEBUGGER_READ_AND_WRITE_ON_MSR_APPLY_ALL_CORES mean all + // the cores) + DEBUGGER_MSR_ACTION_TYPE + ActionType; // Detects whether user needs wrmsr or rdmsr + UINT64 Value; + +} DEBUGGER_READ_AND_WRITE_ON_MSR, *PDEBUGGER_READ_AND_WRITE_ON_MSR; + +/* ============================================================================================== + */ + +#define SIZEOF_DEBUGGER_EDIT_MEMORY sizeof(DEBUGGER_EDIT_MEMORY) + +/** + * @brief different type of addresses for editing memory + * + */ +typedef enum _DEBUGGER_EDIT_MEMORY_TYPE +{ + EDIT_PHYSICAL_MEMORY, + EDIT_VIRTUAL_MEMORY +} DEBUGGER_EDIT_MEMORY_TYPE; + +/** + * @brief size of editing memory + * + */ +typedef enum _DEBUGGER_EDIT_MEMORY_BYTE_SIZE +{ + EDIT_BYTE, + EDIT_DWORD, + EDIT_QWORD +} DEBUGGER_EDIT_MEMORY_BYTE_SIZE; + +/** + * @brief request for edit virtual and physical memory + * + */ +typedef struct _DEBUGGER_EDIT_MEMORY +{ + UINT32 Result; // Result from kernel + UINT64 Address; // Target address to modify + UINT32 ProcessId; // specifies the process id + DEBUGGER_EDIT_MEMORY_TYPE MemoryType; // Type of memory + DEBUGGER_EDIT_MEMORY_BYTE_SIZE ByteSize; // Modification size + UINT32 CountOf64Chunks; + UINT32 FinalStructureSize; + UINT32 KernelStatus; // not used in local debugging + +} DEBUGGER_EDIT_MEMORY, *PDEBUGGER_EDIT_MEMORY; + +/* ============================================================================================== + */ + +#define SIZEOF_DEBUGGER_SEARCH_MEMORY sizeof(DEBUGGER_SEARCH_MEMORY) + +/** + * @brief different types of address for searching on memory + * + */ +typedef enum _DEBUGGER_SEARCH_MEMORY_TYPE +{ + SEARCH_PHYSICAL_MEMORY, + SEARCH_VIRTUAL_MEMORY, + SEARCH_PHYSICAL_FROM_VIRTUAL_MEMORY, + +} DEBUGGER_SEARCH_MEMORY_TYPE; + +/** + * @brief different sizes on searching memory + * + */ +typedef enum _DEBUGGER_SEARCH_MEMORY_BYTE_SIZE +{ + SEARCH_BYTE, + SEARCH_DWORD, + SEARCH_QWORD + +} DEBUGGER_SEARCH_MEMORY_BYTE_SIZE; + +/** + * @brief request for searching memory + * + */ +typedef struct _DEBUGGER_SEARCH_MEMORY +{ + UINT64 Address; // Target address to start searching + UINT64 Length; // Length of bytes to search + UINT32 ProcessId; // specifies the process id + DEBUGGER_SEARCH_MEMORY_TYPE MemoryType; // Type of memory + DEBUGGER_SEARCH_MEMORY_BYTE_SIZE ByteSize; // Modification size + UINT32 CountOf64Chunks; + UINT32 FinalStructureSize; + +} DEBUGGER_SEARCH_MEMORY, *PDEBUGGER_SEARCH_MEMORY; + +/* ============================================================================================== + */ + +#define SIZEOF_DEBUGGER_HIDE_AND_TRANSPARENT_DEBUGGER_MODE \ + sizeof(DEBUGGER_HIDE_AND_TRANSPARENT_DEBUGGER_MODE) + +/** + * @brief request for enable or disable transparent-mode + * + */ +typedef struct _DEBUGGER_HIDE_AND_TRANSPARENT_DEBUGGER_MODE +{ + BOOLEAN IsHide; + + UINT64 CpuidAverage; + UINT64 CpuidStandardDeviation; + UINT64 CpuidMedian; + + UINT64 RdtscAverage; + UINT64 RdtscStandardDeviation; + UINT64 RdtscMedian; + + BOOLEAN TrueIfProcessIdAndFalseIfProcessName; + UINT32 ProcId; + UINT32 LengthOfProcessName; // in the case of !hide name xxx, this parameter + // shows the length of xxx + + UINT64 KernelStatus; /* DEBUGGER_OPERATION_WAS_SUCCESSFUL , + DEBUGGER_ERROR_UNABLE_TO_HIDE_OR_UNHIDE_DEBUGGER + */ + +} DEBUGGER_HIDE_AND_TRANSPARENT_DEBUGGER_MODE, + *PDEBUGGER_HIDE_AND_TRANSPARENT_DEBUGGER_MODE; + +/* ============================================================================================== + */ + +#define SIZEOF_DEBUGGER_PREPARE_DEBUGGEE sizeof(DEBUGGER_PREPARE_DEBUGGEE) + +/** + * @brief request to make this computer to a debuggee + * + */ +typedef struct _DEBUGGER_PREPARE_DEBUGGEE +{ + UINT32 PortAddress; + UINT32 Baudrate; + UINT64 NtoskrnlBaseAddress; + UINT32 Result; // Result from the kernel + CHAR OsName[MAXIMUM_CHARACTER_FOR_OS_NAME]; + +} DEBUGGER_PREPARE_DEBUGGEE, *PDEBUGGER_PREPARE_DEBUGGEE; + +/* ============================================================================================== + */ + +/** + * @brief The structure of changing core packet in HyperDbg + * + */ +typedef struct _DEBUGGEE_CHANGE_CORE_PACKET +{ + UINT32 NewCore; + UINT32 Result; + +} DEBUGGEE_CHANGE_CORE_PACKET, *PDEBUGGEE_CHANGE_CORE_PACKET; + +/* ============================================================================================== + */ +#define SIZEOF_DEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS \ + sizeof(DEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS) + +/** + * @brief different actions of switchings + * + */ +typedef enum _DEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS_ACTION_TYPE +{ + DEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS_ACTION_ATTACH, + DEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS_ACTION_DETACH, + DEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS_ACTION_REMOVE_HOOKS, + DEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS_ACTION_KILL_PROCESS, + DEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS_ACTION_PAUSE_PROCESS, + DEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS_ACTION_SWITCH_BY_PROCESS_OR_THREAD, + DEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS_ACTION_QUERY_COUNT_OF_ACTIVE_DEBUGGING_THREADS, + +} DEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS_ACTION_TYPE; + +/** + * @brief request for attaching user-mode process + * + */ +typedef struct _DEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS +{ + BOOLEAN IsStartingNewProcess; + UINT32 ProcessId; + UINT32 ThreadId; + BOOLEAN CheckCallbackAtFirstInstruction; + BOOLEAN Is32Bit; + BOOLEAN IsPaused; // used in switching to threads + DEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS_ACTION_TYPE Action; + UINT32 CountOfActiveDebuggingThreadsAndProcesses; // used in showing the list of active threads/processes + UINT64 Token; + UINT64 Result; + +} DEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS, + *PDEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS; + +/* ============================================================================================== + */ +#define SIZEOF_DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS \ + sizeof(DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS) + +/** + * @brief different type of process or thread queries + * + */ +typedef enum _DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_TYPES +{ + DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_QUERY_PROCESS_COUNT = 1, + DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_QUERY_THREAD_COUNT = 2, + DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_QUERY_PROCESS_LIST = 3, + DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_QUERY_THREAD_LIST = 4, + DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_QUERY_CURRENT_PROCESS = 5, + DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_QUERY_CURRENT_THREAD = 6, + +} DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_TYPES; + +/** + * @brief different actions on showing or querying list of process or threads + * + */ +typedef enum _DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_ACTIONS +{ + DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_ACTION_SHOW_INSTANTLY = 1, + DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_ACTION_QUERY_COUNT = 2, + DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_ACTION_QUERY_SAVE_DETAILS = 3, + +} DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_ACTIONS; + +/** + * @brief The structure of needed information to get the details + * of the process from nt!_EPROCESS and location of needed variables + * + */ +typedef struct _DEBUGGEE_PROCESS_LIST_NEEDED_DETAILS +{ + UINT64 PsActiveProcessHead; // nt!PsActiveProcessHead + ULONG ImageFileNameOffset; // nt!_EPROCESS.ImageFileName + ULONG UniquePidOffset; // nt!_EPROCESS.UniqueProcessId + ULONG ActiveProcessLinksOffset; // nt!_EPROCESS.ActiveProcessLinks + +} DEBUGGEE_PROCESS_LIST_NEEDED_DETAILS, *PDEBUGGEE_PROCESS_LIST_NEEDED_DETAILS; + +/** + * @brief The structure of needed information to get the details + * of the thread from nt!_ETHREAD and location of needed variables + * + */ +typedef struct _DEBUGGEE_THREAD_LIST_NEEDED_DETAILS +{ + UINT32 ThreadListHeadOffset; // nt!_EPROCESS.ThreadListHead + UINT32 ThreadListEntryOffset; // nt!_ETHREAD.ThreadListEntry + UINT32 CidOffset; // nt!_ETHREAD.Cid + UINT64 PsActiveProcessHead; // nt!PsActiveProcessHead + ULONG ActiveProcessLinksOffset; // nt!_EPROCESS.ActiveProcessLinks + UINT64 Process; + +} DEBUGGEE_THREAD_LIST_NEEDED_DETAILS, *PDEBUGGEE_THREAD_LIST_NEEDED_DETAILS; + +/** + * @brief The structure showing list of processes (details of each + * entry) + * + */ +typedef struct _DEBUGGEE_PROCESS_LIST_DETAILS_ENTRY +{ + UINT64 Eprocess; + UINT32 ProcessId; + UINT64 Cr3; + UCHAR ImageFileName[15 + 1]; + +} DEBUGGEE_PROCESS_LIST_DETAILS_ENTRY, *PDEBUGGEE_PROCESS_LIST_DETAILS_ENTRY; + +/** + * @brief The structure showing list of threads (details of each + * entry) + * + */ +typedef struct _DEBUGGEE_THREAD_LIST_DETAILS_ENTRY +{ + UINT64 Eprocess; + UINT64 Ethread; + UINT32 ProcessId; + UINT32 ThreadId; + UCHAR ImageFileName[15 + 1]; + +} DEBUGGEE_THREAD_LIST_DETAILS_ENTRY, *PDEBUGGEE_THREAD_LIST_DETAILS_ENTRY; + +/** + * @brief request for query count of active processes and threads + * + */ +typedef struct _DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS +{ + DEBUGGEE_PROCESS_LIST_NEEDED_DETAILS ProcessListNeededDetails; + DEBUGGEE_THREAD_LIST_NEEDED_DETAILS ThreadListNeededDetails; + DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_TYPES QueryType; + DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_ACTIONS QueryAction; + UINT32 Count; + UINT64 Result; + +} DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS, + *PDEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS; + +/* ============================================================================================== + */ + +/** + * @brief The structure for saving the callstack frame of one parameter + * + */ +typedef struct _DEBUGGER_SINGLE_CALLSTACK_FRAME +{ + BOOLEAN IsStackAddressValid; + BOOLEAN IsValidAddress; + BOOLEAN IsExecutable; + UINT64 Value; + BYTE InstructionBytesOnRip[MAXIMUM_CALL_INSTR_SIZE]; + +} DEBUGGER_SINGLE_CALLSTACK_FRAME, *PDEBUGGER_SINGLE_CALLSTACK_FRAME; + +#define SIZEOF_DEBUGGER_CALLSTACK_REQUEST \ + sizeof(DEBUGGER_CALLSTACK_REQUEST) + +/** + * @brief callstack showing method + * + */ +typedef enum _DEBUGGER_CALLSTACK_DISPLAY_METHOD +{ + DEBUGGER_CALLSTACK_DISPLAY_METHOD_WITHOUT_PARAMS, + DEBUGGER_CALLSTACK_DISPLAY_METHOD_WITH_PARAMS, + +} DEBUGGER_CALLSTACK_DISPLAY_METHOD; + +/** + * @brief request for callstack frames + * + */ +typedef struct _DEBUGGER_CALLSTACK_REQUEST +{ + BOOLEAN Is32Bit; + UINT32 KernelStatus; + DEBUGGER_CALLSTACK_DISPLAY_METHOD DisplayMethod; + UINT32 Size; + UINT32 FrameCount; + UINT64 BaseAddress; + UINT64 BufferSize; + + // + // Here is the size of stack frames + // + +} DEBUGGER_CALLSTACK_REQUEST, *PDEBUGGER_CALLSTACK_REQUEST; + +/* ============================================================================================== + */ +#define SIZEOF_USERMODE_DEBUGGING_THREAD_OR_PROCESS_STATE_DETAILS \ + sizeof(USERMODE_DEBUGGING_THREAD_OR_PROCESS_STATE_DETAILS) + +typedef struct _USERMODE_DEBUGGING_THREAD_OR_PROCESS_STATE_DETAILS +{ + UINT32 ProcessId; + UINT32 ThreadId; + BOOLEAN IsProcess; + +} USERMODE_DEBUGGING_THREAD_OR_PROCESS_STATE_DETAILS, *PUSERMODE_DEBUGGING_THREAD_OR_PROCESS_STATE_DETAILS; + +/* ============================================================================================== + */ + +/** + * @brief Used for run the script + * + */ +typedef struct _DEBUGGER_EVENT_ACTION_RUN_SCRIPT_CONFIGURATION +{ + UINT64 ScriptBuffer; + UINT32 ScriptLength; + UINT32 ScriptPointer; + UINT32 OptionalRequestedBufferSize; + +} DEBUGGER_EVENT_ACTION_RUN_SCRIPT_CONFIGURATION, + *PDEBUGGER_EVENT_ACTION_RUN_SCRIPT_CONFIGURATION; + +/** + * @brief used in the case of requesting a "request buffer" + * + */ +typedef struct _DEBUGGER_EVENT_REQUEST_BUFFER +{ + BOOLEAN EnabledRequestBuffer; + UINT32 RequestBufferSize; + UINT64 RequstBufferAddress; + +} DEBUGGER_EVENT_REQUEST_BUFFER, *PDEBUGGER_EVENT_REQUEST_BUFFER; + +/** + * @brief used in the case of custom code requests to the debugger + * + */ +typedef struct _DEBUGGER_EVENT_REQUEST_CUSTOM_CODE +{ + UINT32 CustomCodeBufferSize; + PVOID CustomCodeBufferAddress; + UINT32 OptionalRequestedBufferSize; + +} DEBUGGER_EVENT_REQUEST_CUSTOM_CODE, *PDEBUGGER_EVENT_REQUEST_CUSTOM_CODE; + +/* ============================================================================================== + */ + +/** + * @brief User-mode debugging actions + * + */ +typedef enum _DEBUGGER_UD_COMMAND_ACTION_TYPE +{ + DEBUGGER_UD_COMMAND_ACTION_TYPE_NONE = 0, + DEBUGGER_UD_COMMAND_ACTION_TYPE_PAUSE, + DEBUGGER_UD_COMMAND_ACTION_TYPE_CONTINUE, + DEBUGGER_UD_COMMAND_ACTION_TYPE_REGULAR_STEP, + +} DEBUGGER_UD_COMMAND_ACTION_TYPE; + +/** + * @brief Description of user-mode debugging actions + * + */ +typedef struct _DEBUGGER_UD_COMMAND_ACTION +{ + DEBUGGER_UD_COMMAND_ACTION_TYPE ActionType; + UINT64 OptionalParam1; + UINT64 OptionalParam2; + UINT64 OptionalParam3; + UINT64 OptionalParam4; + +} DEBUGGER_UD_COMMAND_ACTION, *PDEBUGGER_UD_COMMAND_ACTION; + +/** + * @brief The structure of command packet in uHyperDbg + * + */ +typedef struct _DEBUGGER_UD_COMMAND_PACKET +{ + DEBUGGER_UD_COMMAND_ACTION UdAction; + UINT64 ProcessDebuggingDetailToken; + UINT32 TargetThreadId; + BOOLEAN ApplyToAllPausedThreads; + UINT32 Result; + +} DEBUGGER_UD_COMMAND_PACKET, *PDEBUGGER_UD_COMMAND_PACKET; + +/* ============================================================================================== + */ + +/** + * @brief Debugger process switch and process details + * + */ +typedef enum _DEBUGGEE_DETAILS_AND_SWITCH_PROCESS_TYPE +{ + + DEBUGGEE_DETAILS_AND_SWITCH_PROCESS_GET_PROCESS_DETAILS, + DEBUGGEE_DETAILS_AND_SWITCH_PROCESS_GET_PROCESS_LIST, + DEBUGGEE_DETAILS_AND_SWITCH_PROCESS_PERFORM_SWITCH, + +} DEBUGGEE_DETAILS_AND_SWITCH_PROCESS_TYPE; + +/** + * @brief The structure of changing process and show process + * packet in HyperDbg + * + */ +typedef struct _DEBUGGEE_DETAILS_AND_SWITCH_PROCESS_PACKET +{ + DEBUGGEE_DETAILS_AND_SWITCH_PROCESS_TYPE ActionType; + UINT32 ProcessId; + UINT64 Process; + BOOLEAN IsSwitchByClkIntr; + UCHAR ProcessName[16]; + DEBUGGEE_PROCESS_LIST_NEEDED_DETAILS ProcessListSymDetails; + UINT32 Result; + +} DEBUGGEE_DETAILS_AND_SWITCH_PROCESS_PACKET, *PDEBUGGEE_DETAILS_AND_SWITCH_PROCESS_PACKET; + +/* ============================================================================================== + */ + +/** + * @brief Debugger size of DEBUGGEE_DETAILS_AND_SWITCH_PROCESS_PACKET + * + */ +#define SIZEOF_DEBUGGEE_DETAILS_AND_SWITCH_PROCESS_PACKET \ + sizeof(DEBUGGEE_DETAILS_AND_SWITCH_PROCESS_PACKET) + +/** + * @brief Debugger thread switch and thread details + * + */ +typedef enum _DEBUGGEE_DETAILS_AND_SWITCH_THREAD_TYPE +{ + + DEBUGGEE_DETAILS_AND_SWITCH_THREAD_PERFORM_SWITCH, + DEBUGGEE_DETAILS_AND_SWITCH_THREAD_GET_THREAD_DETAILS, + DEBUGGEE_DETAILS_AND_SWITCH_THREAD_GET_THREAD_LIST, + +} DEBUGGEE_DETAILS_AND_SWITCH_THREAD_TYPE; + +/** + * @brief The structure of changing thead and show thread + * packet in HyperDbg + */ +typedef struct _DEBUGGEE_DETAILS_AND_SWITCH_THREAD_PACKET +{ + DEBUGGEE_DETAILS_AND_SWITCH_THREAD_TYPE ActionType; + UINT32 ThreadId; + UINT32 ProcessId; + UINT64 Thread; + UINT64 Process; + BOOLEAN CheckByClockInterrupt; + UCHAR ProcessName[16]; + DEBUGGEE_THREAD_LIST_NEEDED_DETAILS ThreadListSymDetails; + UINT32 Result; + +} DEBUGGEE_DETAILS_AND_SWITCH_THREAD_PACKET, *PDEBUGGEE_DETAILS_AND_SWITCH_THREAD_PACKET; + +/** + * @brief Debugger size of DEBUGGEE_DETAILS_AND_SWITCH_THREAD_PACKET + * + */ +#define SIZEOF_DEBUGGEE_DETAILS_AND_SWITCH_THREAD_PACKET \ + sizeof(DEBUGGEE_DETAILS_AND_SWITCH_THREAD_PACKET) + +/* ============================================================================================== + */ + +/** + * @brief stepping and tracking types + * + */ +typedef enum _DEBUGGER_REMOTE_STEPPING_REQUEST +{ + DEBUGGER_REMOTE_STEPPING_REQUEST_STEP_IN, + DEBUGGER_REMOTE_STEPPING_REQUEST_INSTRUMENTATION_STEP_IN, + DEBUGGER_REMOTE_STEPPING_REQUEST_INSTRUMENTATION_STEP_IN_FOR_TRACKING, + + DEBUGGER_REMOTE_STEPPING_REQUEST_STEP_OVER, + DEBUGGER_REMOTE_STEPPING_REQUEST_STEP_OVER_FOR_GU, + DEBUGGER_REMOTE_STEPPING_REQUEST_STEP_OVER_FOR_GU_LAST_INSTRUCTION, + +} DEBUGGER_REMOTE_STEPPING_REQUEST; + +/** + * @brief The structure of stepping packet in HyperDbg + * + */ +typedef struct _DEBUGGEE_STEP_PACKET +{ + DEBUGGER_REMOTE_STEPPING_REQUEST StepType; + + // + // Only in the case of call instructions + // the 'p' command + // + BOOLEAN IsCurrentInstructionACall; + UINT32 CallLength; + +} DEBUGGEE_STEP_PACKET, *PDEBUGGEE_STEP_PACKET; + +/** + * @brief default number of instructions used in tracking and stepping + * + */ +#define DEBUGGER_REMOTE_TRACKING_DEFAULT_COUNT_OF_STEPPING 0xffffffff + +/* ============================================================================================== + */ + +/** + * @brief The structure of .formats result packet in HyperDbg + * + */ +typedef struct _DEBUGGEE_FORMATS_PACKET +{ + UINT64 Value; + UINT32 Result; + +} DEBUGGEE_FORMATS_PACKET, *PDEBUGGEE_FORMATS_PACKET; + +/* ============================================================================================== + */ + +/** + * @brief The structure of .sym reload packet in HyperDbg + * + */ +typedef struct _DEBUGGEE_SYMBOL_REQUEST_PACKET +{ + UINT32 ProcessId; + +} DEBUGGEE_SYMBOL_REQUEST_PACKET, *PDEBUGGEE_SYMBOL_REQUEST_PACKET; + +/* ============================================================================================== + */ + +/** + * @brief The structure of bp command packet in HyperDbg + * + */ +typedef struct _DEBUGGEE_BP_PACKET +{ + UINT64 Address; + UINT32 Pid; + UINT32 Tid; + UINT32 Core; + BOOLEAN RemoveAfterHit; + BOOLEAN CheckForCallbacks; + UINT32 Result; + +} DEBUGGEE_BP_PACKET, *PDEBUGGEE_BP_PACKET; + +/** + * @brief breakpoint modification types + * + */ +typedef enum _DEBUGGEE_BREAKPOINT_MODIFICATION_REQUEST +{ + + DEBUGGEE_BREAKPOINT_MODIFICATION_REQUEST_LIST_BREAKPOINTS, + DEBUGGEE_BREAKPOINT_MODIFICATION_REQUEST_ENABLE, + DEBUGGEE_BREAKPOINT_MODIFICATION_REQUEST_DISABLE, + DEBUGGEE_BREAKPOINT_MODIFICATION_REQUEST_CLEAR, + +} DEBUGGEE_BREAKPOINT_MODIFICATION_REQUEST; + +/** + * @brief The structure of breakpoint modification requests packet in HyperDbg + * + */ +typedef struct _DEBUGGEE_BP_LIST_OR_MODIFY_PACKET +{ + UINT64 BreakpointId; + DEBUGGEE_BREAKPOINT_MODIFICATION_REQUEST Request; + UINT32 Result; + +} DEBUGGEE_BP_LIST_OR_MODIFY_PACKET, *PDEBUGGEE_BP_LIST_OR_MODIFY_PACKET; + +/* ============================================================================================== + */ + +/** + * @brief Whether a jump is taken or not taken + * + */ +typedef enum _DEBUGGER_CONDITIONAL_JUMP_STATUS +{ + + DEBUGGER_CONDITIONAL_JUMP_STATUS_ERROR = 0, + DEBUGGER_CONDITIONAL_JUMP_STATUS_NOT_CONDITIONAL_JUMP, + DEBUGGER_CONDITIONAL_JUMP_STATUS_JUMP_IS_TAKEN, + DEBUGGER_CONDITIONAL_JUMP_STATUS_JUMP_IS_NOT_TAKEN, + +} DEBUGGER_CONDITIONAL_JUMP_STATUS; + +/* ============================================================================================== + */ + +/** + * @brief The structure of script packet in HyperDbg + * + */ +typedef struct _DEBUGGEE_SCRIPT_PACKET +{ + UINT32 ScriptBufferSize; + UINT32 ScriptBufferPointer; + BOOLEAN IsFormat; + UINT32 Result; + + // + // The script buffer is here + // + +} DEBUGGEE_SCRIPT_PACKET, *PDEBUGGEE_SCRIPT_PACKET; + +/* ============================================================================================== + */ + +/** + * @brief The structure of result of search packet in HyperDbg + * + */ +typedef struct _DEBUGGEE_RESULT_OF_SEARCH_PACKET +{ + UINT32 CountOfResults; + UINT32 Result; + +} DEBUGGEE_RESULT_OF_SEARCH_PACKET, *PDEBUGGEE_RESULT_OF_SEARCH_PACKET; + +/* ============================================================================================== + */ + +/** + * @brief Register Descriptor Structure to use in r command. + * + */ +typedef struct _DEBUGGEE_REGISTER_READ_DESCRIPTION +{ + UINT32 RegisterID; // the number is from REGS_ENUM + UINT64 Value; + UINT32 KernelStatus; + +} DEBUGGEE_REGISTER_READ_DESCRIPTION, *PDEBUGGEE_REGISTER_READ_DESCRIPTION; + +/* ============================================================================================== + */ + +/** + * @file Symbols.h + * @author Sina Karvandi (sina@hyperdbg.org) + * @brief HyperDbg's SDK Header Files For Symbol Parsing + * @details This file contains definitions of symbol parsers + * @version 0.2 + * @date 2022-06-24 + * + * @copyright This project is released under the GNU Public License v3. + * + */ +#pragma once + +////////////////////////////////////////////////// +// Symbols Details // +////////////////////////////////////////////////// + +/** + * @brief structures for sending and saving details + * about each module and symbols details + * + */ +typedef struct _MODULE_SYMBOL_DETAIL +{ + BOOLEAN IsSymbolDetailsFound; // TRUE if the details of symbols found, FALSE if not found + BOOLEAN IsLocalSymbolPath; // TRUE if the ModuleSymbolPath is a real path + // and FALSE if ModuleSymbolPath is just a module name + BOOLEAN IsSymbolPDBAvaliable; // TRUE if the module's pdb is available(if exists in the sympath) + BOOLEAN IsUserMode; // TRUE if the module is a user-mode module + BOOLEAN Is32Bit; // TRUE if the module is a 32-bit + UINT64 BaseAddress; + char FilePath[MAX_PATH]; + char ModuleSymbolPath[MAX_PATH]; + char ModuleSymbolGuidAndAge[MAXIMUM_GUID_AND_AGE_SIZE]; + +} MODULE_SYMBOL_DETAIL, *PMODULE_SYMBOL_DETAIL; + +typedef struct _USERMODE_LOADED_MODULE_SYMBOLS +{ + UINT64 BaseAddress; + UINT64 Entrypoint; + wchar_t FilePath[MAX_PATH]; + +} USERMODE_LOADED_MODULE_SYMBOLS, *PUSERMODE_LOADED_MODULE_SYMBOLS; + +typedef struct _USERMODE_LOADED_MODULE_DETAILS +{ + UINT32 ProcessId; + BOOLEAN OnlyCountModules; + BOOLEAN Is32Bit; + UINT32 ModulesCount; + UINT32 Result; + + // + // Here is a list of USERMODE_LOADED_MODULE_SYMBOLS (appended) + // + +} USERMODE_LOADED_MODULE_DETAILS, *PUSERMODE_LOADED_MODULE_DETAILS; + +/** + * @brief Callback type that should be used to add + * list of Addresses to ObjectNames + * + */ +typedef VOID (*SymbolMapCallback)(UINT64 Address, char * ModuleName, char * ObjectName, unsigned int ObjectSize); + +/** + * @brief request to add new symbol detail or update a previous + * symbol table entry + * + */ +typedef struct _DEBUGGER_UPDATE_SYMBOL_TABLE +{ + UINT32 TotalSymbols; + UINT32 CurrentSymbolIndex; + MODULE_SYMBOL_DETAIL SymbolDetailPacket; + +} DEBUGGER_UPDATE_SYMBOL_TABLE, *PDEBUGGER_UPDATE_SYMBOL_TABLE; + +/** + * @brief check so the DEBUGGER_UPDATE_SYMBOL_TABLE should be smaller than packet size + * + */ +//static_assert(sizeof(DEBUGGER_UPDATE_SYMBOL_TABLE) < PacketChunkSize, +// "err (static_assert), size of PacketChunkSize should be bigger than DEBUGGER_UPDATE_SYMBOL_TABLE (MODULE_SYMBOL_DETAIL)"); + +/* +============================================================================================== + */ + +/** + * @brief request that shows, symbol reload process is finished + * + */ +typedef struct _DEBUGGEE_SYMBOL_UPDATE_RESULT +{ + UINT64 KernelStatus; // Kernel put the status in this field + +} DEBUGGEE_SYMBOL_UPDATE_RESULT, *PDEBUGGEE_SYMBOL_UPDATE_RESULT; + +/* +============================================================================================== + */ + +/** + * @file HardwareDebugger.h + * @author Sina Karvandi (sina@hyperdbg.org) + * @brief HyperDbg's Hardware Debugger (hwdbg) types and constants + * @details This file contains definitions of hwdbg elements + * used in HyperDbg + * @version 0.9 + * @date 2024-04-28 + * + * @copyright This project is released under the GNU Public License v3. + * + */ +#pragma once + +////////////////////////////////////////////////// +// Definitions // +////////////////////////////////////////////////// + +/** + * @brief Initial debuggee to debugger offset + * + */ +#define DEFAULT_INITIAL_DEBUGGEE_TO_DEBUGGER_OFFSET 0x200 + +/** + * @brief Initial debugger to debuggee offset + * + */ +#define DEFAULT_INITIAL_DEBUGGER_TO_DEBUGGEE_OFFSET 0x0 + +////////////////////////////////////////////////// +// Enums // +////////////////////////////////////////////////// + +/** + * @brief Different action of hwdbg + * @warning This file should be changed along with hwdbg files + * + */ +typedef enum _HWDBG_ACTION_ENUMS +{ + hwdbgActionSendInstanceInfo = 1, + hwdbgActionConfigureScriptBuffer = 2, + +} HWDBG_ACTION_ENUMS; + +/** + * @brief Different responses come from hwdbg + * @warning This file should be changed along with hwdbg files + * + */ +typedef enum _HWDBG_RESPONSE_ENUMS +{ + hwdbgResponseSuccessOrErrorMessage = 1, + hwdbgResponseInstanceInfo = 2, + +} HWDBG_RESPONSE_ENUMS; + +/** + * @brief Different success or error codes in hwdbg + * @warning This file should be changed along with hwdbg files + * + */ +typedef enum _HWDBG_SUCCESS_OR_ERROR_ENUMS +{ + hwdbgOperationWasSuccessful = 0x7FFFFFFF, + hwdbgErrorInvalidPacket = 1, + +} HWDBG_SUCCESS_OR_ERROR_ENUMS; + +////////////////////////////////////////////////// +// Structures // +////////////////////////////////////////////////// + +/** + * @brief The structure of port information (each item) in hwdbg + * + */ +typedef struct _HWDBG_PORT_INFORMATION_ITEMS +{ + UINT32 PortSize; + +} HWDBG_PORT_INFORMATION_ITEMS, *PHWDBG_PORT_INFORMATION_ITEMS; + +/** + * @brief The structure of script capabilities information in hwdbg + * + */ +typedef struct _HWDBG_INSTANCE_INFORMATION +{ + // + // ANY ADDITION TO THIS STRUCTURE SHOULD BE SYNCHRONIZED WITH SCALA AND INSTANCE INFO SENDER MODULE + // + UINT32 version; // Target version of HyperDbg (same as hwdbg) + UINT32 maximumNumberOfStages; // Number of stages that this instance of hwdbg supports (NumberOfSupportedStages == 0 means script engine is disabled) + UINT32 scriptVariableLength; // maximum length of variables (and other script elements) + UINT32 maximumNumberOfSupportedGetScriptOperators; // Maximum supported GET operators in a single func + UINT32 maximumNumberOfSupportedSetScriptOperators; // Maximum supported SET operators in a single func + UINT32 sharedMemorySize; // Size of shared memory + UINT32 debuggerAreaOffset; // The memory offset of debugger + UINT32 debuggeeAreaOffset; // The memory offset of debuggee + UINT32 numberOfPins; // Number of pins + UINT32 numberOfPorts; // Number of ports + + // + // ANY ADDITION TO THIS STRUCTURE SHOULD BE SYNCHRONIZED WITH SCALA AND INSTANCE INFO SENDER MODULE + // + + struct _HWDBG_SCRIPT_CAPABILITIES + { + // + // ANY ADDITION TO THIS MASK SHOULD BE ADDED TO HwdbgInterpreterShowScriptCapabilities + // and HwdbgInterpreterCheckScriptBufferWithScriptCapabilities as well Scala file + // + UINT64 func_or : 1; + UINT64 func_xor : 1; + UINT64 func_and : 1; + UINT64 func_asr : 1; + UINT64 func_asl : 1; + UINT64 func_add : 1; + UINT64 func_sub : 1; + UINT64 func_mul : 1; + UINT64 func_div : 1; + UINT64 func_mod : 1; + UINT64 func_gt : 1; + UINT64 func_lt : 1; + UINT64 func_egt : 1; + UINT64 func_elt : 1; + UINT64 func_equal : 1; + UINT64 func_neq : 1; + UINT64 func_jmp : 1; + UINT64 func_jz : 1; + UINT64 func_jnz : 1; + UINT64 func_mov : 1; + UINT64 func_printf : 1; + + // + // ANY ADDITION TO THIS MASK SHOULD BE ADDED TO HwdbgInterpreterShowScriptCapabilities + // and HwdbgInterpreterCheckScriptBufferWithScriptCapabilities as well Scala file + // + + } scriptCapabilities; + + UINT32 bramAddrWidth; // BRAM address width + UINT32 bramDataWidth; // BRAM data width + + // + // Here the details of port arrangements are located (HWDBG_PORT_INFORMATION_ITEMS) + // As the following type: + // HWDBG_PORT_INFORMATION_ITEMS portsConfiguration[numberOfPorts] ; Port arrangement + // + +} HWDBG_INSTANCE_INFORMATION, *PHWDBG_INSTANCE_INFORMATION; + +/** + * @brief The structure of script buffer in hwdbg + * + */ +typedef struct _HWDBG_SCRIPT_BUFFER +{ + UINT32 scriptNumberOfSymbols; // Number of symbols in the script + + // + // Here the script buffer is located + // + // UINT8 scriptBuffer[scriptNumberOfSymbols]; // The script buffer + // + +} HWDBG_SCRIPT_BUFFER, *PHWDBG_SCRIPT_BUFFER; diff --git a/gengo/bind/sdkMerge/sdk_test.go b/gengo/bind/sdkMerge/sdk_test.go new file mode 100644 index 000000000..615be7232 --- /dev/null +++ b/gengo/bind/sdkMerge/sdk_test.go @@ -0,0 +1,61 @@ +package sdk + +import ( + "testing" + + "github.com/can1357/gengo/clang" + "github.com/can1357/gengo/gengo" + + "github.com/ddkwork/golibrary/mylog" +) + +func mergeHeader() { +} + +func handleDefileVars() { +} + +func TestBind(t *testing.T) { + mylog.SetDebug(false) + mylog.Call(func() { + pkg := gengo.NewPackage("HPRDBGCTRL", + gengo.WithRemovePrefix( + //"Zydis_", "Zyan_", "Zycore_", + //"Zydis", "Zyan", "Zycore", + ), + gengo.WithInferredMethods([]gengo.MethodInferenceRule{ + //{Name: "ZydisDecoder", Receiver: "Decoder"}, + }), + gengo.WithForcedSynthetic( + //"ZydisShortString_", + //"struct ZydisShortString_", + ), + ) + mylog.Check(pkg.Transform("HPRDBGCTRL", &clang.Options{ + Sources: []string{"combined_headers.h"}, + AdditionalParams: []string{ + //"-DZYAN_NO_LIBC", + //"-DZYAN_STATIC_ASSERT", + //"-DZYDIS_STATIC_BUILD", + //"-DHYPERDBG_HPRDBGCTRL", + + //"-IC:\\Program Files (x86)\\Windows Kits\\10\\Include\\10.0.26100.0\\shared", + //"-IC:\\Program Files (x86)\\Windows Kits\\10\\Include\\10.0.26100.0\\ucrt", + //"-IC:\\Program Files (x86)\\Windows Kits\\10\\Include\\10.0.26100.0\\um", + //"-IC:\\Program Files (x86)\\Windows Kits\\10\\Include\\10.0.26100.0\\km", + //"-IC:\\Program Files (x86)\\Windows Kits\\10\\Include\\10.0.26100.0\\km\\crt", + + //"-IC:\\Program Files (x86)\\Windows Kits\\10\\Include\\10.0.26100.0\\winrt", + //"-IC:\\Program Files\\Microsoft Visual Studio\\2022\\Enterprise\\VC\\Tools\\MSVC\\14.40.33807\\include", + + //"-ID:\\fork\\HyperDbg\\hyperdbg\\hprdbgctrl", + //"-ID:\\fork\\HyperDbg\\hyperdbg\\hprdbghv", + //"-ID:\\fork\\HyperDbg\\hyperdbg\\hprdbgctrl\\header", + //"-ID:\\fork\\HyperDbg\\hyperdbg\\include", + //"-ID:\\fork\\HyperDbg\\hyperdbg\\dependencies", + //"-ID:\\fork\\HyperDbg\\hyperdbg\\dependencies\\phnt", + }, + })) + mylog.Check(pkg.WriteToDir("C:\\Users\\Admin\\Desktop\\New folder")) + }) +} diff --git a/gengo/bind/zydis/Stderr.log b/gengo/bind/zydis/Stderr.log deleted file mode 100644 index fc31d9f6a..000000000 --- a/gengo/bind/zydis/Stderr.log +++ /dev/null @@ -1,7 +0,0 @@ -amalgamated-dist/Zydis.h:335:12: warning: 'ZYAN_STATIC_ASSERT' macro redefined [-Wmacro-redefined] - 335 | # define ZYAN_STATIC_ASSERT(x) _Static_assert(x, #x) - | ^ -:2:9: note: previous definition is here - 2 | #define ZYAN_STATIC_ASSERT 1 - | ^ -1 warning generated. diff --git a/gengo/clang/invoke.go b/gengo/clang/invoke.go index c61afe9cf..65894fa3a 100644 --- a/gengo/clang/invoke.go +++ b/gengo/clang/invoke.go @@ -5,6 +5,7 @@ import ( "os" "os/exec" "path/filepath" + "strings" "github.com/ddkwork/golibrary/stream" @@ -33,14 +34,17 @@ func (o *Options) ClangCommand(opt ...string) ([]byte, error) { cmd := exec.Command(o.ClangPath(), opt...) cmd.Args = append(cmd.Args, o.AdditionalParams...) cmd.Args = append(cmd.Args, o.Sources...) + + return stream.RunCommandArgs(cmd.Args...).Output.Bytes(), nil + + // cmd.Args = append(cmd.Args, "2>&1") + mylog.Trace("commands", strings.Join(cmd.Args, " ")) Stdout := &bytes.Buffer{} Stderr := &bytes.Buffer{} cmd.Stdout = Stdout cmd.Stderr = Stderr mylog.CheckIgnore(cmd.Run()) - println(Stderr.String()) - stream.WriteTruncate("Stderr.log", Stderr) - stream.WriteTruncate("Stdout.log", Stdout) + mylog.Check(Stderr.Bytes()) return Stdout.Bytes(), nil } @@ -68,23 +72,18 @@ func CreateLayoutMap(opt *Options) ([]byte, error) { func Parse(opt *Options) (ast Node, layout *LayoutMap, err error) { errg := &errgroup.Group{} errg.Go(func() error { - res, e := CreateAST(opt) - if e != nil { - return e - } - ast, e = ParseAST(res) - return e + res := mylog.Check2(CreateAST(opt)) + stream.WriteTruncate("ast.json", res) + ast = mylog.Check2(ParseAST(res)) + return nil }) errg.Go(func() error { - res, e := CreateLayoutMap(opt) - if e != nil { - return e - } - layout, e = ParseLayoutMap(res) - return e + res := mylog.Check2(CreateLayoutMap(opt)) + stream.WriteTruncate("astLayout.log", res) + layout = mylog.Check2(ParseLayoutMap(res)) + return nil }) - if mylog.Check(errg.Wait()); err != nil { - return nil, nil, err - } + mylog.Check(errg.Wait()) + stream.RunCommand("clang -E -dM " + opt.Sources[0] + " > macros.log") // 2>&1 return ast, layout, nil } diff --git a/gengo/clang/layout_parse.go b/gengo/clang/layout_parse.go index 0e939cb8f..eb26dfd26 100644 --- a/gengo/clang/layout_parse.go +++ b/gengo/clang/layout_parse.go @@ -64,8 +64,20 @@ type RecordLayout struct { func (r *RecordLayout) UnmarshalString(data string) error { // mylog.Check(errors.New("improperly terminated layout")) + + switch { + case strings.Contains(data, "__NSConstantString_tag"): + // mylog.Warning("skip unmarshal RecordLayout", data) + // return nil + } + first := true + offset := 0 + for _, line := range strings.Split(data, "\n") { + if line == "" { + continue + } before, after, found := strings.Cut(line, "|") if !found { continue @@ -75,13 +87,20 @@ func (r *RecordLayout) UnmarshalString(data string) error { before = strings.TrimSpace(before) if before == "" { after = strings.TrimSpace(after) - //mylog.Check2(fmt.Sscanf(after, "[sizeof=%d, align=%d]", &r.Size, &r.Align)) + // mylog.Check2(fmt.Sscanf(after, "[sizeof=%d, align=%d]", &r.Size, &r.Align)) mylog.Check2(fmt.Sscanf(after, "[sizeof=%d, align=%d", &r.Size, &r.Align)) break } // Parse offset - offset := mylog.Check2(strconv.Atoi(strings.TrimSpace(before))) + if strings.Contains(before, ":") && strings.Contains(before, "-") { + split := strings.Split(before, ":") + bitRange := strings.Split(split[1], "-") + start, end := mylog.Check2(strconv.Atoi(bitRange[0])), mylog.Check2(strconv.Atoi(bitRange[1])) + offset += end - start + 1 + } else { + offset = mylog.Check2Ignore(strconv.Atoi(strings.TrimSpace(before))) + } // Determine indentation level indent := len(after) @@ -90,8 +109,13 @@ func (r *RecordLayout) UnmarshalString(data string) error { after = strings.TrimSpace(after) // Parse name and type - name := "" + name := "" // todo test + typen := after + // save strut type todo test + if strings.HasPrefix(typen, "struct ") { + // typen = "struct " + } if lastSpace := strings.LastIndex(after, " "); lastSpace != -1 { // If the last space is followed by a closing parenthesis, then it is part of the type. if !strings.Contains(after[lastSpace+1:], ")") { @@ -103,6 +127,10 @@ func (r *RecordLayout) UnmarshalString(data string) error { } } + if name == "" { + // continue + } + // Create node if first { r.Offset = offset @@ -119,7 +147,7 @@ func (r *RecordLayout) UnmarshalString(data string) error { }) } } - + // mylog.Json("layout", r.layout.Fields) // Group fields r.regroup() return nil diff --git a/gengo/gengo/generate.go b/gengo/gengo/generate.go index 3acdf2c06..33bd246e7 100644 --- a/gengo/gengo/generate.go +++ b/gengo/gengo/generate.go @@ -6,6 +6,8 @@ import ( "strconv" "strings" + "github.com/ddkwork/golibrary/mylog" + "github.com/can1357/gengo/clang" "github.com/dave/dst" ) @@ -68,7 +70,8 @@ func (mod Module) EmitEnum(n *clang.EnumDecl) { if cval, ok := ival.(clang.ConstValueNode); ok { val, _ = strconv.Atoi(cval.Value()) } else { - panic(fmt.Sprintf("unhandled value node: %T", ival)) + mylog.CheckIgnore(fmt.Sprintf("unhandled value node: %T", ival)) + continue } } @@ -639,6 +642,7 @@ func (mod Module) EmitFrom(ast clang.Node, layouts *clang.LayoutMap) { // Define typedefs. clang.Visit(ast, func(td *clang.TypedefDecl) bool { + // mylog.Warning(td.Name, td.Type.QualType) mod.EmitTypedef(td) return true }) diff --git a/gengo/gengo/package.go b/gengo/gengo/package.go index 3f0e906bc..a104d2224 100644 --- a/gengo/gengo/package.go +++ b/gengo/gengo/package.go @@ -42,10 +42,12 @@ func NewPackage(name string, opts ...BaseProviderOption) *Package { } func (p *Package) Transform(module string, opt *clang.Options) error { - ast, layouts := mylog.Check3(clang.Parse(opt)) + mylog.Call(func() { + ast, layouts := mylog.Check3(clang.Parse(opt)) - main := p.Upsert(module) - main.EmitFrom(ast, layouts) + main := p.Upsert(module) + main.EmitFrom(ast, layouts) + }) return nil } diff --git a/gengo/gengo/provider.go b/gengo/gengo/provider.go index b27282d56..8be6743d9 100644 --- a/gengo/gengo/provider.go +++ b/gengo/gengo/provider.go @@ -346,7 +346,7 @@ func (p *BaseProvider) ConvertQualType(q string) dst.Expr { } // Unknown type. - fmt.Printf("[WARN] Unknown type: %s\n", q) + mylog.Trace("Unknown type", q) return BuiltinAny.Ref() } diff --git a/gengo/go.mod b/gengo/go.mod index 704d5b9fa..372013bf4 100644 --- a/gengo/go.mod +++ b/gengo/go.mod @@ -25,7 +25,7 @@ require ( require ( github.com/dave/dst v0.27.3 - github.com/ddkwork/golibrary v0.0.65 + github.com/ddkwork/golibrary v0.0.66 github.com/valyala/fastjson v1.6.4 golang.org/x/sync v0.7.0 ) diff --git a/gengo/go.sum b/gengo/go.sum index ec5751edb..039750d93 100644 --- a/gengo/go.sum +++ b/gengo/go.sum @@ -14,6 +14,8 @@ github.com/ddkwork/golibrary v0.0.62 h1:1FykFpwByIEtR6l7tm7sa2MmZDjuoMEcZwY3tB1J github.com/ddkwork/golibrary v0.0.62/go.mod h1:aLG0o5decT3ocB5SWY94n55ynRpVcL8OInSo2p0o5UA= github.com/ddkwork/golibrary v0.0.65 h1:/WyTQzoVywAlCbNQgVhnoPXQ91NS6KclXvUBLc1ZDlQ= github.com/ddkwork/golibrary v0.0.65/go.mod h1:/55gYXaVeq2QkSTCaBk3sL0yzbg+DDPr9u3AvyFJblU= +github.com/ddkwork/golibrary v0.0.66 h1:8tsV0lUHZ0sfoqFTl6fF43GL4Kt+ttB0vyLc7LVbrEg= +github.com/ddkwork/golibrary v0.0.66/go.mod h1:/55gYXaVeq2QkSTCaBk3sL0yzbg+DDPr9u3AvyFJblU= github.com/ebitengine/purego v0.7.1 h1:6/55d26lG3o9VCZX8lping+bZcmShseiqlh2bnUDiPA= github.com/ebitengine/purego v0.7.1/go.mod h1:ah1In8AOtksoNK6yk5z1HTJeUkC1Ez4Wk2idgGslMwQ= github.com/fatih/color v1.17.0 h1:GlRw1BRJxkpqUCBKzKOw098ed57fEsKeNjpTe3cSjK4= diff --git a/go.mod b/go.mod index 22554d4db..1e3ddc9b7 100644 --- a/go.mod +++ b/go.mod @@ -3,8 +3,8 @@ module github.com/ddkwork/hyperdbgui go 1.22.4 require ( - github.com/ddkwork/app v0.0.0-20240618181015-bd28c7f7b739 - github.com/ddkwork/golibrary v0.0.65 + github.com/ddkwork/app v0.0.0-20240620141554-df6a26375313 + github.com/ddkwork/golibrary v0.0.66 github.com/richardwilkes/unison v0.71.0 ) diff --git a/go.sum b/go.sum index c0e8dee67..bcf3e91b6 100644 --- a/go.sum +++ b/go.sum @@ -17,8 +17,12 @@ github.com/dc0d/caseconv v0.5.0 h1:z3Ki2zszD03beetWyNAGa3NOAbnDJk+bX0tvcx9BKjQ= github.com/dc0d/caseconv v0.5.0/go.mod h1:/CrBBNtMoPTPf0INHrwyyhDrDjAJ9PFE+WuxSJHU0ZE= github.com/ddkwork/app v0.0.0-20240618181015-bd28c7f7b739 h1:XyAjgR84qIQeLh7BHYNVNcyXaDMSPCr5dqQZvCvIgj4= github.com/ddkwork/app v0.0.0-20240618181015-bd28c7f7b739/go.mod h1:1WX5EAXe8SfAOk6vdmxEKXv7xeIWlMMJB0/rydlFJWE= +github.com/ddkwork/app v0.0.0-20240620141554-df6a26375313 h1:rWyRyA9nOlCJkI21cAOQpwXxgL1b/cV4B7G/+es1X7A= +github.com/ddkwork/app v0.0.0-20240620141554-df6a26375313/go.mod h1:tk4Id8L43TKpIhcXe1rN/K0MbIAxszCvAWAtEwqaTlQ= github.com/ddkwork/golibrary v0.0.65 h1:/WyTQzoVywAlCbNQgVhnoPXQ91NS6KclXvUBLc1ZDlQ= github.com/ddkwork/golibrary v0.0.65/go.mod h1:/55gYXaVeq2QkSTCaBk3sL0yzbg+DDPr9u3AvyFJblU= +github.com/ddkwork/golibrary v0.0.66 h1:8tsV0lUHZ0sfoqFTl6fF43GL4Kt+ttB0vyLc7LVbrEg= +github.com/ddkwork/golibrary v0.0.66/go.mod h1:/55gYXaVeq2QkSTCaBk3sL0yzbg+DDPr9u3AvyFJblU= github.com/dlclark/regexp2 v1.11.0 h1:G/nrcoOa7ZXlpoa/91N3X7mM3r8eIlMBBJZvsz/mxKI= github.com/dlclark/regexp2 v1.11.0/go.mod h1:DHkYz0B9wPfa6wondMfaivmHpzrQ3v9q8cnmRbL6yW8= github.com/edsrzf/mmap-go v1.1.0 h1:6EUwBLQ/Mcr1EYLE4Tn1VdW1A4ckqCQWZBw8Hr0kjpQ= diff --git a/old_delete/sdk_old.tar b/old_delete/sdk_old.tar deleted file mode 100644 index 0f709ad24..000000000 Binary files a/old_delete/sdk_old.tar and /dev/null differ diff --git a/old_delete/sdk_old/Headers/BasicTypes.h b/old_delete/sdk_old/Headers/BasicTypes.h new file mode 100644 index 000000000..55909364f --- /dev/null +++ b/old_delete/sdk_old/Headers/BasicTypes.h @@ -0,0 +1,129 @@ +/** + * @file BasicTypes.h + * @author Sina Karvandi (sina@hyperdbg.org) + * @brief HyperDbg's SDK Headers For Basic Datatypes + * @details This file contains definitions of basic datatypes + * @version 0.2 + * @date 2022-06-28 + * + * @copyright This project is released under the GNU Public License v3. + * + */ +#pragma once + +////////////////////////////////////////////////// +// Basic Datatypes // +////////////////////////////////////////////////// + +typedef unsigned long long QWORD; +typedef unsigned __int64 UINT64, *PUINT64; +typedef unsigned long DWORD; +typedef int BOOL; +typedef unsigned char BYTE; +typedef unsigned short WORD; +typedef int INT; +typedef unsigned int UINT; +typedef unsigned int * PUINT; +typedef unsigned __int64 ULONG64, *PULONG64; +typedef unsigned __int64 DWORD64, *PDWORD64; +typedef char CHAR; +typedef wchar_t WCHAR; +#define VOID void + +typedef unsigned char UCHAR; +typedef unsigned short USHORT; +typedef unsigned long ULONG; + +typedef UCHAR BOOLEAN; // winnt +typedef BOOLEAN * PBOOLEAN; // winnt + +typedef signed char INT8, *PINT8; +typedef signed short INT16, *PINT16; +typedef signed int INT32, *PINT32; +typedef signed __int64 INT64, *PINT64; +typedef unsigned char UINT8, *PUINT8; +typedef unsigned short UINT16, *PUINT16; +typedef unsigned int UINT32, *PUINT32; +typedef unsigned __int64 UINT64, *PUINT64; + +#define FALSE 0 +#define TRUE 1 + +#define UPPER_56_BITS 0xffffffffffffff00 +#define UPPER_48_BITS 0xffffffffffff0000 +#define UPPER_32_BITS 0xffffffff00000000 +#define LOWER_32_BITS 0x00000000ffffffff +#define LOWER_16_BITS 0x000000000000ffff +#define LOWER_8_BITS 0x00000000000000ff +#define SECOND_LOWER_8_BITS 0x000000000000ff00 +#define UPPER_48_BITS_AND_LOWER_8_BITS 0xffffffffffff00ff + +// +// DO NOT FUCKING TOUCH THIS STRUCTURE WITHOUT COORDINATION WITH SINA +// +typedef struct GUEST_REGS +{ + // + // DO NOT FUCKING TOUCH THIS STRUCTURE WITHOUT COORDINATION WITH SINA + // + + UINT64 rax; // 0x00 + UINT64 rcx; // 0x08 + UINT64 rdx; // 0x10 + UINT64 rbx; // 0x18 + UINT64 rsp; // 0x20 + UINT64 rbp; // 0x28 + UINT64 rsi; // 0x30 + UINT64 rdi; // 0x38 + UINT64 r8; // 0x40 + UINT64 r9; // 0x48 + UINT64 r10; // 0x50 + UINT64 r11; // 0x58 + UINT64 r12; // 0x60 + UINT64 r13; // 0x68 + UINT64 r14; // 0x70 + UINT64 r15; // 0x78 + + // + // DO NOT FUCKING TOUCH THIS STRUCTURE WITHOUT COORDINATION WITH SINA + // + +} GUEST_REGS, *PGUEST_REGS; + +/** + * @brief struct for extra registers + * + */ +typedef struct GUEST_EXTRA_REGISTERS +{ + UINT16 CS; + UINT16 DS; + UINT16 FS; + UINT16 GS; + UINT16 ES; + UINT16 SS; + UINT64 RFLAGS; + UINT64 RIP; +} GUEST_EXTRA_REGISTERS, *PGUEST_EXTRA_REGISTERS; + +/** + * @brief The structure of detail of a triggered event in HyperDbg + * + */ +typedef struct _DEBUGGER_TRIGGERED_EVENT_DETAILS +{ + UINT64 Tag; /* in breakpoints Tag is breakpoint id, not event tag */ + PVOID Context; + +} DEBUGGER_TRIGGERED_EVENT_DETAILS, *PDEBUGGER_TRIGGERED_EVENT_DETAILS; + +/** + * @brief List of different variables + */ +typedef struct _SCRIPT_ENGINE_VARIABLES_LIST +{ + UINT64 * TempList; + UINT64 * GlobalVariablesList; + UINT64 * LocalVariablesList; + +} SCRIPT_ENGINE_VARIABLES_LIST, *PSCRIPT_ENGINE_VARIABLES_LIST; diff --git a/old_delete/sdk_old/Headers/BasicTypes.h.go b/old_delete/sdk_old/Headers/BasicTypes.h.go new file mode 100644 index 000000000..442e700b8 --- /dev/null +++ b/old_delete/sdk_old/Headers/BasicTypes.h.go @@ -0,0 +1,110 @@ +package Headers + +import "unsafe" + +type ( + QWORD uint64 + // UINT64 uint64 //repeated typedef unsigned __int64 UINT64, *PUINT64; + // PUINT64 *uint64 + DWORD uint32 + BOOL bool + BYTE byte + WORD uint16 + INT int + UINT uint + PUINT *uint + ULONG64 uint64 + PULONG64 *uint64 + DWORD64 uint64 + PDWORD64 *uint64 + CHAR int8 + WCHAR rune + + UCHAR byte + USHOR uint16 + ULONG uint32 + + BOOLEAN bool + PBOOLEAN *bool + + INT8 int8 + PINT8 uint8 + INT16 int16 + PINT16 *int16 + INT32 int32 + PINT32 *int32 + INT64 int64 + PINT64 *int64 + UINT8 uint8 + PUINT8 *uint8 + UINT16 uint16 + PUINT16 *uint16 + UINT32 uint32 + PUINT32 *uint32 + UINT64 uint64 + PUINT64 *uint64 + + PVOID unsafe.Pointer + VOID *unsafe.Pointer +) + +const ( + FALSE = 0 + TRUE = 1 + + UPPER_56_BITS = 0xffffffffffffff00 + UPPER_48_BITS = 0xffffffffffff0000 + UPPER_32_BITS = 0xffffffff00000000 + LOWER_32_BITS = 0x00000000ffffffff + LOWER_16_BITS = 0x000000000000ffff + LOWER_8_BITS = 0x00000000000000ff + SECOND_LOWER_8_BITS = 0x000000000000ff00 + UPPER_48_BITS_AND_LOWER_8_BITS = 0xffffffffffff00ff +) + +type ( + GUEST_REGS struct { + rax uint64 + rcx uint64 + rdx uint64 + rbx uint64 + rsp uint64 + rbp uint64 + rsi uint64 + rdi uint64 + r8 uint64 + r9 uint64 + r10 uint64 + r11 uint64 + r12 uint64 + r13 uint64 + r14 uint64 + r15 uint64 + } + PGUEST_REGS *GUEST_REGS + + GUEST_EXTRA_REGISTERS struct { + CS uint16 + DS uint16 + FS uint16 + GS uint16 + ES uint16 + SS uint16 + RFLAGS uint64 + RIP uint64 + } + PGUEST_EXTRA_REGISTERS *GUEST_EXTRA_REGISTERS + + DEBUGGER_TRIGGERED_EVENT_DETAILS struct { + Tag uint64 + Context PVOID + } + PDEBUGGER_TRIGGERED_EVENT_DETAILS *DEBUGGER_TRIGGERED_EVENT_DETAILS + + SCRIPT_ENGINE_VARIABLES_LIST struct { + TempList *uint64 + GlobalVariablesList *uint64 + LocalVariablesList *uint64 + } + PSCRIPT_ENGINE_VARIABLES_LIST *SCRIPT_ENGINE_VARIABLES_LIST +) diff --git a/old_delete/sdk_old/Headers/Connection.h b/old_delete/sdk_old/Headers/Connection.h new file mode 100644 index 000000000..64c60417b --- /dev/null +++ b/old_delete/sdk_old/Headers/Connection.h @@ -0,0 +1,211 @@ +/** + * @file Connection.h + * @author Sina Karvandi (sina@hyperdbg.org) + * @brief HyperDbg's SDK Headers For Native Structures, Enums and Constants + * @details These datatypes are used in all devices like HDL (FPGAs) + * @version 0.2 + * @date 2022-07-14 + * + * @copyright This project is released under the GNU Public License v3. + * + */ +#pragma once + +/** + * @brief enum for reasons why debuggee is paused + * + */ +typedef enum _DEBUGGEE_PAUSING_REASON +{ + + // + // For both kernel & user debugger + // + DEBUGGEE_PAUSING_REASON_NOT_PAUSED = 0, + DEBUGGEE_PAUSING_REASON_PAUSE_WITHOUT_DISASM, + DEBUGGEE_PAUSING_REASON_REQUEST_FROM_DEBUGGER, + DEBUGGEE_PAUSING_REASON_DEBUGGEE_STEPPED, + DEBUGGEE_PAUSING_REASON_DEBUGGEE_SOFTWARE_BREAKPOINT_HIT, + DEBUGGEE_PAUSING_REASON_DEBUGGEE_HARDWARE_DEBUG_REGISTER_HIT, + DEBUGGEE_PAUSING_REASON_DEBUGGEE_CORE_SWITCHED, + DEBUGGEE_PAUSING_REASON_DEBUGGEE_PROCESS_SWITCHED, + DEBUGGEE_PAUSING_REASON_DEBUGGEE_THREAD_SWITCHED, + DEBUGGEE_PAUSING_REASON_DEBUGGEE_COMMAND_EXECUTION_FINISHED, + DEBUGGEE_PAUSING_REASON_DEBUGGEE_EVENT_TRIGGERED, + DEBUGGEE_PAUSING_REASON_DEBUGGEE_ENTRY_POINT_REACHED, + + // + // Only for user-debugger + // + DEBUGGEE_PAUSING_REASON_DEBUGGEE_GENERAL_DEBUG_BREAK, + DEBUGGEE_PAUSING_REASON_DEBUGGEE_GENERAL_THREAD_INTERCEPTED, + + // + // Only used for hardware debugging + // + DEBUGGEE_PAUSING_REASON_HARDWARE_BASED_DEBUGGEE_GENERAL_BREAK, + +} DEBUGGEE_PAUSING_REASON; + +/** + * @brief enum for requested action for HyperDbg packet + * + */ +typedef enum _DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION +{ + + // + // Debugger to debuggee (user-mode execution) + // + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_USER_MODE_PAUSE = 1, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_USER_MODE_DO_NOT_READ_ANY_PACKET, + + // + // Debugger to debuggee (vmx-root mode execution) + // + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_MODE_STEP, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_MODE_CONTINUE, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_MODE_CLOSE_AND_UNLOAD_DEBUGGEE, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_MODE_CHANGE_CORE, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_MODE_FLUSH_BUFFERS, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_MODE_CALLSTACK, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_MODE_TEST_QUERY, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_MODE_CHANGE_PROCESS, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_MODE_CHANGE_THREAD, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_RUN_SCRIPT, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_USER_INPUT_BUFFER, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_SEARCH_QUERY, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_REGISTER_EVENT, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_ADD_ACTION_TO_EVENT, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_QUERY_AND_MODIFY_EVENT, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_READ_REGISTERS, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_READ_MEMORY, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_EDIT_MEMORY, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_BP, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_LIST_OR_MODIFY_BREAKPOINTS, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_SYMBOL_RELOAD, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_QUERY_PA2VA_AND_VA2PA, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_SYMBOL_QUERY_PTE, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_SET_SHORT_CIRCUITING_STATE, + + // + // Debuggee to debugger + // + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_NO_ACTION = 0, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_STARTED, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_LOGGING_MECHANISM, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_PAUSED_AND_CURRENT_INSTRUCTION, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_CHANGING_CORE, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_CHANGING_PROCESS, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_CHANGING_THREAD, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_RUNNING_SCRIPT, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_FORMATS, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_FLUSH, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_CALLSTACK, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_TEST_QUERY, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_REGISTERING_EVENT, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_ADDING_ACTION_TO_EVENT, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_QUERY_AND_MODIFY_EVENT, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_SHORT_CIRCUITING_EVENT, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_READING_REGISTERS, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_READING_MEMORY, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_EDITING_MEMORY, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_BP, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_SHORT_CIRCUITING_STATE, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_LIST_OR_MODIFY_BREAKPOINTS, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_UPDATE_SYMBOL_INFO, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RELOAD_SYMBOL_FINISHED, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RELOAD_SEARCH_QUERY, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_PTE, + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_VA2PA_AND_PA2VA, + + // + // hardware debuggee to debugger + // + + // + // hardware debugger to debuggee + // + +} DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION; + +/** + * @brief enum for diffrent packet types in HyperDbg packets + * + */ +typedef enum _DEBUGGER_REMOTE_PACKET_TYPE +{ + + // + // Debugger to debuggee (vmx-root) + // + DEBUGGER_REMOTE_PACKET_TYPE_DEBUGGER_TO_DEBUGGEE_EXECUTE_ON_VMX_ROOT = 1, + + // + // Debugger to debuggee (user-mode) + // + DEBUGGER_REMOTE_PACKET_TYPE_DEBUGGER_TO_DEBUGGEE_EXECUTE_ON_USER_MODE, + + // + // Debuggee to debugger (user-mode and kernel-mode, vmx-root mode) + // + DEBUGGER_REMOTE_PACKET_TYPE_DEBUGGEE_TO_DEBUGGER, + + // + // Debugger to debuggee (hardware) + // + DEBUGGER_REMOTE_PACKET_TYPE_DEBUGGER_TO_DEBUGGEE_HARDWARE_LEVEL = 1, + + // + // Debuggee to debugger (hardware) + // + DEBUGGER_REMOTE_PACKET_TYPE_DEBUGGEE_TO_DEBUGGER_HARDWARE_LEVEL, + +} DEBUGGER_REMOTE_PA//const ( +// // Debuggee to debugger +// DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_NO_ACTION DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION = iota +//DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_STARTED +//DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_LOGGING_MECHANISM +//DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_PAUSED_AND_CURRENT_INSTRUCTION +//DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_CHANGING_CORE +//DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_CHANGING_PROCESS +//DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_CHANGING_THREAD +//DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_RUNNING_SCRIPT +//DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_FORMATS +//DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_FLUSH +//DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_CALLSTACK +//DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_TEST_QUERY +//DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_REGISTERING_EVENT +//DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_ADDING_ACTION_TO_EVENT +//DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_QUERY_AND_MODIFY_EVENT +//DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_SHORT_CIRCUITING_EVENT +//DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_READING_REGISTERS +//DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_READING_MEMORY +//DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_EDITING_MEMORY +//DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_BP +//DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_SHORT_CIRCUITING_STATE +//DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_LIST_OR_MODIFY_BREAKPOINTS +//DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_UPDATE_SYMBOL_INFO +//DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RELOAD_SYMBOL_FINISHED +//DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RELOAD_SEARCH_QUERY +//DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_PTE +//DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_VA2PA_AND_PA2VA +// +// // hardware debuggee to debugger +// +// // hardware debugger to debuggee +//) +CKET_TYPE; + +/** + * @brief The structure of remote packets in HyperDbg + * + */ +typedef struct _DEBUGGER_REMOTE_PACKET +{ + BYTE Checksum; + UINT64 Indicator; /* Shows the type of the packet */ + DEBUGGER_REMOTE_PACKET_TYPE TypeOfThePacket; + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION RequestedActionOfThePacket; + +} DEBUGGER_REMOTE_PACKET, *PDEBUGGER_REMOTE_PACKET; diff --git a/old_delete/sdk_old/Headers/Connection.h.go b/old_delete/sdk_old/Headers/Connection.h.go new file mode 100644 index 000000000..56cd70a38 --- /dev/null +++ b/old_delete/sdk_old/Headers/Connection.h.go @@ -0,0 +1,135 @@ +package Headers + +type DEBUGGEE_PAUSING_REASON byte + +const ( + // For both kernel & user debugger + DEBUGGEE_PAUSING_REASON_NOT_PAUSED DEBUGGEE_PAUSING_REASON = iota + DEBUGGEE_PAUSING_REASON_PAUSE_WITHOUT_DISASM + DEBUGGEE_PAUSING_REASON_REQUEST_FROM_DEBUGGER + DEBUGGEE_PAUSING_REASON_DEBUGGEE_STEPPED + DEBUGGEE_PAUSING_REASON_DEBUGGEE_SOFTWARE_BREAKPOINT_HIT + DEBUGGEE_PAUSING_REASON_DEBUGGEE_HARDWARE_DEBUG_REGISTER_HIT + DEBUGGEE_PAUSING_REASON_DEBUGGEE_CORE_SWITCHED + DEBUGGEE_PAUSING_REASON_DEBUGGEE_PROCESS_SWITCHED + DEBUGGEE_PAUSING_REASON_DEBUGGEE_THREAD_SWITCHED + DEBUGGEE_PAUSING_REASON_DEBUGGEE_COMMAND_EXECUTION_FINISHED + DEBUGGEE_PAUSING_REASON_DEBUGGEE_EVENT_TRIGGERED + DEBUGGEE_PAUSING_REASON_DEBUGGEE_ENTRY_POINT_REACHED + + // Only for user-debugger + DEBUGGEE_PAUSING_REASON_DEBUGGEE_GENERAL_DEBUG_BREAK + DEBUGGEE_PAUSING_REASON_DEBUGGEE_GENERAL_THREAD_INTERCEPTED + + // Only used for hardware debugging + DEBUGGEE_PAUSING_REASON_HARDWARE_BASED_DEBUGGEE_GENERAL_BREAK +) + +// add for decode status by error codes +// func (pr DEBUGGEE_PAUSING_REASON) String() string { return fmt.Sprint(pr) } + +type DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION byte + +const ( + // Debugger to debuggee (user-mode execution) + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_bad DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION = iota + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_USER_MODE_PAUSE + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_USER_MODE_DO_NOT_READ_ANY_PACKET + + // Debugger to debuggee (vmx-root mode execution) + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_MODE_STEP + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_MODE_CONTINUE + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_MODE_CLOSE_AND_UNLOAD_DEBUGGEE + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_MODE_CHANGE_CORE + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_MODE_FLUSH_BUFFERS + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_MODE_CALLSTACK + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_MODE_TEST_QUERY + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_MODE_CHANGE_PROCESS + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_MODE_CHANGE_THREAD + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_RUN_SCRIPT + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_USER_INPUT_BUFFER + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_SEARCH_QUERY + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_REGISTER_EVENT + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_ADD_ACTION_TO_EVENT + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_QUERY_AND_MODIFY_EVENT + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_READ_REGISTERS + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_READ_MEMORY + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_EDIT_MEMORY + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_BP + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_LIST_OR_MODIFY_BREAKPOINTS + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_SYMBOL_RELOAD + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_QUERY_PA2VA_AND_VA2PA + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_SYMBOL_QUERY_PTE + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_ON_VMX_ROOT_SET_SHORT_CIRCUITING_STATE +) + +const ( // if merge the value is wrong + // Debuggee to debugger + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_NO_ACTION DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION = iota + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_STARTED + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_LOGGING_MECHANISM + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_PAUSED_AND_CURRENT_INSTRUCTION + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_CHANGING_CORE + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_CHANGING_PROCESS + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_CHANGING_THREAD + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_RUNNING_SCRIPT + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_FORMATS + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_FLUSH + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_CALLSTACK + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_TEST_QUERY + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_REGISTERING_EVENT + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_ADDING_ACTION_TO_EVENT + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_QUERY_AND_MODIFY_EVENT + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_SHORT_CIRCUITING_EVENT + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_READING_REGISTERS + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_READING_MEMORY + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_EDITING_MEMORY + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_BP + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_SHORT_CIRCUITING_STATE + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_LIST_OR_MODIFY_BREAKPOINTS + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_UPDATE_SYMBOL_INFO + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RELOAD_SYMBOL_FINISHED + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RELOAD_SEARCH_QUERY + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_PTE + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION_DEBUGGEE_RESULT_OF_VA2PA_AND_PA2VA + + // hardware debuggee to debugger + + // hardware debugger to debuggee +) + +type ( + DEBUGGER_REMOTE_PA byte + DEBUGGER_REMOTE_PACKET_TYPE DEBUGGER_REMOTE_PA +) + +const ( + DEBUGGER_REMOTE_PA_bad DEBUGGER_REMOTE_PA = iota + // Debugger to debuggee (vmx-root) + DEBUGGER_REMOTE_PACKET_TYPE_DEBUGGER_TO_DEBUGGEE_EXECUTE_ON_VMX_ROOT + + // Debugger to debuggee (user-mode) + DEBUGGER_REMOTE_PACKET_TYPE_DEBUGGER_TO_DEBUGGEE_EXECUTE_ON_USER_MODE + + // Debuggee to debugger (user-mode and kernel-mode, vmx-root mode) + DEBUGGER_REMOTE_PACKET_TYPE_DEBUGGEE_TO_DEBUGGER + + // Debugger to debuggee (hardware) + DEBUGGER_REMOTE_PACKET_TYPE_DEBUGGER_TO_DEBUGGEE_HARDWARE_LEVEL = 1 + + // Debuggee to debugger (hardware) + DEBUGGER_REMOTE_PACKET_TYPE_DEBUGGEE_TO_DEBUGGER_HARDWARE_LEVEL = 2 // go syntax not support nested unum +) + +// +//func (pr DEBUGGER_REMOTE_PA) String() string { return fmt.Sprint(pr) } + +type ( + DEBUGGER_REMOTE_PACKET struct { + Checksum byte + Indicator uint64 + TypeOfThePacket DEBUGGER_REMOTE_PACKET_TYPE + RequestedActionOfThePacket DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION + } + PDEBUGGER_REMOTE_PACKET *DEBUGGER_REMOTE_PACKET +) diff --git a/old_delete/sdk_old/Headers/Constants.h b/old_delete/sdk_old/Headers/Constants.h new file mode 100644 index 000000000..409bd40c4 --- /dev/null +++ b/old_delete/sdk_old/Headers/Constants.h @@ -0,0 +1,578 @@ +/** + * @file Constants.h + * @author Sina Karvandi (sina@hyperdbg.org) + * @brief HyperDbg's SDK constants + * @details This file contains definitions of constants + * used in HyperDbg + * @version 0.2 + * @date 2022-06-24 + * + * @copyright This project is released under the GNU Public License v3. + * + */ +#pragma once + +////////////////////////////////////////////////// +// Version Information // +////////////////////////////////////////////////// + +#define VERSION_MAJOR 0 +#define VERSION_MINOR 2 +#define VERSION_PATCH 0 + +// +// Example of __DATE__ string: "Jul 27 2012" +// 01234567890 + +#define BUILD_YEAR_CH0 (__DATE__[7]) +#define BUILD_YEAR_CH1 (__DATE__[8]) +#define BUILD_YEAR_CH2 (__DATE__[9]) +#define BUILD_YEAR_CH3 (__DATE__[10]) + +#define BUILD_MONTH_IS_JAN (__DATE__[0] == 'J' && __DATE__[1] == 'a' && __DATE__[2] == 'n') +#define BUILD_MONTH_IS_FEB (__DATE__[0] == 'F') +#define BUILD_MONTH_IS_MAR (__DATE__[0] == 'M' && __DATE__[1] == 'a' && __DATE__[2] == 'r') +#define BUILD_MONTH_IS_APR (__DATE__[0] == 'A' && __DATE__[1] == 'p') +#define BUILD_MONTH_IS_MAY (__DATE__[0] == 'M' && __DATE__[1] == 'a' && __DATE__[2] == 'y') +#define BUILD_MONTH_IS_JUN (__DATE__[0] == 'J' && __DATE__[1] == 'u' && __DATE__[2] == 'n') +#define BUILD_MONTH_IS_JUL (__DATE__[0] == 'J' && __DATE__[1] == 'u' && __DATE__[2] == 'l') +#define BUILD_MONTH_IS_AUG (__DATE__[0] == 'A' && __DATE__[1] == 'u') +#define BUILD_MONTH_IS_SEP (__DATE__[0] == 'S') +#define BUILD_MONTH_IS_OCT (__DATE__[0] == 'O') +#define BUILD_MONTH_IS_NOV (__DATE__[0] == 'N') +#define BUILD_MONTH_IS_DEC (__DATE__[0] == 'D') + +#define BUILD_MONTH_CH0 \ + ((BUILD_MONTH_IS_OCT || BUILD_MONTH_IS_NOV || BUILD_MONTH_IS_DEC) ? '1' : '0') + +#define BUILD_MONTH_CH1 \ + ( \ + (BUILD_MONTH_IS_JAN) ? '1' : (BUILD_MONTH_IS_FEB) ? '2' \ + : (BUILD_MONTH_IS_MAR) ? '3' \ + : (BUILD_MONTH_IS_APR) ? '4' \ + : (BUILD_MONTH_IS_MAY) ? '5' \ + : (BUILD_MONTH_IS_JUN) ? '6' \ + : (BUILD_MONTH_IS_JUL) ? '7' \ + : (BUILD_MONTH_IS_AUG) ? '8' \ + : (BUILD_MONTH_IS_SEP) ? '9' \ + : (BUILD_MONTH_IS_OCT) ? '0' \ + : (BUILD_MONTH_IS_NOV) ? '1' \ + : (BUILD_MONTH_IS_DEC) ? '2' \ + : /* error default */ '?') + +#define BUILD_DAY_CH0 ((__DATE__[4] >= '0') ? (__DATE__[4]) : '0') +#define BUILD_DAY_CH1 (__DATE__[5]) + +// +// Example of __TIME__ string: "21:06:19" +// 01234567 + +#define BUILD_HOUR_CH0 (__TIME__[0]) +#define BUILD_HOUR_CH1 (__TIME__[1]) + +#define BUILD_MIN_CH0 (__TIME__[3]) +#define BUILD_MIN_CH1 (__TIME__[4]) + +#define BUILD_SEC_CH0 (__TIME__[6]) +#define BUILD_SEC_CH1 (__TIME__[7]) + +#if VERSION_MAJOR > 100 + +# define VERSION_MAJOR_INIT \ + ((VERSION_MAJOR / 100) + '0'), \ + (((VERSION_MAJOR % 100) / 10) + '0'), \ + ((VERSION_MAJOR % 10) + '0') + +#elif VERSION_MAJOR > 10 + +# define VERSION_MAJOR_INIT \ + ((VERSION_MAJOR / 10) + '0'), \ + ((VERSION_MAJOR % 10) + '0') + +#else + +# define VERSION_MAJOR_INIT \ + (VERSION_MAJOR + '0') + +#endif + +#if VERSION_MINOR > 100 + +# define VERSION_MINOR_INIT \ + ((VERSION_MINOR / 100) + '0'), \ + (((VERSION_MINOR % 100) / 10) + '0'), \ + ((VERSION_MINOR % 10) + '0') + +#elif VERSION_MINOR > 10 + +# define VERSION_MINOR_INIT \ + ((VERSION_MINOR / 10) + '0'), \ + ((VERSION_MINOR % 10) + '0') + +#else + +# define VERSION_MINOR_INIT \ + (VERSION_MINOR + '0') + +#endif + +#if VERSION_PATCH > 100 + +# define VERSION_PATCH_INIT \ + ((VERSION_PATCH / 100) + '0'), \ + (((VERSION_PATCH % 100) / 10) + '0'), \ + ((VERSION_PATCH % 10) + '0') + +#elif VERSION_PATCH > 10 + +# define VERSION_PATCH_INIT \ + ((VERSION_PATCH / 10) + '0'), \ + ((VERSION_PATCH % 10) + '0') + +#else + +# define VERSION_PATCH_INIT \ + (VERSION_PATCH + '0') + +#endif + +#ifndef HYPERDBG_KERNEL_MODE + +const unsigned char BuildDateTime[] = + { + BUILD_YEAR_CH0, + BUILD_YEAR_CH1, + BUILD_YEAR_CH2, + BUILD_YEAR_CH3, + '-', + BUILD_MONTH_CH0, + BUILD_MONTH_CH1, + '-', + BUILD_DAY_CH0, + BUILD_DAY_CH1, + ' ', + BUILD_HOUR_CH0, + BUILD_HOUR_CH1, + ':', + BUILD_MIN_CH0, + BUILD_MIN_CH1, + ':', + BUILD_SEC_CH0, + BUILD_SEC_CH1, + + '\0'}; + +const unsigned char CompleteVersion[] = + { + 'v', + VERSION_MAJOR_INIT, + '.', + VERSION_MINOR_INIT, + '.', + VERSION_PATCH_INIT, + '\0'}; + +const unsigned char BuildVersion[] = + { + BUILD_YEAR_CH0, + BUILD_YEAR_CH1, + BUILD_YEAR_CH2, + BUILD_YEAR_CH3, + BUILD_MONTH_CH0, + BUILD_MONTH_CH1, + BUILD_DAY_CH0, + BUILD_DAY_CH1, + + '\0'}; + +#endif // SCRIPT_ENGINE_KERNEL_MODE + +////////////////////////////////////////////////// +// Message Tracing // +////////////////////////////////////////////////// + +/** + * @brief Default buffer count of packets for message tracing + * @details number of packets storage for regualr buffers + */ +#define MaximumPacketsCapacity 1000 + +/** + * @brief Default buffer count of packets for message tracing + * @details number of packets storage for priority buffers + */ +#define MaximumPacketsCapacityPriority 10 + +/** + * @brief Size of each packet + */ +#define PacketChunkSize 4096 // PAGE_SIZE + +/** + * @brief size of user-mode buffer + * @details Because of Opeation code at the start of the + * buffer + 1 for null-termminating + * + */ +#define UsermodeBufferSize sizeof(UINT32) + PacketChunkSize + 1 + +/** + * @brief size of buffer for serial + * @details the maximum packet size for sending over serial + * User-mode buffer size + Header Structure Size + Count Of End Buffer Bytes + * + */ +#define MaxSerialPacketSize \ + UsermodeBufferSize + sizeof(DEBUGGER_REMOTE_PACKET) + \ + SERIAL_END_OF_BUFFER_CHARS_COUNT + +/** + * @brief Final storage size of message tracing + * + */ +#define LogBufferSize \ + MaximumPacketsCapacity *(PacketChunkSize + sizeof(BUFFER_HEADER)) + +/** + * @brief Final storage size of message tracing + * + */ +#define LogBufferSizePriority \ + MaximumPacketsCapacityPriority *(PacketChunkSize + sizeof(BUFFER_HEADER)) + +/** + * @brief limitation of Windows DbgPrint message size + * @details currently is not functional + * + */ +#define DbgPrintLimitation 512 + +/** + * @brief The seeds that user-mode codes use as the starter + * of their events' tag + * + */ +#define DebuggerEventTagStartSeed 0x1000000 + +/** + * @brief The seeds that user-mode thread detail token start with it + * @details This seed should not start with zero (0), otherwise it's + * interpreted as error + */ +#define DebuggerThreadDebuggingTagStartSeed 0x1000000 + +/** + * @brief The seeds that user-mode codes use as the starter + * of their output source tag + * + */ +#define DebuggerOutputSourceTagStartSeed 0x1 + +/** + * @brief Determines how many sources a debugger can have for + * a single event + * + */ +#define DebuggerOutputSourceMaximumRemoteSourceForSingleEvent 0x5 + +/** + * @brief The size of each chunk of memory used in the 'memcpy' function + * of the script engine for transfering buffers in the VMX-root mode + * + */ +#define DebuggerScriptEngineMemcpyMovingBufferSize 64 + +////////////////////////////////////////////////// +// Remote Connection // +////////////////////////////////////////////////// + +/** + * @brief default port of HyperDbg for listening by + * debuggee (server, guest) + * + */ +#define DEFAULT_PORT "50000" + +/** + * @brief Packet size for TCP connections + * @details Note that we might add something to the kernel buffers + * that's why we add 0x100 to it + */ +#define COMMUNICATION_BUFFER_SIZE PacketChunkSize + 0x100 + +////////////////////////////////////////////////// +// Operation Codes // +////////////////////////////////////////////////// + +/** + * @brief If a operation use this bit in its Operation code, + * then it means that the operation should be performed + * mandatorily in debuggee and should not be sent to the debugger + */ +#define OPERATION_MANDATORY_DEBUGGEE_BIT (1 << 31) + +/** + * @brief Message logs id that comes from kernel-mode to + * user-mode + * @details Message area >= 0x5 + */ +#define OPERATION_LOG_INFO_MESSAGE 0x1 +#define OPERATION_LOG_WARNING_MESSAGE 0x2 +#define OPERATION_LOG_ERROR_MESSAGE 0x3 +#define OPERATION_LOG_NON_IMMEDIATE_MESSAGE 0x4 +#define OPERATION_LOG_WITH_TAG 0x5 + +#define OPERATION_COMMAND_FROM_DEBUGGER_CLOSE_AND_UNLOAD_VMM \ + 0x6 | OPERATION_MANDATORY_DEBUGGEE_BIT +#define OPERATION_DEBUGGEE_USER_INPUT 0x7 | OPERATION_MANDATORY_DEBUGGEE_BIT +#define OPERATION_DEBUGGEE_REGISTER_EVENT 0x8 | OPERATION_MANDATORY_DEBUGGEE_BIT +#define OPERATION_DEBUGGEE_ADD_ACTION_TO_EVENT \ + 0x9 | OPERATION_MANDATORY_DEBUGGEE_BIT +#define OPERATION_DEBUGGEE_CLEAR_EVENTS 0xa | OPERATION_MANDATORY_DEBUGGEE_BIT +#define OPERATION_HYPERVISOR_DRIVER_IS_SUCCESSFULLY_LOADED \ + 0xb | OPERATION_MANDATORY_DEBUGGEE_BIT +#define OPERATION_HYPERVISOR_DRIVER_END_OF_IRPS \ + 0xc | OPERATION_MANDATORY_DEBUGGEE_BIT +#define OPERATION_COMMAND_FROM_DEBUGGER_RELOAD_SYMBOL \ + 0xd | OPERATION_MANDATORY_DEBUGGEE_BIT + +#define OPERATION_NOTIFICATION_FROM_USER_DEBUGGER_PAUSE \ + 0xe | OPERATION_MANDATORY_DEBUGGEE_BIT + +////////////////////////////////////////////////// +// Breakpoint Backup // +////////////////////////////////////////////////// + +/** + * @brief maximum number of buffers to be allocated for a single + * breakpoint + */ +#define MAXIMUM_BREAKPOINTS_WITHOUT_CONTINUE 50 + +////////////////////////////////////////////////// +// End of Buffer Detection // +////////////////////////////////////////////////// + +/** + * @brief count of characters for serial end of buffer + */ +#define SERIAL_END_OF_BUFFER_CHARS_COUNT 0x4 + +/** + * @brief characters of the buffer that we set at the end of + * buffers for serial + */ +#define SERIAL_END_OF_BUFFER_CHAR_1 0x00 +#define SERIAL_END_OF_BUFFER_CHAR_2 0x80 +#define SERIAL_END_OF_BUFFER_CHAR_3 0xEE +#define SERIAL_END_OF_BUFFER_CHAR_4 0xFF + +/** + * @brief count of characters for tcp end of buffer + */ +#define TCP_END_OF_BUFFER_CHARS_COUNT 0x4 + +/** + * @brief characters of the buffer that we set at the end of + * buffers for tcp + */ +#define TCP_END_OF_BUFFER_CHAR_1 0x10 +#define TCP_END_OF_BUFFER_CHAR_2 0x20 +#define TCP_END_OF_BUFFER_CHAR_3 0x33 +#define TCP_END_OF_BUFFER_CHAR_4 0x44 + +////////////////////////////////////////////////// +// Name of OS // +////////////////////////////////////////////////// + +/** + * @brief maximum name for OS name buffer + * + */ +#define MAXIMUM_CHARACTER_FOR_OS_NAME 256 + +////////////////////////////////////////////////// +// Processor Details // +////////////////////////////////////////////////// + +/** + * @brief maximum instruction size in Intel + */ +#define MAXIMUM_INSTR_SIZE 16 + +/** + * @brief maximum size for call instruction in Intel + */ +#define MAXIMUM_CALL_INSTR_SIZE 7 + +////////////////////////////////////////////////// +// Symbols Details // +////////////////////////////////////////////////// + +/** + * @brief maximum supported modules to load + * their symbol informations + */ +#define MAXIMUM_SUPPORTED_SYMBOLS 1000 + +/** + * @brief maximum size for GUID and Age of PE + * @detail It seems that 33 bytes is enough but let's + * have more space because there might be sth that we + * missed :) + */ +#define MAXIMUM_GUID_AND_AGE_SIZE 60 + +////////////////////////////////////////////////// +// Debuggee Communication // +////////////////////////////////////////////////// + +#define INDICATOR_OF_HYPERDBG_PACKET \ + 0x4859504552444247 // HYPERDBG = 0x4859504552444247 + +////////////////////////////////////////////////// +// Command Details // +////////////////////////////////////////////////// + +/** + * @brief maximum results that will be returned by !s* s* + * command + * + */ +#define MaximumSearchResults 0x1000 + +////////////////////////////////////////////////// +// Script Engine // +////////////////////////////////////////////////// + +/** + * @brief EFLAGS/RFLAGS + * + */ +#define X86_FLAGS_CF (1 << 0) +#define X86_FLAGS_PF (1 << 2) +#define X86_FLAGS_AF (1 << 4) +#define X86_FLAGS_ZF (1 << 6) +#define X86_FLAGS_SF (1 << 7) +#define X86_FLAGS_TF (1 << 8) +#define X86_FLAGS_IF (1 << 9) +#define X86_FLAGS_DF (1 << 10) +#define X86_FLAGS_OF (1 << 11) +#define X86_FLAGS_STATUS_MASK (0xfff) +#define X86_FLAGS_IOPL_MASK (3 << 12) +#define X86_FLAGS_IOPL_SHIFT (12) +#define X86_FLAGS_IOPL_SHIFT_2ND_BIT (13) +#define X86_FLAGS_NT (1 << 14) +#define X86_FLAGS_RF (1 << 16) +#define X86_FLAGS_VM (1 << 17) +#define X86_FLAGS_AC (1 << 18) +#define X86_FLAGS_VIF (1 << 19) +#define X86_FLAGS_VIP (1 << 20) +#define X86_FLAGS_ID (1 << 21) +#define X86_FLAGS_RESERVED_ONES 0x2 +#define X86_FLAGS_RESERVED 0xffc0802a + +#define X86_FLAGS_RESERVED_BITS 0xffc38028 +#define X86_FLAGS_FIXED 0x00000002 + +#define LOWORD(l) ((WORD)(l)) +#define HIWORD(l) ((WORD)(((DWORD)(l) >> 16) & 0xFFFF)) +#define LOBYTE(w) ((BYTE)(w)) +#define HIBYTE(w) ((BYTE)(((WORD)(w) >> 8) & 0xFF)) + +#define MAX_TEMP_COUNT 128 + +// TODO: Extract number of variables from input of ScriptEngine +// and allocate variableList Dynamically. +#define MAX_VAR_COUNT 512 + +#define MAX_FUNCTION_NAME_LENGTH 32 + +////////////////////////////////////////////////// +// Debugger // +////////////////////////////////////////////////// + +/** + * @brief Apply event modifications to all tags + * + */ +#define DEBUGGER_MODIFY_EVENTS_APPLY_TO_ALL_TAG 0xffffffffffffffff + +/** + * @brief Maximum length for a function (to be used in showing distance + * from symbol functions in the 'u' command) + * + */ +#define DISASSEMBLY_MAXIMUM_DISTANCE_FROM_OBJECT_NAME 0xffff + +/** + * @brief Read and write MSRs to all cores + * + */ +#define DEBUGGER_READ_AND_WRITE_ON_MSR_APPLY_ALL_CORES 0xffffffff + +/** + * @brief Apply the event to all the cores + * + */ +#define DEBUGGER_DEBUGGEE_IS_RUNNING_NO_CORE 0xffffffff + +/** + * @brief Apply the event to all the cores + * + */ +#define DEBUGGER_EVENT_APPLY_TO_ALL_CORES 0xffffffff + +/** + * @brief Apply the event to all the processes + * + */ +#define DEBUGGER_EVENT_APPLY_TO_ALL_PROCESSES 0xffffffff + +/** + * @brief Apply to all Model Specific Registers + * + */ +#define DEBUGGER_EVENT_MSR_READ_OR_WRITE_ALL_MSRS 0xffffffff + +/** + * @brief Apply to all first 32 exceptions + * + */ +#define DEBUGGER_EVENT_EXCEPTIONS_ALL_FIRST_32_ENTRIES 0xffffffff + +/** + * @brief Apply to all syscalls and sysrets + * + */ +#define DEBUGGER_EVENT_SYSCALL_ALL_SYSRET_OR_SYSCALLS 0xffffffff + +/** + * @brief Apply to all I/O ports + * + */ +#define DEBUGGER_EVENT_ALL_IO_PORTS 0xffffffff + +/** + * @brief The constant to apply to all cores for bp command + * + */ +#define DEBUGGEE_BP_APPLY_TO_ALL_CORES 0xffffffff + +/** + * @brief The constant to apply to all processes for bp command + * + */ +#define DEBUGGEE_BP_APPLY_TO_ALL_PROCESSES 0xffffffff + +/** + * @brief The constant to apply to all threads for bp command + * + */ +#define DEBUGGEE_BP_APPLY_TO_ALL_THREADS 0xffffffff + +/** + * @brief for reading all regisers in r command. + * + */ +#define DEBUGGEE_SHOW_ALL_REGISTERS 0xffffffff diff --git a/old_delete/sdk_old/Headers/Constants.h.go b/old_delete/sdk_old/Headers/Constants.h.go new file mode 100644 index 000000000..ce6b87b5e --- /dev/null +++ b/old_delete/sdk_old/Headers/Constants.h.go @@ -0,0 +1,121 @@ +package Headers + +import ( + "encoding/binary" +) + +type ( + BUFFER_HEADER struct { + OpeationNumber uint32 + BufferLength uint32 + Valid bool + } + PBUFFER_HEADER *BUFFER_HEADER +) + +type ConstantsVar int + +var ( + MaxSerialPacketSize = UsermodeBufferSize + binary.Size(DEBUGGER_REMOTE_PACKET{}) + SERIAL_END_OF_BUFFER_CHARS_COUNT + LogBufferSize = MaximumPacketsCapacity * (PacketChunkSize + binary.Size(BUFFER_HEADER{})) + LogBufferSizePriority = MaximumPacketsCapacityPriority * (PacketChunkSize + binary.Size(BUFFER_HEADER{})) + UsermodeBufferSize = binary.Size(uint32(0)) + PacketChunkSize + 1 +) + +const ( + VERSION_MAJOR ConstantsVar = 0 + VERSION_MINOR = 2 + VERSION_PATCH = 0 + + MaximumPacketsCapacity = 1000 + MaximumPacketsCapacityPriority = 10 + PacketChunkSize = 4096 // PAGE_SIZE + + DbgPrintLimitation = 512 + DebuggerEventTagStartSeed = 0x1000000 + DebuggerThreadDebuggingTagStartSeed = 0x1000000 + DebuggerOutputSourceTagStartSeed = 0x1 + DebuggerOutputSourceMaximumRemoteSourceForSingleEvent = 0x5 + DebuggerScriptEngineMemcpyMovingBufferSize = 64 + DEFAULT_PORT = "50000" + COMMUNICATION_BUFFER_SIZE = PacketChunkSize + 0x100 + OPERATION_MANDATORY_DEBUGGEE_BIT = 1 << 31 + OPERATION_LOG_INFO_MESSAGE = 0x1 + OPERATION_LOG_WARNING_MESSAGE = 0x2 + OPERATION_LOG_ERROR_MESSAGE = 0x3 + OPERATION_LOG_NON_IMMEDIATE_MESSAGE = 0x4 + OPERATION_LOG_WITH_TAG = 0x5 + OPERATION_COMMAND_FROM_DEBUGGER_CLOSE_AND_UNLOAD_VMM = 0x6 | OPERATION_MANDATORY_DEBUGGEE_BIT + OPERATION_DEBUGGEE_USER_INPUT = 0x7 | OPERATION_MANDATORY_DEBUGGEE_BIT + OPERATION_DEBUGGEE_REGISTER_EVENT = 0x8 | OPERATION_MANDATORY_DEBUGGEE_BIT + OPERATION_DEBUGGEE_ADD_ACTION_TO_EVENT = 0x9 | OPERATION_MANDATORY_DEBUGGEE_BIT + OPERATION_DEBUGGEE_CLEAR_EVENTS = 0xa | OPERATION_MANDATORY_DEBUGGEE_BIT + OPERATION_HYPERVISOR_DRIVER_IS_SUCCESSFULLY_LOADED = 0xb | OPERATION_MANDATORY_DEBUGGEE_BIT + OPERATION_HYPERVISOR_DRIVER_END_OF_IRPS = 0xc | OPERATION_MANDATORY_DEBUGGEE_BIT + OPERATION_COMMAND_FROM_DEBUGGER_RELOAD_SYMBOL = 0xd | OPERATION_MANDATORY_DEBUGGEE_BIT + OPERATION_NOTIFICATION_FROM_USER_DEBUGGER_PAUSE = 0xe | OPERATION_MANDATORY_DEBUGGEE_BIT + MAXIMUM_BREAKPOINTS_WITHOUT_CONTINUE = 50 + SERIAL_END_OF_BUFFER_CHARS_COUNT = 0x4 + SERIAL_END_OF_BUFFER_CHAR_1 = 0x00 + SERIAL_END_OF_BUFFER_CHAR_2 = 0x80 + SERIAL_END_OF_BUFFER_CHAR_3 = 0xEE + SERIAL_END_OF_BUFFER_CHAR_4 = 0xFF + TCP_END_OF_BUFFER_CHARS_COUNT = 0x4 + TCP_END_OF_BUFFER_CHAR_1 = 0x10 + TCP_END_OF_BUFFER_CHAR_2 = 0x20 + TCP_END_OF_BUFFER_CHAR_3 = 0x33 + TCP_END_OF_BUFFER_CHAR_4 = 0x44 + MAXIMUM_CHARACTER_FOR_OS_NAME = 256 + MAXIMUM_INSTR_SIZE = 16 + MAXIMUM_CALL_INSTR_SIZE = 7 + MAXIMUM_SUPPORTED_SYMBOLS = 1000 + MAXIMUM_GUID_AND_AGE_SIZE = 60 + INDICATOR_OF_HYPERDBG_PACKET = 0x4859504552444247 // HYPERDBG = 0x4859504552444247 + MaximumSearchResults = 0x1000 + X86_FLAGS_CF = 1 << 0 + X86_FLAGS_PF = 1 << 2 + X86_FLAGS_AF = 1 << 4 + X86_FLAGS_ZF = 1 << 6 + X86_FLAGS_SF = 1 << 7 + X86_FLAGS_TF = 1 << 8 + X86_FLAGS_IF = 1 << 9 + X86_FLAGS_DF = 1 << 10 + X86_FLAGS_OF = 1 << 11 + X86_FLAGS_STATUS_MASK = 0xfff + X86_FLAGS_IOPL_MASK = 3 << 12 + X86_FLAGS_IOPL_SHIFT = 12 + X86_FLAGS_IOPL_SHIFT_2ND_BIT = 13 + X86_FLAGS_NT = 1 << 14 + X86_FLAGS_RF = 1 << 16 + X86_FLAGS_VM = 1 << 17 + X86_FLAGS_AC = 1 << 18 + X86_FLAGS_VIF = 1 << 19 + X86_FLAGS_VIP = 1 << 20 + X86_FLAGS_ID = 1 << 21 + X86_FLAGS_RESERVED_ONES = 0x2 + X86_FLAGS_RESERVED = 0xffc0802a + X86_FLAGS_RESERVED_BITS = 0xffc38028 + X86_FLAGS_FIXED = 0x00000002 + MAX_TEMP_COUNT = 128 + MAX_VAR_COUNT = 512 + MAX_FUNCTION_NAME_LENGTH = 32 + DEBUGGER_MODIFY_EVENTS_APPLY_TO_ALL_TAG = 0xffffffffffffffff + DISASSEMBLY_MAXIMUM_DISTANCE_FROM_OBJECT_NAME = 0xffff + DEBUGGER_READ_AND_WRITE_ON_MSR_APPLY_ALL_CORES = 0xffffffff + DEBUGGER_DEBUGGEE_IS_RUNNING_NO_CORE = 0xffffffff + DEBUGGER_EVENT_APPLY_TO_ALL_CORES = 0xffffffff + DEBUGGER_EVENT_APPLY_TO_ALL_PROCESSES = 0xffffffff + DEBUGGER_EVENT_MSR_READ_OR_WRITE_ALL_MSRS = 0xffffffff + DEBUGGER_EVENT_EXCEPTIONS_ALL_FIRST_32_ENTRIES = 0xffffffff + DEBUGGER_EVENT_SYSCALL_ALL_SYSRET_OR_SYSCALLS = 0xffffffff + DEBUGGER_EVENT_ALL_IO_PORTS = 0xffffffff + DEBUGGEE_BP_APPLY_TO_ALL_CORES = 0xffffffff + DEBUGGEE_BP_APPLY_TO_ALL_PROCESSES = 0xffffffff + DEBUGGEE_BP_APPLY_TO_ALL_THREADS = 0xffffffff + DEBUGGEE_SHOW_ALL_REGISTERS = 0xffffffff +) + +func LOWORD(l uint32) uint16 { return uint16(l) } +func LOBYTE(l uint32) uint8 { return byte(l) } +func HIWORD(l uint32) uint16 { return uint16(l >> 16) } +func HIBYTE(l uint32) uint8 { return byte(l >> 24) } diff --git a/old_delete/sdk_old/Headers/Constants.h_test.go b/old_delete/sdk_old/Headers/Constants.h_test.go new file mode 100644 index 000000000..4479ec909 --- /dev/null +++ b/old_delete/sdk_old/Headers/Constants.h_test.go @@ -0,0 +1,20 @@ +package Headers + +import ( + "encoding/binary" + "testing" + + "github.com/stretchr/testify/assert" +) + +func TestSizeof(t *testing.T) { + assert.Equal(t, 11, binary.Size(DEBUGGER_REMOTE_PACKET{})) +} + +func TestHIBYTE(t *testing.T) { + v := uint32(0x11223344) + assert.Equal(t, byte(0x11), HIBYTE(v)) + assert.Equal(t, uint16(0x1122), HIWORD(v)) + assert.Equal(t, byte(0x44), LOBYTE(v)) + assert.Equal(t, uint16(0x3344), LOWORD(v)) +} diff --git a/old_delete/sdk_old/Headers/Datatypes.h b/old_delete/sdk_old/Headers/Datatypes.h new file mode 100644 index 000000000..f8dde9709 --- /dev/null +++ b/old_delete/sdk_old/Headers/Datatypes.h @@ -0,0 +1,141 @@ +/** + * @file Datatypes.h + * @author Sina Karvandi (sina@hyperdbg.org) + * @brief HyperDbg's SDK data type definitions + * @details This file contains definitions of structures, enums, etc. + * used in HyperDbg + * @version 0.2 + * @date 2022-06-22 + * + * @copyright This project is released under the GNU Public License v3. + * + */ +#pragma once + +////////////////////////////////////////////////// +// Callback Definitions // +////////////////////////////////////////////////// + +/** + * @brief Callback type that can be used to be used + * as a custom ShowMessages function + * + */ +typedef int (*Callback)(const char * Text); + +////////////////////////////////////////////////// +// Communications // +////////////////////////////////////////////////// + +/** + * @brief The structure of user-input packet in HyperDbg + * + */ +typedef struct _DEBUGGEE_USER_INPUT_PACKET +{ + UINT32 CommandLen; + BOOLEAN IgnoreFinishedSignal; + UINT32 Result; + + // + // The user's input is here + // + +} DEBUGGEE_USER_INPUT_PACKET, *PDEBUGGEE_USER_INPUT_PACKET; + +/** + * @brief The structure of user-input packet in HyperDbg + * + */ +typedef struct _DEBUGGEE_EVENT_AND_ACTION_HEADER_FOR_REMOTE_PACKET +{ + UINT32 Length; + + // + // The buffer for event and action is here + // + +} DEBUGGEE_EVENT_AND_ACTION_HEADER_FOR_REMOTE_PACKET, + *PDEBUGGEE_EVENT_AND_ACTION_HEADER_FOR_REMOTE_PACKET; + +////////////////////////////////////////////////// +// Pausing // +////////////////////////////////////////////////// + +#define SIZEOF_DEBUGGER_PAUSE_PACKET_RECEIVED \ + sizeof(DEBUGGER_PAUSE_PACKET_RECEIVED) + +/** + * @brief request to pause and halt the system + * + */ +typedef struct _DEBUGGER_PAUSE_PACKET_RECEIVED +{ + UINT32 Result; // Result from kernel + +} DEBUGGER_PAUSE_PACKET_RECEIVED, *PDEBUGGER_PAUSE_PACKET_RECEIVED; + +/* ============================================================================================== + */ + +/** + * @brief The structure of pausing packet in kHyperDbg + * + */ +typedef struct _DEBUGGEE_KD_PAUSED_PACKET +{ + UINT64 Rip; + BOOLEAN Is32BitAddress; // if true shows that the address should be interpreted in 32-bit mode + DEBUGGEE_PAUSING_REASON PausingReason; + ULONG CurrentCore; + UINT64 EventTag; + UINT64 Rflags; + BYTE InstructionBytesOnRip[MAXIMUM_INSTR_SIZE]; + UINT16 ReadInstructionLen; + +} DEBUGGEE_KD_PAUSED_PACKET, *PDEBUGGEE_KD_PAUSED_PACKET; + +/* ============================================================================================== + */ + +/** + * @brief The structure of pausing packet in uHyperDbg + * + */ +typedef struct _DEBUGGEE_UD_PAUSED_PACKET +{ + UINT64 Rip; + UINT64 ProcessDebuggingToken; + BOOLEAN Is32Bit; // if true shows that the address should be interpreted in 32-bit mode + DEBUGGEE_PAUSING_REASON PausingReason; + UINT32 ProcessId; + UINT32 ThreadId; + UINT64 EventTag; + UINT64 Rflags; + BYTE InstructionBytesOnRip[MAXIMUM_INSTR_SIZE]; + UINT16 ReadInstructionLen; + GUEST_REGS GuestRegs; + +} DEBUGGEE_UD_PAUSED_PACKET, *PDEBUGGEE_UD_PAUSED_PACKET; + +/** + * @brief check so the DEBUGGEE_UD_PAUSED_PACKET should be smaller than packet size + * + */ +static_assert(sizeof(DEBUGGEE_UD_PAUSED_PACKET) < PacketChunkSize, + "err (static_assert), size of PacketChunkSize should be bigger than DEBUGGEE_UD_PAUSED_PACKET"); + +////////////////////////////////////////////////// +// Debugger // +////////////////////////////////////////////////// + +/** + * @brief The structure of message packet in HyperDbg + * + */ +typedef struct _DEBUGGEE_MESSAGE_PACKET +{ + UINT32 OperationCode; + CHAR Message[PacketChunkSize]; + +} DEBUGGEE_MESSAGE_PACKET, *PDEBUGGEE_MESSAGE_PACKET; diff --git a/old_delete/sdk_old/Headers/Datatypes.h.go b/old_delete/sdk_old/Headers/Datatypes.h.go new file mode 100644 index 000000000..68bd025ab --- /dev/null +++ b/old_delete/sdk_old/Headers/Datatypes.h.go @@ -0,0 +1,82 @@ +package Headers + +import ( + "encoding/binary" +) + +type ( + CallBack func(Text *int8) int +) + +type ( + DEBUGGEE_USER_INPUT_PACKET struct { + CommandLen uint32 + IgnoreFinishedSignal bool + Result uint32 + // The user's input is here + } + PDEBUGGEE_USER_INPUT_PACKET *DEBUGGEE_USER_INPUT_PACKET + + DEBUGGEE_EVENT_AND_ACTION_HEADER_FOR_REMOTE_PACKET struct { + Length uint32 + // The buffer for event and action is here + } + PDEBUGGEE_EVENT_AND_ACTION_HEADER_FOR_REMOTE_PACKET *DEBUGGEE_EVENT_AND_ACTION_HEADER_FOR_REMOTE_PACKET +) + +var SIZEOF_DEBUGGER_PAUSE_PACKET_RECEIVED = binary.Size(DEBUGGER_PAUSE_PACKET_RECEIVED{}) + +type ( + DEBUGGER_PAUSE_PACKET_RECEIVED struct { + Result uint32 // Result from kernel + } + PDEBUGGER_PAUSE_PACKET_RECEIVED *DEBUGGER_PAUSE_PACKET_RECEIVED +) + +type ( + DEBUGGEE_KD_PAUSED_PACKET struct { + Rip uint64 + Is32BitAddress bool // if true shows that the address should be interpreted in 32-bit mode + PausingReason DEBUGGEE_PAUSING_REASON + CurrentCore uint32 + EventTag uint64 + Rflags uint64 + InstructionBytesOnRip [MAXIMUM_INSTR_SIZE]byte + ReadInstructionLen uint16 + } + PDEBUGGEE_KD_PAUSED_PACKET *DEBUGGEE_KD_PAUSED_PACKET +) + +type ( + DEBUGGEE_UD_PAUSED_PACKET struct { + Rip uint64 + ProcessDebuggingToken uint64 + Is32Bit bool // if true shows that the address should be interpreted in 32-bit mode + PausingReason DEBUGGEE_PAUSING_REASON + ProcessId uint32 + ThreadId uint32 + EventTag uint64 + Rflags uint64 + InstructionBytesOnRip [MAXIMUM_INSTR_SIZE]byte + ReadInstructionLen uint16 + GuestRegs GUEST_REGS + } + PDEBUGGEE_UD_PAUSED_PACKET *DEBUGGEE_UD_PAUSED_PACKET +) + +// static_assert(sizeof(DEBUGGEE_UD_PAUSED_PACKET) < PacketChunkSize, +// "err (static_assert), size of PacketChunkSize should be bigger than DEBUGGEE_UD_PAUSED_PACKET"); + +func init() { + if binary.Size(DEBUGGEE_UD_PAUSED_PACKET{}) < PacketChunkSize { + // mylog.Check("err (static_assert), size of PacketChunkSize should be bigger than DEBUGGEE_UD_PAUSED_PACKET") + } +} + +type ( + DEBUGGEE_MESSAGE_PACKET struct { + OperationCode uint32 + Message [PacketChunkSize]byte + } + PDEBUGGEE_MESSAGE_PACKET *PDEBUGGEE_MESSAGE_PACKET +) diff --git a/old_delete/sdk_old/Headers/ErrorCodes.h b/old_delete/sdk_old/Headers/ErrorCodes.h new file mode 100644 index 000000000..f036fc5b1 --- /dev/null +++ b/old_delete/sdk_old/Headers/ErrorCodes.h @@ -0,0 +1,399 @@ +/** + * @file ErrorCodes.h + * @author Sina Karvandi (sina@hyperdbg.org) + * @brief HyperDbg's SDK Error codes + * @details This file contains definitions of error codes used in HyperDbg + * @version 0.2 + * @date 2022-06-24 + * + * @copyright This project is released under the GNU Public License v3. + * + */ +#pragma once + +////////////////////////////////////////////////// +// Success Codes // +////////////////////////////////////////////////// + +/** + * @brief General value to indicate that the operation or + * request was successful + * + */ +#define DEBUGGER_OPERATION_WAS_SUCCESSFUL 0xFFFFFFFF + +////////////////////////////////////////////////// +// Error Codes // +////////////////////////////////////////////////// + +/** + * @brief error, the tag not exist + * + */ +#define DEBUGGER_ERROR_TAG_NOT_EXISTS 0xc0000000 + +/** + * @brief error, invalid type of action + * + */ +#define DEBUGGER_ERROR_INVALID_ACTION_TYPE 0xc0000001 + +/** + * @brief error, the action buffer size is invalid + * + */ +#define DEBUGGER_ERROR_ACTION_BUFFER_SIZE_IS_ZERO 0xc0000002 + +/** + * @brief error, the event type is unknown + * + */ +#define DEBUGGER_ERROR_EVENT_TYPE_IS_INVALID 0xc0000003 + +/** + * @brief error, enable to create event + * + */ +#define DEBUGGER_ERROR_UNABLE_TO_CREATE_EVENT 0xc0000004 + +/** + * @brief error, invalid address specified for debugger + * + */ +#define DEBUGGER_ERROR_INVALID_ADDRESS 0xc0000005 + +/** + * @brief error, the core id is invalid + * + */ +#define DEBUGGER_ERROR_INVALID_CORE_ID 0xc0000006 + +/** + * @brief error, the index is greater than 32 in !exception command + * + */ +#define DEBUGGER_ERROR_EXCEPTION_INDEX_EXCEED_FIRST_32_ENTRIES 0xc0000007 + +/** + * @brief error, the index for !interrupt command is not between 32 to 256 + * + */ +#define DEBUGGER_ERROR_INTERRUPT_INDEX_IS_NOT_VALID 0xc0000008 + +/** + * @brief error, unable to hide the debugger and enter to transparent-mode + * + */ +#define DEBUGGER_ERROR_UNABLE_TO_HIDE_OR_UNHIDE_DEBUGGER 0xc0000009 + +/** + * @brief error, the debugger is already in transparent-mode + * + */ +#define DEBUGGER_ERROR_DEBUGGER_ALREADY_UHIDE 0xc000000a + +/** + * @brief error, invalid parameters in !e* e* commands + * + */ +#define DEBUGGER_ERROR_EDIT_MEMORY_STATUS_INVALID_PARAMETER 0xc000000b + +/** + * @brief error, an invalid address is specified based on current cr3 + * in !e* or e* commands + * + */ +#define DEBUGGER_ERROR_EDIT_MEMORY_STATUS_INVALID_ADDRESS_BASED_ON_CURRENT_PROCESS \ + 0xc000000c + +/** + * @brief error, an invalid address is specified based on anotehr process's cr3 + * in !e* or e* commands + * + */ +#define DEBUGGER_ERROR_EDIT_MEMORY_STATUS_INVALID_ADDRESS_BASED_ON_OTHER_PROCESS \ + 0xc000000d + +/** + * @brief error, invalid tag for 'events' command (tag id is unknown for kernel) + * + */ +#define DEBUGGER_ERROR_MODIFY_EVENTS_INVALID_TAG 0xc000000e + +/** + * @brief error, type of action (enable/disable/clear) is wrong + * + */ +#define DEBUGGER_ERROR_MODIFY_EVENTS_INVALID_TYPE_OF_ACTION 0xc000000f + +/** + * @brief error, invalid parameters steppings actions + * + */ +#define DEBUGGER_ERROR_STEPPING_INVALID_PARAMETER 0xc0000010 + +/** + * @brief error, thread is invalid (not found) or disabled in + * stepping (step-in & step-out) requests + * + */ +#define DEBUGGER_ERROR_STEPPINGS_EITHER_THREAD_NOT_FOUND_OR_DISABLED 0xc0000011 + +/** + * @brief error, baud rate is invalid + * + */ +#define DEBUGGER_ERROR_PREPARING_DEBUGGEE_INVALID_BAUDRATE 0xc0000012 + +/** + * @brief error, serial port address is invalid + * + */ +#define DEBUGGER_ERROR_PREPARING_DEBUGGEE_INVALID_SERIAL_PORT 0xc0000013 + +/** + * @brief error, invalid core selected in changing core in remote debuggee + * + */ +#define DEBUGGER_ERROR_PREPARING_DEBUGGEE_INVALID_CORE_IN_REMOTE_DEBUGGE \ + 0xc0000014 + +/** + * @brief error, invalid process selected in changing process in remote debuggee + * + */ +#define DEBUGGER_ERROR_PREPARING_DEBUGGEE_UNABLE_TO_SWITCH_TO_NEW_PROCESS \ + 0xc0000015 + +/** + * @brief error, unable to run script in remote debuggee + * + */ +#define DEBUGGER_ERROR_PREPARING_DEBUGGEE_TO_RUN_SCRIPT 0xc0000016 + +/** + * @brief error, invalid register number + * + */ +#define DEBUGGER_ERROR_INVALID_REGISTER_NUMBER 0xc0000017 + +/** + * @brief error, maximum pools were used without continueing debuggee + * + */ +#define DEBUGGER_ERROR_MAXIMUM_BREAKPOINT_WITHOUT_CONTINUE 0xc0000018 + +/** + * @brief error, breakpoint already exists on the target address + * + */ +#define DEBUGGER_ERROR_BREAKPOINT_ALREADY_EXISTS_ON_THE_ADDRESS 0xc0000019 + +/** + * @brief error, breakpoint id not found + * + */ +#define DEBUGGER_ERROR_BREAKPOINT_ID_NOT_FOUND 0xc000001a + +/** + * @brief error, breakpoint already disabled + * + */ +#define DEBUGGER_ERROR_BREAKPOINT_ALREADY_DISABLED 0xc000001b + +/** + * @brief error, breakpoint already enabled + * + */ +#define DEBUGGER_ERROR_BREAKPOINT_ALREADY_ENABLED 0xc000001c + +/** + * @brief error, memory type is invalid + * + */ +#define DEBUGGER_ERROR_MEMORY_TYPE_INVALID 0xc000001d + +/** + * @brief error, the process id is invalid + * + */ +#define DEBUGGER_ERROR_INVALID_PROCESS_ID 0xc000001e + +/** + * @brief error, for event specific reasons the event is not + * applied + * + */ +#define DEBUGGER_ERROR_EVENT_IS_NOT_APPLIED 0xc000001f + +/** + * @brief error, for process switch or process details, invalid parameter + * + */ +#define DEBUGGER_ERROR_DETAILS_OR_SWITCH_PROCESS_INVALID_PARAMETER 0xc0000020 + +/** + * @brief error, for thread switch or thread details, invalid parameter + * + */ +#define DEBUGGER_ERROR_DETAILS_OR_SWITCH_THREAD_INVALID_PARAMETER 0xc0000021 + +/** + * @brief error, maximum breakpoint for a single page is hit + * + */ +#define DEBUGGER_ERROR_MAXIMUM_BREAKPOINT_FOR_A_SINGLE_PAGE_IS_HIT 0xc0000022 + +/** + * @brief error, there is no pre-allocated buffer + * + */ +#define DEBUGGER_ERROR_PRE_ALLOCATED_BUFFER_IS_EMPTY 0xc0000023 + +/** + * @brief error, in the EPT handler, it could not split the 2MB pages to + * 512 entries of 4 KB pages + * + */ +#define DEBUGGER_ERROR_EPT_COULD_NOT_SPLIT_THE_LARGE_PAGE_TO_4KB_PAGES 0xc0000024 + +/** + * @brief error, failed to get PML1 entry of the target address + * + */ +#define DEBUGGER_ERROR_EPT_FAILED_TO_GET_PML1_ENTRY_OF_TARGET_ADDRESS 0xc0000025 + +/** + * @brief error, multiple EPT Hooks or Monitors are applied on a single page + * + */ +#define DEBUGGER_ERROR_EPT_MULTIPLE_HOOKS_IN_A_SINGLE_PAGE 0xc0000026 + +/** + * @brief error, could not build the EPT Hook + * + */ +#define DEBUGGER_ERROR_COULD_NOT_BUILD_THE_EPT_HOOK 0xc0000027 + +/** + * @brief error, could not find the type of allocation + * + */ +#define DEBUGGER_ERROR_COULD_NOT_FIND_ALLOCATION_TYPE 0xc0000028 + +/** + * @brief error, could not find the index of test query + * + */ +#define DEBUGGER_ERROR_INVALID_TEST_QUERY_INDEX 0xc0000029 + +/** + * @brief error, failed to attach to the target user-mode process + * + */ +#define DEBUGGER_ERROR_UNABLE_TO_ATTACH_TO_TARGET_USER_MODE_PROCESS 0xc000002a + +/** + * @brief error, failed to remove hooks as entrypoint is not reached yet + * @details The caller of this functionality should keep sending the previous + * IOCTL until the hook is remove successfully + * + */ +#define DEBUGGER_ERROR_UNABLE_TO_REMOVE_HOOKS_ENTRYPOINT_NOT_REACHED 0xc000002b + +/** + * @brief error, could not remove the previous hook + * + */ +#define DEBUGGER_ERROR_UNABLE_TO_REMOVE_HOOKS 0xc000002c + +/** + * @brief error, the needed routines for debugging is not initialized + * + */ +#define DEBUGGER_ERROR_FUNCTIONS_FOR_INITIALIZING_PEB_ADDRESSES_ARE_NOT_INITIALIZED 0xc000002d + +/** + * @brief error, unable to get 32-bit or 64-bit of the target process + * + */ +#define DEBUGGER_ERROR_UNABLE_TO_DETECT_32_BIT_OR_64_BIT_PROCESS 0xc000002e + +/** + * @brief error, unable to kill the target process + * + */ +#define DEBUGGER_ERROR_UNABLE_TO_KILL_THE_PROCESS 0xc000002f + +/** + * @brief error, invalid thread debugging token + * + */ +#define DEBUGGER_ERROR_INVALID_THREAD_DEBUGGING_TOKEN 0xc0000030 + +/** + * @brief error, unable to pause the process's threads + * + */ +#define DEBUGGER_ERROR_UNABLE_TO_PAUSE_THE_PROCESS_THREADS 0xc0000031 + +/** + * @brief error, user debugger already attached to this process + * + */ +#define DEBUGGER_ERROR_UNABLE_TO_ATTACH_TO_AN_ALREADY_ATTACHED_PROCESS 0xc0000032 + +/** + * @brief error, the user debugger is not attached to the target process + * + */ +#define DEBUGGER_ERROR_THE_USER_DEBUGGER_NOT_ATTACHED_TO_THE_PROCESS 0xc0000033 + +/** + * @brief error, cannot detach from the process as there are paused threads + * + */ +#define DEBUGGER_ERROR_UNABLE_TO_DETACH_AS_THERE_ARE_PAUSED_THREADS 0xc0000034 + +/** + * @brief error, cannot switch to new thread as the process id or thread id is not found + * + */ +#define DEBUGGER_ERROR_UNABLE_TO_SWITCH_PROCESS_ID_OR_THREAD_ID_IS_INVALID 0xc0000035 + +/** + * @brief error, cannot switch to new thread the process doesn't contain an active thread + * + */ +#define DEBUGGER_ERROR_UNABLE_TO_SWITCH_THERE_IS_NO_THREAD_ON_THE_PROCESS 0xc0000036 + +/** + * @brief error, unable to get modules + * + */ +#define DEBUGGER_ERROR_UNABLE_TO_GET_MODULES_OF_THE_PROCESS 0xc0000037 + +/** + * @brief error, unable to get the callstack + * + */ +#define DEBUGGER_ERROR_UNABLE_TO_GET_CALLSTACK 0xc0000038 + +/** + * @brief error, unable to query count of processes or threads + * + */ +#define DEBUGGER_ERROR_UNABLE_TO_QUERY_COUNT_OF_PROCESSES_OR_THREADS 0xc0000039 + +/** + * @brief error, using short-circuiting event with post-event mode is + * not supported in HyperDbg + * + */ +#define DEBUGGER_ERROR_USING_SHORT_CIRCUITING_EVENT_WITH_POST_EVENT_MODE_IS_FORBIDDEDN 0xc000003a + +// +// WHEN YOU ADD ANYTHING TO THIS LIST OF ERRORS, THEN +// MAKE SURE TO ADD AN ERROR MESSAGE TO ShowErrorMessage(UINT32 Error) +// FUNCTION +// diff --git a/old_delete/sdk_old/Headers/ErrorCodes.h.go b/old_delete/sdk_old/Headers/ErrorCodes.h.go new file mode 100644 index 000000000..19add617d --- /dev/null +++ b/old_delete/sdk_old/Headers/ErrorCodes.h.go @@ -0,0 +1,196 @@ +package Headers + +import "fmt" + +type ErrorCodes int + +const ( + DEBUGGER_OPERATION_WAS_SUCCESSFUL ErrorCodes = 0xFFFFFFFF + DEBUGGER_ERROR_TAG_NOT_EXISTS = 0xc0000000 + DEBUGGER_ERROR_INVALID_ACTION_TYPE = 0xc0000001 + DEBUGGER_ERROR_ACTION_BUFFER_SIZE_IS_ZERO = 0xc0000002 + DEBUGGER_ERROR_EVENT_TYPE_IS_INVALID = 0xc0000003 + DEBUGGER_ERROR_UNABLE_TO_CREATE_EVENT = 0xc0000004 + DEBUGGER_ERROR_INVALID_ADDRESS = 0xc0000005 + DEBUGGER_ERROR_INVALID_CORE_ID = 0xc0000006 + DEBUGGER_ERROR_EXCEPTION_INDEX_EXCEED_FIRST_32_ENTRIES = 0xc0000007 + DEBUGGER_ERROR_INTERRUPT_INDEX_IS_NOT_VALID = 0xc0000008 + DEBUGGER_ERROR_UNABLE_TO_HIDE_OR_UNHIDE_DEBUGGER = 0xc0000009 + DEBUGGER_ERROR_DEBUGGER_ALREADY_UHIDE = 0xc000000a + DEBUGGER_ERROR_EDIT_MEMORY_STATUS_INVALID_PARAMETER = 0xc000000b + DEBUGGER_ERROR_EDIT_MEMORY_STATUS_INVALID_ADDRESS_BASED_ON_CURRENT_PROCESS = 0xc000000c + DEBUGGER_ERROR_EDIT_MEMORY_STATUS_INVALID_ADDRESS_BASED_ON_OTHER_PROCESS = 0xc000000d + DEBUGGER_ERROR_MODIFY_EVENTS_INVALID_TAG = 0xc000000e + DEBUGGER_ERROR_MODIFY_EVENTS_INVALID_TYPE_OF_ACTION = 0xc000000f + DEBUGGER_ERROR_STEPPING_INVALID_PARAMETER = 0xc0000010 + DEBUGGER_ERROR_STEPPINGS_EITHER_THREAD_NOT_FOUND_OR_DISABLED = 0xc0000011 + DEBUGGER_ERROR_PREPARING_DEBUGGEE_INVALID_BAUDRATE = 0xc0000012 + DEBUGGER_ERROR_PREPARING_DEBUGGEE_INVALID_SERIAL_PORT = 0xc0000013 + DEBUGGER_ERROR_PREPARING_DEBUGGEE_INVALID_CORE_IN_REMOTE_DEBUGGE = 0xc0000014 + DEBUGGER_ERROR_PREPARING_DEBUGGEE_UNABLE_TO_SWITCH_TO_NEW_PROCESS = 0xc0000015 + DEBUGGER_ERROR_PREPARING_DEBUGGEE_TO_RUN_SCRIPT = 0xc0000016 + DEBUGGER_ERROR_INVALID_REGISTER_NUMBER = 0xc0000017 + DEBUGGER_ERROR_MAXIMUM_BREAKPOINT_WITHOUT_CONTINUE = 0xc0000018 + DEBUGGER_ERROR_BREAKPOINT_ALREADY_EXISTS_ON_THE_ADDRESS = 0xc0000019 + DEBUGGER_ERROR_BREAKPOINT_ID_NOT_FOUND = 0xc000001a + DEBUGGER_ERROR_BREAKPOINT_ALREADY_DISABLED = 0xc000001b + DEBUGGER_ERROR_BREAKPOINT_ALREADY_ENABLED = 0xc000001c + DEBUGGER_ERROR_MEMORY_TYPE_INVALID = 0xc000001d + DEBUGGER_ERROR_INVALID_PROCESS_ID = 0xc000001e + DEBUGGER_ERROR_EVENT_IS_NOT_APPLIED = 0xc000001f + DEBUGGER_ERROR_DETAILS_OR_SWITCH_PROCESS_INVALID_PARAMETER = 0xc0000020 + DEBUGGER_ERROR_DETAILS_OR_SWITCH_THREAD_INVALID_PARAMETER = 0xc0000021 + DEBUGGER_ERROR_MAXIMUM_BREAKPOINT_FOR_A_SINGLE_PAGE_IS_HIT = 0xc0000022 + DEBUGGER_ERROR_PRE_ALLOCATED_BUFFER_IS_EMPTY = 0xc0000023 + DEBUGGER_ERROR_EPT_COULD_NOT_SPLIT_THE_LARGE_PAGE_TO_4KB_PAGES = 0xc0000024 + DEBUGGER_ERROR_EPT_FAILED_TO_GET_PML1_ENTRY_OF_TARGET_ADDRESS = 0xc0000025 + DEBUGGER_ERROR_EPT_MULTIPLE_HOOKS_IN_A_SINGLE_PAGE = 0xc0000026 + DEBUGGER_ERROR_COULD_NOT_BUILD_THE_EPT_HOOK = 0xc0000027 + DEBUGGER_ERROR_COULD_NOT_FIND_ALLOCATION_TYPE = 0xc0000028 + DEBUGGER_ERROR_INVALID_TEST_QUERY_INDEX = 0xc0000029 + DEBUGGER_ERROR_UNABLE_TO_ATTACH_TO_TARGET_USER_MODE_PROCESS = 0xc000002a + DEBUGGER_ERROR_UNABLE_TO_REMOVE_HOOKS_ENTRYPOINT_NOT_REACHED = 0xc000002b + DEBUGGER_ERROR_UNABLE_TO_REMOVE_HOOKS = 0xc000002c + DEBUGGER_ERROR_FUNCTIONS_FOR_INITIALIZING_PEB_ADDRESSES_ARE_NOT_INITIALIZED = 0xc000002d + DEBUGGER_ERROR_UNABLE_TO_DETECT_32_BIT_OR_64_BIT_PROCESS = 0xc000002e + DEBUGGER_ERROR_UNABLE_TO_KILL_THE_PROCESS = 0xc000002f + DEBUGGER_ERROR_INVALID_THREAD_DEBUGGING_TOKEN = 0xc0000030 + DEBUGGER_ERROR_UNABLE_TO_PAUSE_THE_PROCESS_THREADS = 0xc0000031 + DEBUGGER_ERROR_UNABLE_TO_ATTACH_TO_AN_ALREADY_ATTACHED_PROCESS = 0xc0000032 + DEBUGGER_ERROR_THE_USER_DEBUGGER_NOT_ATTACHED_TO_THE_PROCESS = 0xc0000033 + DEBUGGER_ERROR_UNABLE_TO_DETACH_AS_THERE_ARE_PAUSED_THREADS = 0xc0000034 + DEBUGGER_ERROR_UNABLE_TO_SWITCH_PROCESS_ID_OR_THREAD_ID_IS_INVALID = 0xc0000035 + DEBUGGER_ERROR_UNABLE_TO_SWITCH_THERE_IS_NO_THREAD_ON_THE_PROCESS = 0xc0000036 + DEBUGGER_ERROR_UNABLE_TO_GET_MODULES_OF_THE_PROCESS = 0xc0000037 + DEBUGGER_ERROR_UNABLE_TO_GET_CALLSTACK = 0xc0000038 + DEBUGGER_ERROR_UNABLE_TO_QUERY_COUNT_OF_PROCESSES_OR_THREADS = 0xc0000039 + DEBUGGER_ERROR_USING_SHORT_CIRCUITING_EVENT_WITH_POST_EVENT_MODE_IS_FORBIDDEDN = 0xc000003a +) + +func (e ErrorCodes) String() string { + switch e { + case DEBUGGER_OPERATION_WAS_SUCCESSFUL: + return "DebuggerOperationWasSuccessful" + case DEBUGGER_ERROR_TAG_NOT_EXISTS: + return "DebuggerErrorTagNotExists" + case DEBUGGER_ERROR_INVALID_ACTION_TYPE: + return "DebuggerErrorInvalidActionType" + case DEBUGGER_ERROR_ACTION_BUFFER_SIZE_IS_ZERO: + return "DebuggerErrorActionBufferSizeIsZero" + case DEBUGGER_ERROR_EVENT_TYPE_IS_INVALID: + return "DebuggerErrorEventTypeIsInvalid" + case DEBUGGER_ERROR_UNABLE_TO_CREATE_EVENT: + return "DebuggerErrorUnableToCreateEvent" + case DEBUGGER_ERROR_INVALID_ADDRESS: + return "DebuggerErrorInvalidAddress" + case DEBUGGER_ERROR_INVALID_CORE_ID: + return "DebuggerErrorInvalidCoreId" + case DEBUGGER_ERROR_EXCEPTION_INDEX_EXCEED_FIRST_32_ENTRIES: + return "DebuggerErrorExceptionIndexExceedFirst32Entries" + case DEBUGGER_ERROR_INTERRUPT_INDEX_IS_NOT_VALID: + return "DebuggerErrorInterruptIndexIsNotValid" + case DEBUGGER_ERROR_UNABLE_TO_HIDE_OR_UNHIDE_DEBUGGER: + return "DebuggerErrorUnableToHideOrUnhideDebugger" + case DEBUGGER_ERROR_DEBUGGER_ALREADY_UHIDE: + return "DebuggerErrorDebuggerAlreadyUhide" + case DEBUGGER_ERROR_EDIT_MEMORY_STATUS_INVALID_PARAMETER: + return "DebuggerErrorEditMemoryStatusInvalidParameter" + case DEBUGGER_ERROR_EDIT_MEMORY_STATUS_INVALID_ADDRESS_BASED_ON_CURRENT_PROCESS: + return "DebuggerErrorEditMemoryStatusInvalidAddressBasedOnCurrentProcess" + case DEBUGGER_ERROR_EDIT_MEMORY_STATUS_INVALID_ADDRESS_BASED_ON_OTHER_PROCESS: + return "DebuggerErrorEditMemoryStatusInvalidAddressBasedOnOtherProcess" + case DEBUGGER_ERROR_MODIFY_EVENTS_INVALID_TAG: + return "DebuggerErrorModifyEventsInvalidTag" + case DEBUGGER_ERROR_MODIFY_EVENTS_INVALID_TYPE_OF_ACTION: + return "DebuggerErrorModifyEventsInvalidTypeOfAction" + case DEBUGGER_ERROR_STEPPING_INVALID_PARAMETER: + return "DebuggerErrorSteppingInvalidParameter" + case DEBUGGER_ERROR_STEPPINGS_EITHER_THREAD_NOT_FOUND_OR_DISABLED: + return "DebuggerErrorSteppingsEitherThreadNotFoundOrDisabled" + case DEBUGGER_ERROR_PREPARING_DEBUGGEE_INVALID_BAUDRATE: + return "DebuggerErrorPreparingDebuggeeInvalidBaudrate" + case DEBUGGER_ERROR_PREPARING_DEBUGGEE_INVALID_SERIAL_PORT: + return "DebuggerErrorPreparingDebuggeeInvalidSerialPort" + case DEBUGGER_ERROR_PREPARING_DEBUGGEE_INVALID_CORE_IN_REMOTE_DEBUGGE: + return "DebuggerErrorPreparingDebuggeeInvalidCoreInRemoteDebugge" + case DEBUGGER_ERROR_PREPARING_DEBUGGEE_UNABLE_TO_SWITCH_TO_NEW_PROCESS: + return "DebuggerErrorPreparingDebuggeeUnableToSwitchToNewProcess" + case DEBUGGER_ERROR_PREPARING_DEBUGGEE_TO_RUN_SCRIPT: + return "DebuggerErrorPreparingDebuggeeToRunScript" + case DEBUGGER_ERROR_INVALID_REGISTER_NUMBER: + return "DebuggerErrorInvalidRegisterNumber" + case DEBUGGER_ERROR_MAXIMUM_BREAKPOINT_WITHOUT_CONTINUE: + return "DebuggerErrorMaximumBreakpointWithoutContinue" + case DEBUGGER_ERROR_BREAKPOINT_ALREADY_EXISTS_ON_THE_ADDRESS: + return "DebuggerErrorBreakpointAlreadyExistsOnTheAddress" + case DEBUGGER_ERROR_BREAKPOINT_ID_NOT_FOUND: + return "DebuggerErrorBreakpointIdNotFound" + case DEBUGGER_ERROR_BREAKPOINT_ALREADY_DISABLED: + return "DebuggerErrorBreakpointAlreadyDisabled" + case DEBUGGER_ERROR_BREAKPOINT_ALREADY_ENABLED: + return "DebuggerErrorBreakpointAlreadyEnabled" + case DEBUGGER_ERROR_MEMORY_TYPE_INVALID: + return "DebuggerErrorMemoryTypeInvalid" + case DEBUGGER_ERROR_INVALID_PROCESS_ID: + return "DebuggerErrorInvalidProcessId" + case DEBUGGER_ERROR_EVENT_IS_NOT_APPLIED: + return "DebuggerErrorEventIsNotApplied" + case DEBUGGER_ERROR_DETAILS_OR_SWITCH_PROCESS_INVALID_PARAMETER: + return "DebuggerErrorDetailsOrSwitchProcessInvalidParameter" + case DEBUGGER_ERROR_DETAILS_OR_SWITCH_THREAD_INVALID_PARAMETER: + return "DebuggerErrorDetailsOrSwitchThreadInvalidParameter" + case DEBUGGER_ERROR_MAXIMUM_BREAKPOINT_FOR_A_SINGLE_PAGE_IS_HIT: + return "DebuggerErrorMaximumBreakpointForASinglePageIsHit" + case DEBUGGER_ERROR_PRE_ALLOCATED_BUFFER_IS_EMPTY: + return "DebuggerErrorPreAllocatedBufferIsEmpty" + case DEBUGGER_ERROR_EPT_COULD_NOT_SPLIT_THE_LARGE_PAGE_TO_4KB_PAGES: + return "DebuggerErrorEptCouldNotSplitTheLargePageTo4KbPages" + case DEBUGGER_ERROR_EPT_FAILED_TO_GET_PML1_ENTRY_OF_TARGET_ADDRESS: + return "DebuggerErrorEptFailedToGetPml1EntryOfTargetAddress" + case DEBUGGER_ERROR_EPT_MULTIPLE_HOOKS_IN_A_SINGLE_PAGE: + return "DebuggerErrorEptMultipleHooksInASinglePage" + case DEBUGGER_ERROR_COULD_NOT_BUILD_THE_EPT_HOOK: + return "DebuggerErrorCouldNotBuildTheEptHook" + case DEBUGGER_ERROR_COULD_NOT_FIND_ALLOCATION_TYPE: + return "DebuggerErrorCouldNotFindAllocationType" + case DEBUGGER_ERROR_INVALID_TEST_QUERY_INDEX: + return "DebuggerErrorInvalidTestQueryIndex" + case DEBUGGER_ERROR_UNABLE_TO_ATTACH_TO_TARGET_USER_MODE_PROCESS: + return "DebuggerErrorUnableToAttachToTargetUserModeProcess" + case DEBUGGER_ERROR_UNABLE_TO_REMOVE_HOOKS_ENTRYPOINT_NOT_REACHED: + return "DebuggerErrorUnableToRemoveHooksEntrypointNotReached" + case DEBUGGER_ERROR_UNABLE_TO_REMOVE_HOOKS: + return "DebuggerErrorUnableToRemoveHooks" + case DEBUGGER_ERROR_FUNCTIONS_FOR_INITIALIZING_PEB_ADDRESSES_ARE_NOT_INITIALIZED: + return "DebuggerErrorFunctionsForInitializingPebAddressesAreNotInitialized" + case DEBUGGER_ERROR_UNABLE_TO_DETECT_32_BIT_OR_64_BIT_PROCESS: + return "DebuggerErrorUnableToDetect32BitOr64BitProcess" + case DEBUGGER_ERROR_UNABLE_TO_KILL_THE_PROCESS: + return "DebuggerErrorUnableToKillTheProcess" + case DEBUGGER_ERROR_INVALID_THREAD_DEBUGGING_TOKEN: + return "DebuggerErrorInvalidThreadDebuggingToken" + case DEBUGGER_ERROR_UNABLE_TO_PAUSE_THE_PROCESS_THREADS: + return "DebuggerErrorUnableToPauseTheProcessThreads" + case DEBUGGER_ERROR_UNABLE_TO_ATTACH_TO_AN_ALREADY_ATTACHED_PROCESS: + return "DebuggerErrorUnableToAttachToAnAlreadyAttachedProcess" + case DEBUGGER_ERROR_THE_USER_DEBUGGER_NOT_ATTACHED_TO_THE_PROCESS: + return "DebuggerErrorTheUserDebuggerNotAttachedToTheProcess" + case DEBUGGER_ERROR_UNABLE_TO_DETACH_AS_THERE_ARE_PAUSED_THREADS: + return "DebuggerErrorUnableToDetachAsThereArePausedThreads" + case DEBUGGER_ERROR_UNABLE_TO_SWITCH_PROCESS_ID_OR_THREAD_ID_IS_INVALID: + return "DebuggerErrorUnableToSwitchProcessIdOrThreadIdIsInvalid" + case DEBUGGER_ERROR_UNABLE_TO_SWITCH_THERE_IS_NO_THREAD_ON_THE_PROCESS: + return "DebuggerErrorUnableToSwitchThereIsNoThreadOnTheProcess" + case DEBUGGER_ERROR_UNABLE_TO_GET_MODULES_OF_THE_PROCESS: + return "DebuggerErrorUnableToGetModulesOfTheProcess" + case DEBUGGER_ERROR_UNABLE_TO_GET_CALLSTACK: + return "DebuggerErrorUnableToGetCallstack" + case DEBUGGER_ERROR_UNABLE_TO_QUERY_COUNT_OF_PROCESSES_OR_THREADS: + return "DebuggerErrorUnableToQueryCountOfProcessesOrThreads" + case DEBUGGER_ERROR_USING_SHORT_CIRCUITING_EVENT_WITH_POST_EVENT_MODE_IS_FORBIDDEDN: + return "DebuggerErrorUsingShortCircuitingEventWithPostEventModeIsForbiddedn" + default: + return "" + return fmt.Sprint("unknown error code " + fmt.Sprintf("%d", e)) + } +} diff --git a/old_delete/sdk_old/Headers/Events.h b/old_delete/sdk_old/Headers/Events.h new file mode 100644 index 000000000..61ae5f6fb --- /dev/null +++ b/old_delete/sdk_old/Headers/Events.h @@ -0,0 +1,129 @@ +/** + * @file Events.h + * @author Sina Karvandi (sina@hyperdbg.org) + * @brief HyperDbg's SDK Headers for Events + * @details This file contains definitions of event datatypes + * @version 0.2 + * @date 2022-06-28 + * + * @copyright This project is released under the GNU Public License v3. + * + */ +#pragma once + +////////////////////////////////////////////////// +// Event Details // +////////////////////////////////////////////////// + +/** + * @brief enum to show type of all HyperDbg events + * + */ +typedef enum _DEBUGGER_EVENT_TYPE_ENUM +{ + + HIDDEN_HOOK_READ_AND_WRITE, + HIDDEN_HOOK_READ, + HIDDEN_HOOK_WRITE, + + HIDDEN_HOOK_EXEC_DETOURS, + HIDDEN_HOOK_EXEC_CC, + + SYSCALL_HOOK_EFER_SYSCALL, + SYSCALL_HOOK_EFER_SYSRET, + + CPUID_INSTRUCTION_EXECUTION, + + RDMSR_INSTRUCTION_EXECUTION, + WRMSR_INSTRUCTION_EXECUTION, + + IN_INSTRUCTION_EXECUTION, + OUT_INSTRUCTION_EXECUTION, + + EXCEPTION_OCCURRED, + EXTERNAL_INTERRUPT_OCCURRED, + + DEBUG_REGISTERS_ACCESSED, + + TSC_INSTRUCTION_EXECUTION, + PMC_INSTRUCTION_EXECUTION, + + VMCALL_INSTRUCTION_EXECUTION, + + CONTROL_REGISTER_MODIFIED, + CONTROL_REGISTER_READ, + +} DEBUGGER_EVENT_TYPE_ENUM; + +/** + * @brief Type of Actions + * + */ +typedef enum _DEBUGGER_EVENT_ACTION_TYPE_ENUM +{ + BREAK_TO_DEBUGGER, + RUN_SCRIPT, + RUN_CUSTOM_CODE + +} DEBUGGER_EVENT_ACTION_TYPE_ENUM; + +/** + * @brief Type of calling the event + * + */ +typedef enum _DEBUGGER_EVENT_CALLING_STAGE_TYPE +{ + DEBUGGER_CALLING_STAGE_PRE_EVENT_EMULATION, + DEBUGGER_CALLING_STAGE_POST_EVENT_EMULATION, + +} DEBUGGER_EVENT_CALLING_STAGE_TYPE; + +/** + * @brief Type of handling !syscall or !sysret + * + */ +typedef enum _DEBUGGER_EVENT_SYSCALL_SYSRET_TYPE +{ + DEBUGGER_EVENT_SYSCALL_SYSRET_SAFE_ACCESS_MEMORY = 0, + DEBUGGER_EVENT_SYSCALL_SYSRET_HANDLE_ALL_UD = 1, + +} DEBUGGER_EVENT_SYSCALL_SYSRET_TYPE; + +#define SIZEOF_DEBUGGER_MODIFY_EVENTS sizeof(DEBUGGER_MODIFY_EVENTS) + +/** + * @brief different types of modifing events request (enable/disable/clear) + * + */ +typedef enum _DEBUGGER_MODIFY_EVENTS_TYPE +{ + DEBUGGER_MODIFY_EVENTS_QUERY_STATE, + DEBUGGER_MODIFY_EVENTS_ENABLE, + DEBUGGER_MODIFY_EVENTS_DISABLE, + DEBUGGER_MODIFY_EVENTS_CLEAR, +} DEBUGGER_MODIFY_EVENTS_TYPE; + +/** + * @brief request for modifying events (enable/disable/clear) + * + */ +typedef struct _DEBUGGER_MODIFY_EVENTS +{ + UINT64 Tag; // Tag of the target event that we want to modify + UINT64 KernelStatus; // Kerenl put the status in this field + DEBUGGER_MODIFY_EVENTS_TYPE + TypeOfAction; // Determines what's the action (enable | disable | clear) + BOOLEAN IsEnabled; // Determines what's the action (enable | disable | clear) + +} DEBUGGER_MODIFY_EVENTS, *PDEBUGGER_MODIFY_EVENTS; + +/** + * @brief request for performing a short-circuiting event + * + */ +typedef struct _DEBUGGER_SHORT_CIRCUITING_EVENT +{ + UINT64 KernelStatus; // Kerenl put the status in this field + BOOLEAN IsShortCircuiting; // Determines whether to perform short circuting (on | off) + +} DEBUGGER_SHORT_CIRCUITING_EVENT, *PDEBUGGER_SHORT_CIRCUITING_EVENT; diff --git a/old_delete/sdk_old/Headers/Events.h.go b/old_delete/sdk_old/Headers/Events.h.go new file mode 100644 index 000000000..004e6c981 --- /dev/null +++ b/old_delete/sdk_old/Headers/Events.h.go @@ -0,0 +1,89 @@ +package Headers + +import "encoding/binary" + +type DEBUGGER_EVENT_TYPE_ENUM byte + +const ( + HIDDEN_HOOK_READ_AND_WRITE DEBUGGER_EVENT_TYPE_ENUM = iota + HIDDEN_HOOK_READ + HIDDEN_HOOK_WRITE + + HIDDEN_HOOK_EXEC_DETOURS + HIDDEN_HOOK_EXEC_CC + + SYSCALL_HOOK_EFER_SYSCALL + SYSCALL_HOOK_EFER_SYSRET + + CPUID_INSTRUCTION_EXECUTION + + RDMSR_INSTRUCTION_EXECUTION + WRMSR_INSTRUCTION_EXECUTION + + IN_INSTRUCTION_EXECUTION + OUT_INSTRUCTION_EXECUTION + + EXCEPTION_OCCURRED + EXTERNAL_INTERRUPT_OCCURRED + + DEBUG_REGISTERS_ACCESSED + + TSC_INSTRUCTION_EXECUTION + PMC_INSTRUCTION_EXECUTION + + VMCALL_INSTRUCTION_EXECUTION + + CONTROL_REGISTER_MODIFIED + CONTROL_REGISTER_READ +) + +type DEBUGGER_EVENT_ACTION_TYPE_ENUM byte + +const ( + BREAK_TO_DEBUGGER DEBUGGER_EVENT_ACTION_TYPE_ENUM = iota + RUN_SCRIPT + RUN_CUSTOM_CODE +) + +type DEBUGGER_EVENT_CALLING_STAGE_TYPE byte + +const ( + DEBUGGER_CALLING_STAGE_PRE_EVENT_EMULATION DEBUGGER_EVENT_CALLING_STAGE_TYPE = iota + DEBUGGER_CALLING_STAGE_POST_EVENT_EMULATION +) + +type DEBUGGER_EVENT_SYSCALL_SYSRET_TYPE byte + +const ( + DEBUGGER_EVENT_SYSCALL_SYSRET_SAFE_ACCESS_MEMORY DEBUGGER_EVENT_SYSCALL_SYSRET_TYPE = iota + DEBUGGER_EVENT_SYSCALL_SYSRET_HANDLE_ALL_UD = 1 +) + +var SIZEOF_DEBUGGER_MODIFY_EVENTS = binary.Size(DEBUGGER_MODIFY_EVENTS{}) + +type DEBUGGER_MODIFY_EVENTS_TYPE byte + +const ( + DEBUGGER_MODIFY_EVENTS_QUERY_STATE DEBUGGER_MODIFY_EVENTS_TYPE = iota + DEBUGGER_MODIFY_EVENTS_ENABLE + DEBUGGER_MODIFY_EVENTS_DISABLE + DEBUGGER_MODIFY_EVENTS_CLEAR +) + +type ( + DEBUGGER_MODIFY_EVENTS struct { + Tag uint64 // Tag of the target event that we want to modify + KernelStatus uint64 // Kerenl put the status in this field + TypeOfAction DEBUGGER_MODIFY_EVENTS_TYPE // Determines what's the action (enable | disable | clear) + IsEnabled bool // Determines what's the action (enable | disable | clear) + } + PDEBUGGER_MODIFY_EVENTS *DEBUGGER_MODIFY_EVENTS +) + +type ( + DEBUGGER_SHORT_CIRCUITING_EVENT struct { + KernelStatus uint64 // Kerenl put the status in this field + IsShortCircuiting bool // Determines whether to perform short circuting (on | off) + } + PDEBUGGER_SHORT_CIRCUITING_EVENT *DEBUGGER_SHORT_CIRCUITING_EVENT +) diff --git a/old_delete/sdk_old/Headers/Ioctls.h b/old_delete/sdk_old/Headers/Ioctls.h new file mode 100644 index 000000000..b0987eada --- /dev/null +++ b/old_delete/sdk_old/Headers/Ioctls.h @@ -0,0 +1,234 @@ +/** + * @file Ioctls.h + * @author Sina Karvandi (sina@hyperdbg.org) + * @brief HyperDbg's SDK IOCTL codes + * @details This file contains definitions of IOCTLs used in HyperDbg + * @version 0.2 + * @date 2022-06-24 + * + * @copyright This project is released under the GNU Public License v3. + * + */ +#pragma once + +////////////////////////////////////////////////// +// IOCTLs // +////////////////////////////////////////////////// + +/** + * @brief ioctl, register a new event + * + */ +#define IOCTL_REGISTER_EVENT \ + CTL_CODE(FILE_DEVICE_UNKNOWN, 0x800, METHOD_BUFFERED, FILE_ANY_ACCESS) + +/** + * @brief ioctl, irp pending mechanism for reading from message tracing buffers + * + */ +#define IOCTL_RETURN_IRP_PENDING_PACKETS_AND_DISALLOW_IOCTL \ + CTL_CODE(FILE_DEVICE_UNKNOWN, 0x801, METHOD_BUFFERED, FILE_ANY_ACCESS) + +/** + * @brief ioctl, to terminate vmx and exit form debugger + * + */ +#define IOCTL_TERMINATE_VMX \ + CTL_CODE(FILE_DEVICE_UNKNOWN, 0x802, METHOD_BUFFERED, FILE_ANY_ACCESS) + +/** + * @brief ioctl, request to read memory + * + */ +#define IOCTL_DEBUGGER_READ_MEMORY \ + CTL_CODE(FILE_DEVICE_UNKNOWN, 0x803, METHOD_BUFFERED, FILE_ANY_ACCESS) + +/** + * @brief ioctl, request to read or write on a speical MSR + * + */ +#define IOCTL_DEBUGGER_READ_OR_WRITE_MSR \ + CTL_CODE(FILE_DEVICE_UNKNOWN, 0x804, METHOD_BUFFERED, FILE_ANY_ACCESS) + +/** + * @brief ioctl, request to read page table entries + * + */ +#define IOCTL_DEBUGGER_READ_PAGE_TABLE_ENTRIES_DETAILS \ + CTL_CODE(FILE_DEVICE_UNKNOWN, 0x805, METHOD_BUFFERED, FILE_ANY_ACCESS) + +/** + * @brief ioctl, register an event + * + */ +#define IOCTL_DEBUGGER_REGISTER_EVENT \ + CTL_CODE(FILE_DEVICE_UNKNOWN, 0x806, METHOD_BUFFERED, FILE_ANY_ACCESS) + +/** + * @brief ioctl, add action to event + * + */ +#define IOCTL_DEBUGGER_ADD_ACTION_TO_EVENT \ + CTL_CODE(FILE_DEVICE_UNKNOWN, 0x807, METHOD_BUFFERED, FILE_ANY_ACCESS) + +/** + * @brief ioctl, request to enable or disable transparent-mode + * + */ +#define IOCTL_DEBUGGER_HIDE_AND_UNHIDE_TO_TRANSPARENT_THE_DEBUGGER \ + CTL_CODE(FILE_DEVICE_UNKNOWN, 0x808, METHOD_BUFFERED, FILE_ANY_ACCESS) + +/** + * @brief ioctl, for !va2pa and !pa2va commands + * + */ +#define IOCTL_DEBUGGER_VA2PA_AND_PA2VA_COMMANDS \ + CTL_CODE(FILE_DEVICE_UNKNOWN, 0x809, METHOD_BUFFERED, FILE_ANY_ACCESS) + +/** + * @brief ioctl, request to edit virtual and physical memory + * + */ +#define IOCTL_DEBUGGER_EDIT_MEMORY \ + CTL_CODE(FILE_DEVICE_UNKNOWN, 0x80a, METHOD_BUFFERED, FILE_ANY_ACCESS) + +/** + * @brief ioctl, request to search virtual and physical memory + * + */ +#define IOCTL_DEBUGGER_SEARCH_MEMORY \ + CTL_CODE(FILE_DEVICE_UNKNOWN, 0x80b, METHOD_BUFFERED, FILE_ANY_ACCESS) + +/** + * @brief ioctl, request to modify an event (enable/disable/clear) + * + */ +#define IOCTL_DEBUGGER_MODIFY_EVENTS \ + CTL_CODE(FILE_DEVICE_UNKNOWN, 0x80c, METHOD_BUFFERED, FILE_ANY_ACCESS) + +/** + * @brief ioctl, flush the kernel buffers + * + */ +#define IOCTL_DEBUGGER_FLUSH_LOGGING_BUFFERS \ + CTL_CODE(FILE_DEVICE_UNKNOWN, 0x80d, METHOD_BUFFERED, FILE_ANY_ACCESS) + +/** + * @brief ioctl, attach or detach user-mode processes + * + */ +#define IOCTL_DEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS \ + CTL_CODE(FILE_DEVICE_UNKNOWN, 0x80e, METHOD_BUFFERED, FILE_ANY_ACCESS) + +/** + * @brief ioctl, print states (Deprecated) + * + * + */ +#define IOCTL_DEBUGGER_PRINT \ + CTL_CODE(FILE_DEVICE_UNKNOWN, 0x80f, METHOD_BUFFERED, FILE_ANY_ACCESS) + +/** + * @brief ioctl, prepare debuggee + * + */ +#define IOCTL_PREPARE_DEBUGGEE \ + CTL_CODE(FILE_DEVICE_UNKNOWN, 0x810, METHOD_BUFFERED, FILE_ANY_ACCESS) + +/** + * @brief ioctl, pause and halt the system + * + */ +#define IOCTL_PAUSE_PACKET_RECEIVED \ + CTL_CODE(FILE_DEVICE_UNKNOWN, 0x811, METHOD_BUFFERED, FILE_ANY_ACCESS) + +/** + * @brief ioctl, send a signal that execution of command finished + * + */ +#define IOCTL_SEND_SIGNAL_EXECUTION_IN_DEBUGGEE_FINISHED \ + CTL_CODE(FILE_DEVICE_UNKNOWN, 0x812, METHOD_BUFFERED, FILE_ANY_ACCESS) + +/** + * @brief ioctl, send user-mode messages to the debugger + * + */ +#define IOCTL_SEND_USERMODE_MESSAGES_TO_DEBUGGER \ + CTL_CODE(FILE_DEVICE_UNKNOWN, 0x813, METHOD_BUFFERED, FILE_ANY_ACCESS) + +/** + * @brief ioctl, send general buffer from debuggee to debugger + * + */ +#define IOCTL_SEND_GENERAL_BUFFER_FROM_DEBUGGEE_TO_DEBUGGER \ + CTL_CODE(FILE_DEVICE_UNKNOWN, 0x814, METHOD_BUFFERED, FILE_ANY_ACCESS) + +/** + * @brief ioctl, collects a buffer from kernel-side testing informations + * + */ +#define IOCTL_SEND_GET_KERNEL_SIDE_TEST_INFORMATION \ + CTL_CODE(FILE_DEVICE_UNKNOWN, 0x815, METHOD_BUFFERED, FILE_ANY_ACCESS) + +/** + * @brief ioctl, to perform kernel-side tests + * + */ +#define IOCTL_PERFROM_KERNEL_SIDE_TESTS \ + CTL_CODE(FILE_DEVICE_UNKNOWN, 0x816, METHOD_BUFFERED, FILE_ANY_ACCESS) + +/** + * @brief ioctl, to reserve pre-allocated pools + * + */ +#define IOCTL_RESERVE_PRE_ALLOCATED_POOLS \ + CTL_CODE(FILE_DEVICE_UNKNOWN, 0x817, METHOD_BUFFERED, FILE_ANY_ACCESS) + +/** + * @brief ioctl, to send user debugger commands + * + */ +#define IOCTL_SEND_USER_DEBUGGER_COMMANDS \ + CTL_CODE(FILE_DEVICE_UNKNOWN, 0x818, METHOD_BUFFERED, FILE_ANY_ACCESS) + +/** + * @brief ioctl, to get active threads/processes that are debugging + * + */ +#define IOCTL_GET_DETAIL_OF_ACTIVE_THREADS_AND_PROCESSES \ + CTL_CODE(FILE_DEVICE_UNKNOWN, 0x819, METHOD_BUFFERED, FILE_ANY_ACCESS) + +/** + * @brief ioctl, to get user mode modules details + * + */ +#define IOCTL_GET_USER_MODE_MODULE_DETAILS \ + CTL_CODE(FILE_DEVICE_UNKNOWN, 0x81a, METHOD_BUFFERED, FILE_ANY_ACCESS) + +/** + * @brief ioctl, query count of active threads or processes + * + */ +#define IOCTL_QUERY_COUNT_OF_ACTIVE_PROCESSES_OR_THREADS \ + CTL_CODE(FILE_DEVICE_UNKNOWN, 0x81b, METHOD_BUFFERED, FILE_ANY_ACCESS) + +/** + * @brief ioctl, to get list threads/processes + * + */ +#define IOCTL_GET_LIST_OF_THREADS_AND_PROCESSES \ + CTL_CODE(FILE_DEVICE_UNKNOWN, 0x81c, METHOD_BUFFERED, FILE_ANY_ACCESS) + +/** + * @brief ioctl, query the current process details + * + */ +#define IOCTL_QUERY_CURRENT_PROCESS \ + CTL_CODE(FILE_DEVICE_UNKNOWN, 0x81d, METHOD_BUFFERED, FILE_ANY_ACCESS) + +/** + * @brief ioctl, query the current thread details + * + */ +#define IOCTL_QUERY_CURRENT_THREAD \ + CTL_CODE(FILE_DEVICE_UNKNOWN, 0x81e, METHOD_BUFFERED, FILE_ANY_ACCESS) diff --git a/old_delete/sdk_old/Headers/Ioctls.h.go b/old_delete/sdk_old/Headers/Ioctls.h.go new file mode 100644 index 000000000..05b2d34ea --- /dev/null +++ b/old_delete/sdk_old/Headers/Ioctls.h.go @@ -0,0 +1,122 @@ +package Headers + +import ( + "fmt" + + "github.com/winlabs/gowin32/wrappers" +) + +func CTL_CODE(deviceType, function, method, access uint32) uint32 { + return ((deviceType) << 16) | ((access) << 14) | ((function) << 2) | (method) +} + +const ( + FILE_DEVICE_UNKNOWN = wrappers.FILE_DEVICE_UNKNOWN + METHOD_BUFFERED = wrappers.METHOD_BUFFERED + FILE_ANY_ACCESS = wrappers.FILE_ANY_ACCESS +) + +type IoctlsKind uint32 + +var ( + IOCTL_REGISTER_EVENT = IoctlsKind(CTL_CODE(FILE_DEVICE_UNKNOWN, 0x800, METHOD_BUFFERED, FILE_ANY_ACCESS)) + IOCTL_RETURN_IRP_PENDING_PACKETS_AND_DISALLOW_IOCTL = IoctlsKind(CTL_CODE(FILE_DEVICE_UNKNOWN, 0x801, METHOD_BUFFERED, FILE_ANY_ACCESS)) + IOCTL_TERMINATE_VMX = IoctlsKind(CTL_CODE(FILE_DEVICE_UNKNOWN, 0x802, METHOD_BUFFERED, FILE_ANY_ACCESS)) + IOCTL_DEBUGGER_READ_MEMORY = IoctlsKind(CTL_CODE(FILE_DEVICE_UNKNOWN, 0x803, METHOD_BUFFERED, FILE_ANY_ACCESS)) + IOCTL_DEBUGGER_READ_OR_WRITE_MSR = IoctlsKind(CTL_CODE(FILE_DEVICE_UNKNOWN, 0x804, METHOD_BUFFERED, FILE_ANY_ACCESS)) + IOCTL_DEBUGGER_READ_PAGE_TABLE_ENTRIES_DETAILS = IoctlsKind(CTL_CODE(FILE_DEVICE_UNKNOWN, 0x805, METHOD_BUFFERED, FILE_ANY_ACCESS)) + IOCTL_DEBUGGER_REGISTER_EVENT = IoctlsKind(CTL_CODE(FILE_DEVICE_UNKNOWN, 0x806, METHOD_BUFFERED, FILE_ANY_ACCESS)) + IOCTL_DEBUGGER_ADD_ACTION_TO_EVENT = IoctlsKind(CTL_CODE(FILE_DEVICE_UNKNOWN, 0x807, METHOD_BUFFERED, FILE_ANY_ACCESS)) + IOCTL_DEBUGGER_HIDE_AND_UNHIDE_TO_TRANSPARENT_THE_DEBUGGER = IoctlsKind(CTL_CODE(FILE_DEVICE_UNKNOWN, 0x808, METHOD_BUFFERED, FILE_ANY_ACCESS)) + IOCTL_DEBUGGER_VA2PA_AND_PA2VA_COMMANDS = IoctlsKind(CTL_CODE(FILE_DEVICE_UNKNOWN, 0x809, METHOD_BUFFERED, FILE_ANY_ACCESS)) + IOCTL_DEBUGGER_EDIT_MEMORY = IoctlsKind(CTL_CODE(FILE_DEVICE_UNKNOWN, 0x80a, METHOD_BUFFERED, FILE_ANY_ACCESS)) + IOCTL_DEBUGGER_SEARCH_MEMORY = IoctlsKind(CTL_CODE(FILE_DEVICE_UNKNOWN, 0x80b, METHOD_BUFFERED, FILE_ANY_ACCESS)) + IOCTL_DEBUGGER_MODIFY_EVENTS = IoctlsKind(CTL_CODE(FILE_DEVICE_UNKNOWN, 0x80c, METHOD_BUFFERED, FILE_ANY_ACCESS)) + IOCTL_DEBUGGER_FLUSH_LOGGING_BUFFERS = IoctlsKind(CTL_CODE(FILE_DEVICE_UNKNOWN, 0x80d, METHOD_BUFFERED, FILE_ANY_ACCESS)) + IOCTL_DEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS = IoctlsKind(CTL_CODE(FILE_DEVICE_UNKNOWN, 0x80e, METHOD_BUFFERED, FILE_ANY_ACCESS)) + IOCTL_DEBUGGER_PRINT = IoctlsKind(CTL_CODE(FILE_DEVICE_UNKNOWN, 0x80f, METHOD_BUFFERED, FILE_ANY_ACCESS)) + IOCTL_PREPARE_DEBUGGEE = IoctlsKind(CTL_CODE(FILE_DEVICE_UNKNOWN, 0x810, METHOD_BUFFERED, FILE_ANY_ACCESS)) + IOCTL_PAUSE_PACKET_RECEIVED = IoctlsKind(CTL_CODE(FILE_DEVICE_UNKNOWN, 0x811, METHOD_BUFFERED, FILE_ANY_ACCESS)) + IOCTL_SEND_SIGNAL_EXECUTION_IN_DEBUGGEE_FINISHED = IoctlsKind(CTL_CODE(FILE_DEVICE_UNKNOWN, 0x812, METHOD_BUFFERED, FILE_ANY_ACCESS)) + IOCTL_SEND_USERMODE_MESSAGES_TO_DEBUGGER = IoctlsKind(CTL_CODE(FILE_DEVICE_UNKNOWN, 0x813, METHOD_BUFFERED, FILE_ANY_ACCESS)) + IOCTL_SEND_GENERAL_BUFFER_FROM_DEBUGGEE_TO_DEBUGGER = IoctlsKind(CTL_CODE(FILE_DEVICE_UNKNOWN, 0x814, METHOD_BUFFERED, FILE_ANY_ACCESS)) + IOCTL_SEND_GET_KERNEL_SIDE_TEST_INFORMATION = IoctlsKind(CTL_CODE(FILE_DEVICE_UNKNOWN, 0x815, METHOD_BUFFERED, FILE_ANY_ACCESS)) + IOCTL_PERFROM_KERNEL_SIDE_TESTS = IoctlsKind(CTL_CODE(FILE_DEVICE_UNKNOWN, 0x816, METHOD_BUFFERED, FILE_ANY_ACCESS)) + IOCTL_RESERVE_PRE_ALLOCATED_POOLS = IoctlsKind(CTL_CODE(FILE_DEVICE_UNKNOWN, 0x817, METHOD_BUFFERED, FILE_ANY_ACCESS)) + IOCTL_SEND_USER_DEBUGGER_COMMANDS = IoctlsKind(CTL_CODE(FILE_DEVICE_UNKNOWN, 0x818, METHOD_BUFFERED, FILE_ANY_ACCESS)) + IOCTL_GET_DETAIL_OF_ACTIVE_THREADS_AND_PROCESSES = IoctlsKind(CTL_CODE(FILE_DEVICE_UNKNOWN, 0x819, METHOD_BUFFERED, FILE_ANY_ACCESS)) + IOCTL_GET_USER_MODE_MODULE_DETAILS = IoctlsKind(CTL_CODE(FILE_DEVICE_UNKNOWN, 0x81a, METHOD_BUFFERED, FILE_ANY_ACCESS)) + IOCTL_QUERY_COUNT_OF_ACTIVE_PROCESSES_OR_THREADS = IoctlsKind(CTL_CODE(FILE_DEVICE_UNKNOWN, 0x81b, METHOD_BUFFERED, FILE_ANY_ACCESS)) + IOCTL_GET_LIST_OF_THREADS_AND_PROCESSES = IoctlsKind(CTL_CODE(FILE_DEVICE_UNKNOWN, 0x81c, METHOD_BUFFERED, FILE_ANY_ACCESS)) + IOCTL_QUERY_CURRENT_PROCESS = IoctlsKind(CTL_CODE(FILE_DEVICE_UNKNOWN, 0x81d, METHOD_BUFFERED, FILE_ANY_ACCESS)) + IOCTL_QUERY_CURRENT_THREAD = IoctlsKind(CTL_CODE(FILE_DEVICE_UNKNOWN, 0x81e, METHOD_BUFFERED, FILE_ANY_ACCESS)) +) + +func (e IoctlsKind) String() string { + switch e { + case IOCTL_REGISTER_EVENT: + return "IoctlRegisterEvent" + case IOCTL_RETURN_IRP_PENDING_PACKETS_AND_DISALLOW_IOCTL: + return "IoctlReturnIrpPendingPacketsAndDisallowIoctl" + case IOCTL_TERMINATE_VMX: + return "IoctlTerminateVmx" + case IOCTL_DEBUGGER_READ_MEMORY: + return "IoctlDebuggerReadMemory" + case IOCTL_DEBUGGER_READ_OR_WRITE_MSR: + return "IoctlDebuggerReadOrWriteMsr" + case IOCTL_DEBUGGER_READ_PAGE_TABLE_ENTRIES_DETAILS: + return "IoctlDebuggerReadPageTableEntriesDetails" + case IOCTL_DEBUGGER_REGISTER_EVENT: + return "IoctlDebuggerRegisterEvent" + case IOCTL_DEBUGGER_ADD_ACTION_TO_EVENT: + return "IoctlDebuggerAddActionToEvent" + case IOCTL_DEBUGGER_HIDE_AND_UNHIDE_TO_TRANSPARENT_THE_DEBUGGER: + return "IoctlDebuggerHideAndUnhideToTransparentTheDebugger" + case IOCTL_DEBUGGER_VA2PA_AND_PA2VA_COMMANDS: + return "IoctlDebuggerVa2PaAndPa2VaCommands" + case IOCTL_DEBUGGER_EDIT_MEMORY: + return "IoctlDebuggerEditMemory" + case IOCTL_DEBUGGER_SEARCH_MEMORY: + return "IoctlDebuggerSearchMemory" + case IOCTL_DEBUGGER_MODIFY_EVENTS: + return "IoctlDebuggerModifyEvents" + case IOCTL_DEBUGGER_FLUSH_LOGGING_BUFFERS: + return "IoctlDebuggerFlushLoggingBuffers" + case IOCTL_DEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS: + return "IoctlDebuggerAttachDetachUserModeProcess" + case IOCTL_DEBUGGER_PRINT: + return "IoctlDebuggerPrint" + case IOCTL_PREPARE_DEBUGGEE: + return "IoctlPrepareDebuggee" + case IOCTL_PAUSE_PACKET_RECEIVED: + return "IoctlPausePacketReceived" + case IOCTL_SEND_SIGNAL_EXECUTION_IN_DEBUGGEE_FINISHED: + return "IoctlSendSignalExecutionInDebuggeeFinished" + case IOCTL_SEND_USERMODE_MESSAGES_TO_DEBUGGER: + return "IoctlSendUsermodeMessagesToDebugger" + case IOCTL_SEND_GENERAL_BUFFER_FROM_DEBUGGEE_TO_DEBUGGER: + return "IoctlSendGeneralBufferFromDebuggeeToDebugger" + case IOCTL_SEND_GET_KERNEL_SIDE_TEST_INFORMATION: + return "IoctlSendGetKernelSideTestInformation" + case IOCTL_PERFROM_KERNEL_SIDE_TESTS: + return "IoctlPerfromKernelSideTests" + case IOCTL_RESERVE_PRE_ALLOCATED_POOLS: + return "IoctlReservePreAllocatedPools" + case IOCTL_SEND_USER_DEBUGGER_COMMANDS: + return "IoctlSendUserDebuggerCommands" + case IOCTL_GET_DETAIL_OF_ACTIVE_THREADS_AND_PROCESSES: + return "IoctlGetDetailOfActiveThreadsAndProcesses" + case IOCTL_GET_USER_MODE_MODULE_DETAILS: + return "IoctlGetUserModeModuleDetails" + case IOCTL_QUERY_COUNT_OF_ACTIVE_PROCESSES_OR_THREADS: + return "IoctlQueryCountOfActiveProcessesOrThreads" + case IOCTL_GET_LIST_OF_THREADS_AND_PROCESSES: + return "IoctlGetListOfThreadsAndProcesses" + case IOCTL_QUERY_CURRENT_PROCESS: + return "IoctlQueryCurrentProcess" + case IOCTL_QUERY_CURRENT_THREAD: + return "IoctlQueryCurrentThread" + default: + return fmt.Sprint("known error code " + fmt.Sprintf("%d", e)) + } +} diff --git a/old_delete/sdk_old/Headers/Ioctls.h.go_test.go b/old_delete/sdk_old/Headers/Ioctls.h.go_test.go new file mode 100644 index 000000000..b389a129a --- /dev/null +++ b/old_delete/sdk_old/Headers/Ioctls.h.go_test.go @@ -0,0 +1,118 @@ +package Headers + +import ( + "go/format" + "strconv" + "strings" + "sync" + "testing" + + "github.com/ddkwork/golibrary/mylog" + "github.com/ddkwork/golibrary/stream" +) + +func TestGen_CTL_CODE(t *testing.T) { + Define2CtlCode(CtlCodeInfo{ + File: "Ioctls.h", + Package: "Headers", + Other: ` +func CTL_CODE(deviceType, function, method, access uint32) uint32 { + return ((deviceType) << 16) | ((access) << 14) | ((function) << 2) | (method) +} + +const ( + FILE_DEVICE_UNKNOWN = windef.FILE_DEVICE_UNKNOWN + METHOD_BUFFERED = windef.METHOD_BUFFERED + FILE_ANY_ACCESS = windef.FILE_ANY_ACCESS +) +`, + imports: []string{ + "fmt", + "github.com/ddkwork/golibrary/src/cpp2go/delete/myc2go/windef", + }, + Type: map[string]string{"IoctlsKind": "uint32"}, + TypeInto: false, + }) +} + +type ( + CtlCodeInfo struct { + File string + Package string + Other string + imports []string + Type map[string]string + TypeInto bool + } +) + +func Define2CtlCode(info CtlCodeInfo) { + body := stream.NewBuffer("") + body.WriteStringLn("package " + info.Package) + + body.WriteStringLn("import (") + for _, s := range info.imports { + body.WriteStringLn(strconv.Quote(s)) + } + body.WriteStringLn(")") + body.WriteStringLn(info.Other) + body.WriteString("type ") + typeKind := "" + for k, v := range info.Type { + typeKind = k + body.WriteString(k) + body.Indent(1) + body.WriteStringLn(v) + + } + body.WriteStringLn("var (") + file := stream.NewBuffer(info.File) + all := strings.ReplaceAll(file.String(), `\ + `, "") + file.Reset() + file.WriteString(all) + lines := file.ToLines() + + const define = "#define" + once := sync.Once{} + var codes []string + for _, line := range lines { + if strings.Contains(line, define) { + fields := strings.Fields(line) + codes = append(codes, fields[1]) + body.WriteString(fields[1]) + if info.TypeInto { + once.Do(func() { + body.WriteString("\t" + typeKind + "\t") + }) + } + body.WriteString("=") + body.WriteString(typeKind) + body.WriteString("(") + body.WriteString(strings.Join(fields[2:], " ")) + body.WriteStringLn(")") + } + } + body.WriteStringLn(")") + body.WriteStringLn("func (e " + typeKind + ")String()string{") + + body.WriteStringLn("switch e {") + for _, code := range codes { + body.WriteString("case ") + body.WriteString(code) + body.WriteStringLn(":") + body.WriteString("return ") + body.WriteStringLn(strconv.Quote(stream.ToCamelUpper(code, false))) + } + body.WriteStringLn("default:") + body.WriteStringLn("return fmt.Sprint(\"known error code \" + fmt.Sprintf(\"%d\",e))") + body.WriteStringLn("}") + body.WriteStringLn("}") + mylog.Json("gen error code", body.String()) + source, e := (format.Source(body.Bytes())) + if e != nil { + stream.WriteTruncate(info.File+".go", body.Bytes()) + return + } + stream.WriteTruncate(info.File+".go", source) +} diff --git a/old_delete/sdk_old/Headers/MAX_PATH_linux.go b/old_delete/sdk_old/Headers/MAX_PATH_linux.go new file mode 100644 index 000000000..f61f90acd --- /dev/null +++ b/old_delete/sdk_old/Headers/MAX_PATH_linux.go @@ -0,0 +1,5 @@ +package Headers + +const ( + MAX_PATH = 260 +) diff --git a/old_delete/sdk_old/Headers/MAX_PATH_windows.go b/old_delete/sdk_old/Headers/MAX_PATH_windows.go new file mode 100644 index 000000000..37edfb790 --- /dev/null +++ b/old_delete/sdk_old/Headers/MAX_PATH_windows.go @@ -0,0 +1,7 @@ +package Headers + +import "syscall" + +const ( + MAX_PATH = syscall.MAX_PATH +) diff --git a/old_delete/sdk_old/Headers/RequestStructures.h b/old_delete/sdk_old/Headers/RequestStructures.h new file mode 100644 index 000000000..7014c090d --- /dev/null +++ b/old_delete/sdk_old/Headers/RequestStructures.h @@ -0,0 +1,1059 @@ +/** + * @file RequestStructures.h + * @author Sina Karvandi (sina@hyperdbg.org) + * @brief HyperDbg's SDK Headers Request Packets + * @details This file contains definitions of request packets (enums, structs) + * @version 0.2 + * @date 2022-06-28 + * + * @copyright This project is released under the GNU Public License v3. + * + */ +#pragma once + +#define SIZEOF_DEBUGGER_READ_PAGE_TABLE_ENTRIES_DETAILS \ + sizeof(DEBUGGER_READ_PAGE_TABLE_ENTRIES_DETAILS) + +/** + * @brief request for !pte command + * + */ +typedef struct _DEBUGGER_READ_PAGE_TABLE_ENTRIES_DETAILS +{ + UINT64 VirtualAddress; + UINT32 ProcessId; + + UINT64 Pml4eVirtualAddress; + UINT64 Pml4eValue; + + UINT64 PdpteVirtualAddress; + UINT64 PdpteValue; + + UINT64 PdeVirtualAddress; + UINT64 PdeValue; + + UINT64 PteVirtualAddress; + UINT64 PteValue; + + UINT32 KernelStatus; + +} DEBUGGER_READ_PAGE_TABLE_ENTRIES_DETAILS, + *PDEBUGGER_READ_PAGE_TABLE_ENTRIES_DETAILS; + +/* ============================================================================================== + */ + +#define SIZEOF_DEBUGGER_VA2PA_AND_PA2VA_COMMANDS \ + sizeof(DEBUGGER_VA2PA_AND_PA2VA_COMMANDS) + +/** + * @brief requests for !va2pa and !pa2va commands + * + */ +typedef struct _DEBUGGER_VA2PA_AND_PA2VA_COMMANDS +{ + UINT64 VirtualAddress; + UINT64 PhysicalAddress; + UINT32 ProcessId; + BOOLEAN IsVirtual2Physical; + UINT32 KernelStatus; + +} DEBUGGER_VA2PA_AND_PA2VA_COMMANDS, *PDEBUGGER_VA2PA_AND_PA2VA_COMMANDS; + +/* ============================================================================================== + */ + +#define SIZEOF_DEBUGGER_DT_COMMAND_OPTIONS \ + sizeof(DEBUGGER_DT_COMMAND_OPTIONS) + +/** + * @brief requests options for dt and struct command + * + */ +typedef struct _DEBUGGER_DT_COMMAND_OPTIONS +{ + const char * TypeName; + UINT64 SizeOfTypeName; + UINT64 Address; + BOOLEAN IsStruct; + PVOID BufferAddress; + UINT32 TargetPid; + const char * AdditionalParameters; + +} DEBUGGER_DT_COMMAND_OPTIONS, *PDEBUGGER_DT_COMMAND_OPTIONS; + +/* ============================================================================================== + */ + +/** + * @brief different types of prealloc requests + * + */ +typedef enum _DEBUGGER_PREALLOC_COMMAND_TYPE +{ + DEBUGGER_PREALLOC_COMMAND_TYPE_MONITOR, + DEBUGGER_PREALLOC_COMMAND_TYPE_THREAD_INTERCEPTION, +} DEBUGGER_PREALLOC_COMMAND_TYPE; + +#define SIZEOF_DEBUGGER_PREALLOC_COMMAND \ + sizeof(DEBUGGER_PREALLOC_COMMAND) + +/** + * @brief requests for prealloc commands + * + */ +typedef struct _DEBUGGER_PREALLOC_COMMAND +{ + DEBUGGER_PREALLOC_COMMAND_TYPE Type; + UINT64 Count; + UINT32 KernelStatus; + +} DEBUGGER_PREALLOC_COMMAND, *PDEBUGGER_PREALLOC_COMMAND; + +/* ============================================================================================== + */ + +#define SIZEOF_DEBUGGER_READ_MEMORY sizeof(DEBUGGER_READ_MEMORY) + +/** + * @brief different types of reading memory + * + */ +typedef enum _DEBUGGER_READ_READING_TYPE +{ + READ_FROM_KERNEL, + READ_FROM_VMX_ROOT +} DEBUGGER_READ_READING_TYPE; + +/** + * @brief different type of addresses + * + */ +typedef enum _DEBUGGER_READ_MEMORY_TYPE +{ + DEBUGGER_READ_PHYSICAL_ADDRESS, + DEBUGGER_READ_VIRTUAL_ADDRESS +} DEBUGGER_READ_MEMORY_TYPE; + +/** + * @brief the way that debugger should show + * the details of memory or disassemble them + * + */ +typedef enum _DEBUGGER_SHOW_MEMORY_STYLE +{ + DEBUGGER_SHOW_COMMAND_DT = 1, + DEBUGGER_SHOW_COMMAND_DISASSEMBLE64, + DEBUGGER_SHOW_COMMAND_DISASSEMBLE32, + DEBUGGER_SHOW_COMMAND_DB, + DEBUGGER_SHOW_COMMAND_DC, + DEBUGGER_SHOW_COMMAND_DQ, + DEBUGGER_SHOW_COMMAND_DD +} DEBUGGER_SHOW_MEMORY_STYLE; + +/** + * @brief request for reading virtual and physical memory + * + */ +typedef struct _DEBUGGER_READ_MEMORY +{ + UINT32 Pid; // Read from cr3 of what process + UINT64 Address; + UINT32 Size; + DEBUGGER_READ_MEMORY_TYPE MemoryType; + DEBUGGER_READ_READING_TYPE ReadingType; + PDEBUGGER_DT_COMMAND_OPTIONS DtDetails; + DEBUGGER_SHOW_MEMORY_STYLE Style; // not used in local debugging + UINT32 ReturnLength; // not used in local debugging + UINT32 KernelStatus; // not used in local debugging + +} DEBUGGER_READ_MEMORY, *PDEBUGGER_READ_MEMORY; + +/* ============================================================================================== + */ + +#define SIZEOF_DEBUGGER_FLUSH_LOGGING_BUFFERS \ + sizeof(DEBUGGER_FLUSH_LOGGING_BUFFERS) + +/** + * @brief request for flushing buffers + * + */ +typedef struct _DEBUGGER_FLUSH_LOGGING_BUFFERS +{ + UINT32 KernelStatus; + UINT32 CountOfMessagesThatSetAsReadFromVmxRoot; + UINT32 CountOfMessagesThatSetAsReadFromVmxNonRoot; + +} DEBUGGER_FLUSH_LOGGING_BUFFERS, *PDEBUGGER_FLUSH_LOGGING_BUFFERS; + +/* ============================================================================================== + */ + +#define SIZEOF_DEBUGGER_TEST_QUERY_BUFFER \ + sizeof(DEBUGGER_TEST_QUERY_BUFFER) + +/** + * @brief request for test query buffers + * + */ +typedef struct _DEBUGGER_DEBUGGER_TEST_QUERY_BUFFER +{ + UINT32 RequestIndex; + UINT32 KernelStatus; + +} DEBUGGER_DEBUGGER_TEST_QUERY_BUFFER, *PDEBUGGER_DEBUGGER_TEST_QUERY_BUFFER; + +/* ============================================================================================== + */ + +#define SIZEOF_DEBUGGER_PERFORM_KERNEL_TESTS \ + sizeof(DEBUGGER_PERFORM_KERNEL_TESTS) + +/** + * @brief request performing kernel tests + * + */ +typedef struct _DEBUGGER_PERFORM_KERNEL_TESTS +{ + UINT32 KernelStatus; + +} DEBUGGER_PERFORM_KERNEL_TESTS, *PDEBUGGER_PERFORM_KERNEL_TESTS; + +/* ============================================================================================== + */ + +#define SIZEOF_DEBUGGER_SEND_COMMAND_EXECUTION_FINISHED_SIGNAL \ + sizeof(DEBUGGER_SEND_COMMAND_EXECUTION_FINISHED_SIGNAL) + +/** + * @brief request for send a signal that command execution finished + * + */ +typedef struct _DEBUGGER_SEND_COMMAND_EXECUTION_FINISHED_SIGNAL +{ + UINT32 KernelStatus; + +} DEBUGGER_SEND_COMMAND_EXECUTION_FINISHED_SIGNAL, + *PDEBUGGER_SEND_COMMAND_EXECUTION_FINISHED_SIGNAL; + +/* ============================================================================================== + */ + +#define SIZEOF_DEBUGGEE_KERNEL_AND_USER_TEST_INFORMATION \ + sizeof(DEBUGGEE_KERNEL_AND_USER_TEST_INFORMATION) + +/** + * @brief request for collecting debuggee's kernel-side test information + * + */ +typedef struct _DEBUGGEE_KERNEL_AND_USER_TEST_INFORMATION +{ + UINT64 Value; + char Tag[32]; + +} DEBUGGEE_KERNEL_AND_USER_TEST_INFORMATION, + *PDEBUGGEE_KERNEL_AND_USER_TEST_INFORMATION; + +/* ============================================================================================== + */ + +#define SIZEOF_DEBUGGEE_SEND_GENERAL_PACKET_FROM_DEBUGGEE_TO_DEBUGGER \ + sizeof(DEBUGGEE_SEND_GENERAL_PACKET_FROM_DEBUGGEE_TO_DEBUGGER) + +/** + * @brief request for send general packets from debuggee to debugger + * + */ +typedef struct _DEBUGGEE_SEND_GENERAL_PACKET_FROM_DEBUGGEE_TO_DEBUGGER +{ + DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION RequestedAction; + UINT32 LengthOfBuffer; + BOOLEAN PauseDebuggeeWhenSent; + UINT32 KernelResult; + + // + // The buffer for the general packet is here + // + +} DEBUGGEE_SEND_GENERAL_PACKET_FROM_DEBUGGEE_TO_DEBUGGER, + *PDEBUGGEE_SEND_GENERAL_PACKET_FROM_DEBUGGEE_TO_DEBUGGER; + +/* ============================================================================================== + */ + +#define SIZEOF_DEBUGGER_SEND_USERMODE_MESSAGES_TO_DEBUGGER \ + sizeof(DEBUGGER_SEND_USERMODE_MESSAGES_TO_DEBUGGER) + +/** + * @brief request for send a user-mode message to debugger + * + */ +typedef struct _DEBUGGER_SEND_USERMODE_MESSAGES_TO_DEBUGGER +{ + UINT32 KernelStatus; + UINT32 Length; + + // + // Here is the messages + // + +} DEBUGGER_SEND_USERMODE_MESSAGES_TO_DEBUGGER, + *PDEBUGGER_SEND_USERMODE_MESSAGES_TO_DEBUGGER; + +/* ============================================================================================== + */ + +#define SIZEOF_DEBUGGER_READ_AND_WRITE_ON_MSR \ + sizeof(DEBUGGER_READ_AND_WRITE_ON_MSR) + +/** + * @brief different types of actions on MSRs + * + */ +typedef enum _DEBUGGER_MSR_ACTION_TYPE +{ + DEBUGGER_MSR_READ, + DEBUGGER_MSR_WRITE +} DEBUGGER_MSR_ACTION_TYPE; + +/** + * @brief request to read or write on MSRs + * + */ +typedef struct _DEBUGGER_READ_AND_WRITE_ON_MSR +{ + UINT64 Msr; // It's actually a 32-Bit value but let's not mess with a register + UINT32 CoreNumber; // specifies the core to execute wrmsr or read the msr + // (DEBUGGER_READ_AND_WRITE_ON_MSR_APPLY_ALL_CORES mean all + // the cores) + DEBUGGER_MSR_ACTION_TYPE + ActionType; // Detects whether user needs wrmsr or rdmsr + UINT64 Value; + +} DEBUGGER_READ_AND_WRITE_ON_MSR, *PDEBUGGER_READ_AND_WRITE_ON_MSR; + +/* ============================================================================================== + */ + +#define SIZEOF_DEBUGGER_EDIT_MEMORY sizeof(DEBUGGER_EDIT_MEMORY) + +/** + * @brief different type of addresses for editing memory + * + */ +typedef enum _DEBUGGER_EDIT_MEMORY_TYPE +{ + EDIT_PHYSICAL_MEMORY, + EDIT_VIRTUAL_MEMORY +} DEBUGGER_EDIT_MEMORY_TYPE; + +/** + * @brief size of editing memory + * + */ +typedef enum _DEBUGGER_EDIT_MEMORY_BYTE_SIZE +{ + EDIT_BYTE, + EDIT_DWORD, + EDIT_QWORD +} DEBUGGER_EDIT_MEMORY_BYTE_SIZE; + +/** + * @brief request for edit virtual and physical memory + * + */ +typedef struct _DEBUGGER_EDIT_MEMORY +{ + UINT32 Result; // Result from kernel + UINT64 Address; // Target adddress to modify + UINT32 ProcessId; // specifies the process id + DEBUGGER_EDIT_MEMORY_TYPE MemoryType; // Type of memory + DEBUGGER_EDIT_MEMORY_BYTE_SIZE ByteSize; // Modification size + UINT32 CountOf64Chunks; + UINT32 FinalStructureSize; + UINT32 KernelStatus; // not used in local debugging + +} DEBUGGER_EDIT_MEMORY, *PDEBUGGER_EDIT_MEMORY; + +/* ============================================================================================== + */ + +#define SIZEOF_DEBUGGER_SEARCH_MEMORY sizeof(DEBUGGER_SEARCH_MEMORY) + +/** + * @brief different types of address for searching on memory + * + */ +typedef enum _DEBUGGER_SEARCH_MEMORY_TYPE +{ + SEARCH_PHYSICAL_MEMORY, + SEARCH_VIRTUAL_MEMORY, + SEARCH_PHYSICAL_FROM_VIRTUAL_MEMORY, + +} DEBUGGER_SEARCH_MEMORY_TYPE; + +/** + * @brief different sizes on searching memory + * + */ +typedef enum _DEBUGGER_SEARCH_MEMORY_BYTE_SIZE +{ + SEARCH_BYTE, + SEARCH_DWORD, + SEARCH_QWORD + +} DEBUGGER_SEARCH_MEMORY_BYTE_SIZE; + +/** + * @brief request for searching memory + * + */ +typedef struct _DEBUGGER_SEARCH_MEMORY +{ + UINT64 Address; // Target adddress to start searching + UINT64 Length; // Length of bytes to search + UINT32 ProcessId; // specifies the process id + DEBUGGER_SEARCH_MEMORY_TYPE MemoryType; // Type of memory + DEBUGGER_SEARCH_MEMORY_BYTE_SIZE ByteSize; // Modification size + UINT32 CountOf64Chunks; + UINT32 FinalStructureSize; + +} DEBUGGER_SEARCH_MEMORY, *PDEBUGGER_SEARCH_MEMORY; + +/* ============================================================================================== + */ + +#define SIZEOF_DEBUGGER_HIDE_AND_TRANSPARENT_DEBUGGER_MODE \ + sizeof(DEBUGGER_HIDE_AND_TRANSPARENT_DEBUGGER_MODE) + +/** + * @brief request for enable or disable transparent-mode + * + */ +typedef struct _DEBUGGER_HIDE_AND_TRANSPARENT_DEBUGGER_MODE +{ + BOOLEAN IsHide; + + UINT64 CpuidAverage; + UINT64 CpuidStandardDeviation; + UINT64 CpuidMedian; + + UINT64 RdtscAverage; + UINT64 RdtscStandardDeviation; + UINT64 RdtscMedian; + + BOOLEAN TrueIfProcessIdAndFalseIfProcessName; + UINT32 ProcId; + UINT32 LengthOfProcessName; // in the case of !hide name xxx, this parameter + // shows the length of xxx + + UINT64 KernelStatus; /* DEBUGGER_OPERATION_WAS_SUCCESSFUL , + DEBUGGER_ERROR_UNABLE_TO_HIDE_OR_UNHIDE_DEBUGGER + */ + +} DEBUGGER_HIDE_AND_TRANSPARENT_DEBUGGER_MODE, + *PDEBUGGER_HIDE_AND_TRANSPARENT_DEBUGGER_MODE; + +/* ============================================================================================== + */ + +#define SIZEOF_DEBUGGER_PREPARE_DEBUGGEE sizeof(DEBUGGER_PREPARE_DEBUGGEE) + +/** + * @brief request to make this computer to a debuggee + * + */ +typedef struct _DEBUGGER_PREPARE_DEBUGGEE +{ + UINT32 PortAddress; + UINT32 Baudrate; + UINT64 NtoskrnlBaseAddress; + UINT32 Result; // Result from the kernel + CHAR OsName[MAXIMUM_CHARACTER_FOR_OS_NAME]; + +} DEBUGGER_PREPARE_DEBUGGEE, *PDEBUGGER_PREPARE_DEBUGGEE; + +/* ============================================================================================== + */ + +/** + * @brief The structure of changing core packet in HyperDbg + * + */ +typedef struct _DEBUGGEE_CHANGE_CORE_PACKET +{ + UINT32 NewCore; + UINT32 Result; + +} DEBUGGEE_CHANGE_CORE_PACKET, *PDEBUGGEE_CHANGE_CORE_PACKET; + +/* ============================================================================================== + */ +#define SIZEOF_DEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS \ + sizeof(DEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS) + +/** + * @brief different actions of switchings + * + */ +typedef enum _DEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS_ACTION_TYPE +{ + DEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS_ACTION_ATTACH, + DEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS_ACTION_DETACH, + DEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS_ACTION_REMOVE_HOOKS, + DEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS_ACTION_KILL_PROCESS, + DEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS_ACTION_PAUSE_PROCESS, + DEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS_ACTION_SWITCH_BY_PROCESS_OR_THREAD, + DEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS_ACTION_QUERY_COUNT_OF_ACTIVE_DEBUGGING_THREADS, + +} DEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS_ACTION_TYPE; + +/** + * @brief request for attaching user-mode process + * + */ +typedef struct _DEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS +{ + BOOLEAN IsStartingNewProcess; + UINT32 ProcessId; + UINT32 ThreadId; + BOOLEAN Is32Bit; + BOOLEAN IsPaused; // used in switching to threads + DEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS_ACTION_TYPE Action; + UINT32 CountOfActiveDebuggingThreadsAndProcesses; // used in showing the list of active threads/processes + UINT64 Token; + UINT64 Result; + +} DEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS, + *PDEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS; + +/* ============================================================================================== + */ +#define SIZEOF_DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS \ + sizeof(DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS) + +/** + * @brief different type of process or thread queries + * + */ +typedef enum _DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_TYPES +{ + DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_QUERY_PROCESS_COUNT = 1, + DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_QUERY_THREAD_COUNT = 2, + DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_QUERY_PROCESS_LIST = 3, + DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_QUERY_THREAD_LIST = 4, + DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_QUERY_CURRENT_PROCESS = 5, + DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_QUERY_CURRENT_THREAD = 6, + +} DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_TYPES; + +/** + * @brief different actions on showing or querying list of process or threads + * + */ +typedef enum _DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_ACTIONS +{ + DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_ACTION_SHOW_INSTANTLY = 1, + DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_ACTION_QUERY_COUNT = 2, + DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_ACTION_QUERY_SAVE_DETAILS = 3, + +} DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_ACTIONS; + +/** + * @brief The structure of needed information to get the details + * of the process from nt!_EPROCESS and location of needed variables + * + */ +typedef struct _DEBUGGEE_PROCESS_LIST_NEEDED_DETAILS +{ + UINT64 PsActiveProcessHead; // nt!PsActiveProcessHead + ULONG ImageFileNameOffset; // nt!_EPROCESS.ImageFileName + ULONG UniquePidOffset; // nt!_EPROCESS.UniqueProcessId + ULONG ActiveProcessLinksOffset; // nt!_EPROCESS.ActiveProcessLinks + +} DEBUGGEE_PROCESS_LIST_NEEDED_DETAILS, *PDEBUGGEE_PROCESS_LIST_NEEDED_DETAILS; + +/** + * @brief The structure of needed information to get the details + * of the thread from nt!_ETHREAD and location of needed variables + * + */ +typedef struct _DEBUGGEE_THREAD_LIST_NEEDED_DETAILS +{ + UINT32 ThreadListHeadOffset; // nt!_EPROCESS.ThreadListHead + UINT32 ThreadListEntryOffset; // nt!_ETHREAD.ThreadListEntry + UINT32 CidOffset; // nt!_ETHREAD.Cid + UINT64 PsActiveProcessHead; // nt!PsActiveProcessHead + ULONG ActiveProcessLinksOffset; // nt!_EPROCESS.ActiveProcessLinks + UINT64 Process; + +} DEBUGGEE_THREAD_LIST_NEEDED_DETAILS, *PDEBUGGEE_THREAD_LIST_NEEDED_DETAILS; + +/** + * @brief The structure showing list of processes (details of each + * entry) + * + */ +typedef struct _DEBUGGEE_PROCESS_LIST_DETAILS_ENTRY +{ + UINT64 Eprocess; + UINT32 Pid; + UINT64 Cr3; + UCHAR ImageFileName[15 + 1]; + +} DEBUGGEE_PROCESS_LIST_DETAILS_ENTRY, *PDEBUGGEE_PROCESS_LIST_DETAILS_ENTRY; + +/** + * @brief The structure showing list of threads (details of each + * entry) + * + */ +typedef struct _DEBUGGEE_THREAD_LIST_DETAILS_ENTRY +{ + UINT64 Eprocess; + UINT64 Ethread; + UINT64 Pid; + UINT64 Tid; + UCHAR ImageFileName[15 + 1]; + +} DEBUGGEE_THREAD_LIST_DETAILS_ENTRY, *PDEBUGGEE_THREAD_LIST_DETAILS_ENTRY; + +/** + * @brief request for query count of active processes and threads + * + */ +typedef struct _DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS +{ + DEBUGGEE_PROCESS_LIST_NEEDED_DETAILS ProcessListNeededDetails; + DEBUGGEE_THREAD_LIST_NEEDED_DETAILS ThreadListNeededDetails; + DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_TYPES QueryType; + DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_ACTIONS QueryAction; + UINT32 Count; + UINT64 Result; + +} DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS, + *PDEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS; + +/* ============================================================================================== + */ + +/** + * @brief The structure for saving the callstack frame of one parameter + * + */ +typedef struct _DEBUGGER_SINGLE_CALLSTACK_FRAME +{ + BOOLEAN IsStackAddressValid; + BOOLEAN IsValidAddress; + BOOLEAN IsExecutable; + UINT64 Value; + BYTE InstructionBytesOnRip[MAXIMUM_CALL_INSTR_SIZE]; + +} DEBUGGER_SINGLE_CALLSTACK_FRAME, *PDEBUGGER_SINGLE_CALLSTACK_FRAME; + +#define SIZEOF_DEBUGGER_CALLSTACK_REQUEST \ + sizeof(DEBUGGER_CALLSTACK_REQUEST) + +/** + * @brief callstack showing method + * + */ +typedef enum _DEBUGGER_CALLSTACK_DISPLAY_METHOD +{ + DEBUGGER_CALLSTACK_DISPLAY_METHOD_WITHOUT_PARAMS, + DEBUGGER_CALLSTACK_DISPLAY_METHOD_WITH_PARAMS, + +} DEBUGGER_CALLSTACK_DISPLAY_METHOD; + +/** + * @brief request for callstack frames + * + */ +typedef struct _DEBUGGER_CALLSTACK_REQUEST +{ + BOOLEAN Is32Bit; + UINT32 KernelStatus; + DEBUGGER_CALLSTACK_DISPLAY_METHOD DisplayMethod; + UINT32 Size; + UINT32 FrameCount; + UINT64 BaseAddress; + UINT64 BufferSize; + + // + // Here is the size of stack frames + // + +} DEBUGGER_CALLSTACK_REQUEST, *PDEBUGGER_CALLSTACK_REQUEST; + +/* ============================================================================================== + */ +#define SIZEOF_USERMODE_DEBUGGING_THREAD_OR_PROCESS_STATE_DETAILS \ + sizeof(USERMODE_DEBUGGING_THREAD_OR_PROCESS_STATE_DETAILS) + +typedef struct _USERMODE_DEBUGGING_THREAD_OR_PROCESS_STATE_DETAILS +{ + UINT32 ProcessId; + UINT32 ThreadId; + BOOLEAN IsProcess; + +} USERMODE_DEBUGGING_THREAD_OR_PROCESS_STATE_DETAILS, *PUSERMODE_DEBUGGING_THREAD_OR_PROCESS_STATE_DETAILS; + +/* ============================================================================================== + */ + +/** + * @brief Used for run the script + * + */ +typedef struct _DEBUGGER_EVENT_ACTION_RUN_SCRIPT_CONFIGURATION +{ + UINT64 ScriptBuffer; + UINT32 ScriptLength; + UINT32 ScriptPointer; + UINT32 OptionalRequestedBufferSize; + +} DEBUGGER_EVENT_ACTION_RUN_SCRIPT_CONFIGURATION, + *PDEBUGGER_EVENT_ACTION_RUN_SCRIPT_CONFIGURATION; + +/** + * @brief used in the case of requesting a "request buffer" + * + */ +typedef struct _DEBUGGER_EVENT_REQUEST_BUFFER +{ + BOOLEAN EnabledRequestBuffer; + UINT32 RequestBufferSize; + UINT64 RequstBufferAddress; + +} DEBUGGER_EVENT_REQUEST_BUFFER, *PDEBUGGER_EVENT_REQUEST_BUFFER; + +/** + * @brief used in the case of custom code requests to the debugger + * + */ +typedef struct _DEBUGGER_EVENT_REQUEST_CUSTOM_CODE +{ + UINT32 CustomCodeBufferSize; + PVOID CustomCodeBufferAddress; + UINT32 OptionalRequestedBufferSize; + +} DEBUGGER_EVENT_REQUEST_CUSTOM_CODE, *PDEBUGGER_EVENT_REQUEST_CUSTOM_CODE; + +/* ============================================================================================== + */ + +/** + * @brief User-mode debugging actions + * + */ +typedef enum _DEBUGGER_UD_COMMAND_ACTION_TYPE +{ + DEBUGGER_UD_COMMAND_ACTION_TYPE_NONE = 0, + DEBUGGER_UD_COMMAND_ACTION_TYPE_PAUSE, + DEBUGGER_UD_COMMAND_ACTION_TYPE_CONTINUE, + DEBUGGER_UD_COMMAND_ACTION_TYPE_REGULAR_STEP, + +} DEBUGGER_UD_COMMAND_ACTION_TYPE; + +/** + * @brief Description of user-mode debugging actions + * + */ +typedef struct _DEBUGGER_UD_COMMAND_ACTION +{ + DEBUGGER_UD_COMMAND_ACTION_TYPE ActionType; + UINT64 OptionalParam1; + UINT64 OptionalParam2; + UINT64 OptionalParam3; + UINT64 OptionalParam4; + +} DEBUGGER_UD_COMMAND_ACTION, *PDEBUGGER_UD_COMMAND_ACTION; + +/** + * @brief The structure of command packet in uHyperDbg + * + */ +typedef struct _DEBUGGER_UD_COMMAND_PACKET +{ + DEBUGGER_UD_COMMAND_ACTION UdAction; + UINT64 ProcessDebuggingDetailToken; + UINT32 TargetThreadId; + BOOLEAN ApplyToAllPausedThreads; + UINT32 Result; + +} DEBUGGER_UD_COMMAND_PACKET, *PDEBUGGER_UD_COMMAND_PACKET; + +/* ============================================================================================== + */ + +/** + * @brief Debugger process switch and process details + * + */ +typedef enum _DEBUGGEE_DETAILS_AND_SWITCH_PROCESS_TYPE +{ + + DEBUGGEE_DETAILS_AND_SWITCH_PROCESS_GET_PROCESS_DETAILS, + DEBUGGEE_DETAILS_AND_SWITCH_PROCESS_GET_PROCESS_LIST, + DEBUGGEE_DETAILS_AND_SWITCH_PROCESS_PERFORM_SWITCH, + +} DEBUGGEE_DETAILS_AND_SWITCH_PROCESS_TYPE; + +/** + * @brief The structure of changing process and show process + * packet in HyperDbg + * + */ +typedef struct _DEBUGGEE_DETAILS_AND_SWITCH_PROCESS_PACKET +{ + DEBUGGEE_DETAILS_AND_SWITCH_PROCESS_TYPE ActionType; + UINT32 ProcessId; + UINT64 Process; + BOOLEAN IsSwitchByClkIntr; + UCHAR ProcessName[16]; + DEBUGGEE_PROCESS_LIST_NEEDED_DETAILS ProcessListSymDetails; + UINT32 Result; + +} DEBUGGEE_DETAILS_AND_SWITCH_PROCESS_PACKET, *PDEBUGGEE_DETAILS_AND_SWITCH_PROCESS_PACKET; + +/* ============================================================================================== + */ + +/** + * @brief Debugger size of DEBUGGEE_DETAILS_AND_SWITCH_PROCESS_PACKET + * + */ +#define SIZEOF_DEBUGGEE_DETAILS_AND_SWITCH_PROCESS_PACKET \ + sizeof(DEBUGGEE_DETAILS_AND_SWITCH_PROCESS_PACKET) + +/** + * @brief Debugger thread switch and thread details + * + */ +typedef enum _DEBUGGEE_DETAILS_AND_SWITCH_THREAD_TYPE +{ + + DEBUGGEE_DETAILS_AND_SWITCH_THREAD_PERFORM_SWITCH, + DEBUGGEE_DETAILS_AND_SWITCH_THREAD_GET_THREAD_DETAILS, + DEBUGGEE_DETAILS_AND_SWITCH_THREAD_GET_THREAD_LIST, + + } DEBUGGEE_DETAILS_AND_SWITCH_THREAD_TYPE; + +/** + * @brief The structure of changing thead and show thread + * packet in HyperDbg + */ +typedef struct _DEBUGGEE_DETAILS_AND_SWITCH_THREAD_PACKET +{ + DEBUGGEE_DETAILS_AND_SWITCH_THREAD_TYPE ActionType; + UINT32 ThreadId; + UINT32 ProcessId; + UINT64 Thread; + UINT64 Process; + BOOLEAN CheckByClockInterrupt; + UCHAR ProcessName[16]; + DEBUGGEE_THREAD_LIST_NEEDED_DETAILS ThreadListSymDetails; + UINT32 Result; + +} DEBUGGEE_DETAILS_AND_SWITCH_THREAD_PACKET, *PDEBUGGEE_DETAILS_AND_SWITCH_THREAD_PACKET; + +/** + * @brief Debugger size of DEBUGGEE_DETAILS_AND_SWITCH_THREAD_PACKET + * + */ +#define SIZEOF_DEBUGGEE_DETAILS_AND_SWITCH_THREAD_PACKET \ + sizeof(DEBUGGEE_DETAILS_AND_SWITCH_THREAD_PACKET) + +/* ============================================================================================== + */ + +/** + * @brief stepping types + * + */ +typedef enum _DEBUGGER_REMOTE_STEPPING_REQUEST +{ + + DEBUGGER_REMOTE_STEPPING_REQUEST_STEP_OVER, + DEBUGGER_REMOTE_STEPPING_REQUEST_STEP_IN, + DEBUGGER_REMOTE_STEPPING_REQUEST_INSTRUMENTATION_STEP_IN, + +} DEBUGGER_REMOTE_STEPPING_REQUEST; + +/** + * @brief The structure of stepping packet in HyperDbg + * + */ +typedef struct _DEBUGGEE_STEP_PACKET +{ + DEBUGGER_REMOTE_STEPPING_REQUEST StepType; + + // + // Only in the case of call instructions + // the 'p' command + // + BOOLEAN IsCurrentInstructionACall; + UINT32 CallLength; + +} DEBUGGEE_STEP_PACKET, *PDEBUGGEE_STEP_PACKET; + +/* ============================================================================================== + */ + +/** + * @brief The structure of .formats result packet in HyperDbg + * + */ +typedef struct _DEBUGGEE_FORMATS_PACKET +{ + UINT64 Value; + UINT32 Result; + +} DEBUGGEE_FORMATS_PACKET, *PDEBUGGEE_FORMATS_PACKET; + +/* ============================================================================================== + */ + +/** + * @brief The structure of .sym reload packet in HyperDbg + * + */ +typedef struct _DEBUGGEE_SYMBOL_REQUEST_PACKET +{ + UINT32 ProcessId; + +} DEBUGGEE_SYMBOL_REQUEST_PACKET, *PDEBUGGEE_SYMBOL_REQUEST_PACKET; + +/* ============================================================================================== + */ + +/** + * @brief The structure of bp command packet in HyperDbg + * + */ +typedef struct _DEBUGGEE_BP_PACKET +{ + UINT64 Address; + UINT32 Pid; + UINT32 Tid; + UINT32 Core; + UINT32 Result; + +} DEBUGGEE_BP_PACKET, *PDEBUGGEE_BP_PACKET; + +/** + * @brief The structure of storing breakpoints + * + */ +typedef struct _DEBUGGEE_BP_DESCRIPTOR +{ + UINT64 BreakpointId; + LIST_ENTRY BreakpointsList; + BOOLEAN Enabled; + UINT64 Address; + UINT64 PhysAddress; + UINT32 Pid; + UINT32 Tid; + UINT32 Core; + UINT16 InstructionLength; + BYTE PreviousByte; + BOOLEAN SetRflagsIFBitOnMtf; + BOOLEAN AvoidReApplyBreakpoint; + +} DEBUGGEE_BP_DESCRIPTOR, *PDEBUGGEE_BP_DESCRIPTOR; + +/** + * @brief breakpoint modification types + * + */ +typedef enum _DEBUGGEE_BREAKPOINT_MODIFICATION_REQUEST +{ + + DEBUGGEE_BREAKPOINT_MODIFICATION_REQUEST_LIST_BREAKPOINTS, + DEBUGGEE_BREAKPOINT_MODIFICATION_REQUEST_ENABLE, + DEBUGGEE_BREAKPOINT_MODIFICATION_REQUEST_DISABLE, + DEBUGGEE_BREAKPOINT_MODIFICATION_REQUEST_CLEAR, + +} DEBUGGEE_BREAKPOINT_MODIFICATION_REQUEST; + +/** + * @brief The structure of breakpoint modification requests packet in HyperDbg + * + */ +typedef struct _DEBUGGEE_BP_LIST_OR_MODIFY_PACKET +{ + UINT64 BreakpointId; + DEBUGGEE_BREAKPOINT_MODIFICATION_REQUEST Request; + UINT32 Result; + +} DEBUGGEE_BP_LIST_OR_MODIFY_PACKET, *PDEBUGGEE_BP_LIST_OR_MODIFY_PACKET; + +/* ============================================================================================== + */ + +/** + * @brief Whether a jump is taken or not taken + * + */ +typedef enum _DEBUGGER_CONDITIONAL_JUMP_STATUS +{ + + DEBUGGER_CONDITIONAL_JUMP_STATUS_ERROR = 0, + DEBUGGER_CONDITIONAL_JUMP_STATUS_NOT_CONDITIONAL_JUMP, + DEBUGGER_CONDITIONAL_JUMP_STATUS_JUMP_IS_TAKEN, + DEBUGGER_CONDITIONAL_JUMP_STATUS_JUMP_IS_NOT_TAKEN, + +} DEBUGGER_CONDITIONAL_JUMP_STATUS; + +/* ============================================================================================== + */ + +/** + * @brief The structure of script packet in HyperDbg + * + */ +typedef struct _DEBUGGEE_SCRIPT_PACKET +{ + UINT32 ScriptBufferSize; + UINT32 ScriptBufferPointer; + BOOLEAN IsFormat; + UINT32 Result; + + // + // The script buffer is here + // + +} DEBUGGEE_SCRIPT_PACKET, *PDEBUGGEE_SCRIPT_PACKET; + +/* ============================================================================================== + */ + +/** + * @brief The structure of result of search packet in HyperDbg + * + */ +typedef struct _DEBUGGEE_RESULT_OF_SEARCH_PACKET +{ + UINT32 CountOfResults; + UINT32 Result; + +} DEBUGGEE_RESULT_OF_SEARCH_PACKET, *PDEBUGGEE_RESULT_OF_SEARCH_PACKET; + +/* ============================================================================================== + */ + +/** + * @brief Register Descriptor Structure to use in r command. + * + */ +typedef struct _DEBUGGEE_REGISTER_READ_DESCRIPTION +{ + UINT32 RegisterID; // the number is from REGS_ENUM + UINT64 Value; + UINT32 KernelStatus; + +} DEBUGGEE_REGISTER_READ_DESCRIPTION, *PDEBUGGEE_REGISTER_READ_DESCRIPTION; + +/* ============================================================================================== + */ diff --git a/old_delete/sdk_old/Headers/RequestStructures.h.go b/old_delete/sdk_old/Headers/RequestStructures.h.go new file mode 100644 index 000000000..aa13938b3 --- /dev/null +++ b/old_delete/sdk_old/Headers/RequestStructures.h.go @@ -0,0 +1,683 @@ +package Headers + +import "encoding/binary" + +var SIZEOF_DEBUGGER_READ_PAGE_TABLE_ENTRIES_DETAILS = binary.Size(DEBUGGER_READ_PAGE_TABLE_ENTRIES_DETAILS{}) + +type ( + DEBUGGER_READ_PAGE_TABLE_ENTRIES_DETAILS struct { + VirtualAddress uint64 + ProcessId uint32 + + Pml4eVirtualAddress uint64 + Pml4eValue uint64 + + PdpteVirtualAddress uint64 + PdpteValue uint64 + + PdeVirtualAddress uint64 + PdeValue uint64 + + PteVirtualAddress uint64 + PteValue uint64 + + KernelStatus uint32 + } + PDEBUGGER_READ_PAGE_TABLE_ENTRIES_DETAILS *DEBUGGER_READ_PAGE_TABLE_ENTRIES_DETAILS +) + +var SIZEOF_DEBUGGER_VA2PA_AND_PA2VA_COMMANDS = binary.Size(DEBUGGER_VA2PA_AND_PA2VA_COMMANDS{}) + +type ( + DEBUGGER_VA2PA_AND_PA2VA_COMMANDS struct { + VirtualAddress uint64 + PhysicalAddress uint64 + ProcessId uint32 + IsVirtual2Physical bool + KernelStatus uint32 + } + PDEBUGGER_VA2PA_AND_PA2VA_COMMANDS *DEBUGGER_VA2PA_AND_PA2VA_COMMANDS +) + +var SIZEOF_DEBUGGER_DT_COMMAND_OPTIONS = binary.Size(DEBUGGER_DT_COMMAND_OPTIONS{}) + +type ( + DEBUGGER_DT_COMMAND_OPTIONS struct { + TypeName *byte + SizeOfTypeName uint64 + Address uint64 + IsStruct bool + BufferAddress PVOID + TargetPid uint32 + AdditionalParameters *byte + } + PDEBUGGER_DT_COMMAND_OPTIONS *DEBUGGER_DT_COMMAND_OPTIONS +) + +type DEBUGGER_PREALLOC_COMMAND_TYPE byte + +const ( + DEBUGGER_PREALLOC_COMMAND_TYPE_MONITOR DEBUGGER_PREALLOC_COMMAND_TYPE = iota + DEBUGGER_PREALLOC_COMMAND_TYPE_THREAD_INTERCEPTION +) + +var SIZEOF_DEBUGGER_PREALLOC_COMMAND = binary.Size(DEBUGGER_PREALLOC_COMMAND{}) + +type ( + DEBUGGER_PREALLOC_COMMAND struct { + Type DEBUGGER_PREALLOC_COMMAND_TYPE + Count uint64 + KernelStatus uint32 + } + PDEBUGGER_PREALLOC_COMMAND *DEBUGGER_PREALLOC_COMMAND +) + +var SIZEOF_DEBUGGER_READ_MEMORY = binary.Size(DEBUGGER_READ_MEMORY{}) + +type DEBUGGER_READ_READING_TYPE byte + +const ( + READ_FROM_KERNEL DEBUGGER_READ_READING_TYPE = iota + READ_FROM_VMX_ROOT +) + +type DEBUGGER_READ_MEMORY_TYPE byte + +const ( + DEBUGGER_READ_PHYSICAL_ADDRESS DEBUGGER_READ_MEMORY_TYPE = iota + DEBUGGER_READ_VIRTUAL_ADDRESS +) + +type DEBUGGER_SHOW_MEMORY_STYLE byte + +const ( + DEBUGGER_SHOW_MEMORY_STYLE_bad DEBUGGER_SHOW_MEMORY_STYLE = iota + DEBUGGER_SHOW_COMMAND_DT = 1 + DEBUGGER_SHOW_COMMAND_DISASSEMBLE64 + DEBUGGER_SHOW_COMMAND_DISASSEMBLE32 + DEBUGGER_SHOW_COMMAND_DB + DEBUGGER_SHOW_COMMAND_DC + DEBUGGER_SHOW_COMMAND_DQ + DEBUGGER_SHOW_COMMAND_DD +) + +type ( + DEBUGGER_READ_MEMORY struct { + Pid uint32 // Read from cr3 of what process + Address uint64 + Size uint32 + MemoryType DEBUGGER_READ_MEMORY_TYPE + ReadingType DEBUGGER_READ_READING_TYPE + DtDetails PDEBUGGER_DT_COMMAND_OPTIONS + Style DEBUGGER_SHOW_MEMORY_STYLE // not used in local debugging + ReturnLength uint32 // not used in local debugging + KernelStatus uint32 // not used in local debugging + } + PDEBUGGER_READ_MEMORY *DEBUGGER_READ_MEMORY +) + +var SIZEOF_DEBUGGER_FLUSH_LOGGING_BUFFERS = binary.Size(DEBUGGER_FLUSH_LOGGING_BUFFERS{}) + +type ( + DEBUGGER_FLUSH_LOGGING_BUFFERS struct { + KernelStatus uint32 + CountOfMessagesThatSetAsReadFromVmxRoot uint32 + CountOfMessagesThatSetAsReadFromVmxNonRoot uint32 + } + PDEBUGGER_FLUSH_LOGGING_BUFFERS *DEBUGGER_FLUSH_LOGGING_BUFFERS +) + +var SIZEOF_DEBUGGER_TEST_QUERY_BUFFER = binary.Size(DEBUGGER_TEST_QUERY_BUFFER{}) + +type ( + DEBUGGER_TEST_QUERY_BUFFER struct { + RequestIndex uint32 + KernelStatus uint32 + } + PDEBUGGER_DEBUGGER_TEST_QUERY_BUFFER *DEBUGGER_TEST_QUERY_BUFFER +) + +var SIZEOF_DEBUGGER_PERFORM_KERNEL_TESTS = binary.Size(DEBUGGER_PERFORM_KERNEL_TESTS{}) + +type ( + DEBUGGER_PERFORM_KERNEL_TESTS struct { + KernelStatus uint32 + } + PDEBUGGER_PERFORM_KERNEL_TESTS *DEBUGGER_PERFORM_KERNEL_TESTS +) + +var SIZEOF_DEBUGGER_SEND_COMMAND_EXECUTION_FINISHED_SIGNAL = binary.Size(DEBUGGER_SEND_COMMAND_EXECUTION_FINISHED_SIGNAL{}) + +type ( + DEBUGGER_SEND_COMMAND_EXECUTION_FINISHED_SIGNAL struct { + KernelStatus uint32 + } + PDEBUGGER_SEND_COMMAND_EXECUTION_FINISHED_SIGNAL *DEBUGGER_SEND_COMMAND_EXECUTION_FINISHED_SIGNAL +) + +var SIZEOF_DEBUGGEE_KERNEL_AND_USER_TEST_INFORMATION = binary.Size(DEBUGGEE_KERNEL_AND_USER_TEST_INFORMATION{}) + +type ( + DEBUGGEE_KERNEL_AND_USER_TEST_INFORMATION struct { + Value uint64 + Tag [32]byte + } + PDEBUGGEE_KERNEL_AND_USER_TEST_INFORMATION *DEBUGGEE_KERNEL_AND_USER_TEST_INFORMATION +) + +var SIZEOF_DEBUGGEE_SEND_GENERAL_PACKET_FROM_DEBUGGEE_TO_DEBUGGER = binary.Size(DEBUGGEE_SEND_GENERAL_PACKET_FROM_DEBUGGEE_TO_DEBUGGER{}) + +type ( + DEBUGGEE_SEND_GENERAL_PACKET_FROM_DEBUGGEE_TO_DEBUGGER struct { + RequestedAction DEBUGGER_REMOTE_PACKET_REQUESTED_ACTION + LengthOfBuffer uint32 + PauseDebuggeeWhenSent bool + KernelResult uint32 + // The buffer for the general packet is here + } + PDEBUGGEE_SEND_GENERAL_PACKET_FROM_DEBUGGEE_TO_DEBUGGER *DEBUGGEE_SEND_GENERAL_PACKET_FROM_DEBUGGEE_TO_DEBUGGER +) + +var SIZEOF_DEBUGGER_SEND_USERMODE_MESSAGES_TO_DEBUGGER = binary.Size(DEBUGGER_SEND_USERMODE_MESSAGES_TO_DEBUGGER{}) + +type ( + DEBUGGER_SEND_USERMODE_MESSAGES_TO_DEBUGGER struct { + KernelStatus uint32 + Length uint32 + // Here is the messages + } + PDEBUGGER_SEND_USERMODE_MESSAGES_TO_DEBUGGER *DEBUGGER_SEND_USERMODE_MESSAGES_TO_DEBUGGER +) + +var SIZEOF_DEBUGGER_READ_AND_WRITE_ON_MSR = binary.Size(DEBUGGER_READ_AND_WRITE_ON_MSR{}) + +type DEBUGGER_MSR_ACTION_TYPE byte + +const ( + DEBUGGER_MSR_READ DEBUGGER_MSR_ACTION_TYPE = iota + DEBUGGER_MSR_WRITE +) + +type ( + DEBUGGER_READ_AND_WRITE_ON_MSR struct { + Msr uint64 // It's actually a 32-Bit value but let's not mess with a register + CoreNumber uint32 // specifies the core to execute wrmsr or read the msr + // (DEBUGGER_READ_AND_WRITE_ON_MSR_APPLY_ALL_CORES mean all + // the cores) + ActionType DEBUGGER_MSR_ACTION_TYPE // Detects whether user needs wrmsr or rdmsr + Value uint64 + } + PDEBUGGER_READ_AND_WRITE_ON_MSR *DEBUGGER_READ_AND_WRITE_ON_MSR +) + +var SIZEOF_DEBUGGER_EDIT_MEMORY = binary.Size(DEBUGGER_EDIT_MEMORY{}) + +type DEBUGGER_EDIT_MEMORY_TYPE byte + +const ( + EDIT_PHYSICAL_MEMORYDEBUGGER_EDIT_MEMORY_TYPE = iota + EDIT_VIRTUAL_MEMORY +) + +type DEBUGGER_EDIT_MEMORY_BYTE_SIZE byte + +const ( + EDIT_BYTE DEBUGGER_EDIT_MEMORY_BYTE_SIZE = iota + EDIT_DWORD + EDIT_QWORD +) + +type ( + DEBUGGER_EDIT_MEMORY struct { + Result uint32 // Result from kernel + Address uint64 // Target adddress to modify + ProcessId uint32 // specifies the process id + MemoryType DEBUGGER_EDIT_MEMORY_TYPE // Type of memory + ByteSize DEBUGGER_EDIT_MEMORY_BYTE_SIZE // Modification size + CountOf64Chunks uint32 + FinalStructureSize uint32 + KernelStatus uint32 // not used in local debugging + } + PDEBUGGER_EDIT_MEMORY *DEBUGGER_EDIT_MEMORY +) + +var SIZEOF_DEBUGGER_SEARCH_MEMORY = binary.Size(DEBUGGER_SEARCH_MEMORY{}) + +type DEBUGGER_SEARCH_MEMORY_TYPE byte + +const ( + SEARCH_PHYSICAL_MEMORY DEBUGGER_SEARCH_MEMORY_TYPE = iota + SEARCH_VIRTUAL_MEMORY + SEARCH_PHYSICAL_FROM_VIRTUAL_MEMORY +) + +type DEBUGGER_SEARCH_MEMORY_BYTE_SIZE byte + +const ( + SEARCH_BYTE DEBUGGER_SEARCH_MEMORY_BYTE_SIZE = iota + SEARCH_DWORD + SEARCH_QWORD +) + +type ( + DEBUGGER_SEARCH_MEMORY struct { + Address uint64 // Target adddress to start searching + Length uint64 // Length of bytes to search + ProcessId uint32 // specifies the process id + MemoryType DEBUGGER_SEARCH_MEMORY_TYPE // Type of memory + ByteSize DEBUGGER_SEARCH_MEMORY_BYTE_SIZE // Modification size + CountOf64Chunks uint32 + FinalStructureSize uint32 + } + PDEBUGGER_SEARCH_MEMORY *DEBUGGER_SEARCH_MEMORY +) + +var SIZEOF_DEBUGGER_HIDE_AND_TRANSPARENT_DEBUGGER_MODE = binary.Size(DEBUGGER_HIDE_AND_TRANSPARENT_DEBUGGER_MODE{}) + +type ( + DEBUGGER_HIDE_AND_TRANSPARENT_DEBUGGER_MODE struct { + IsHide bool + + CpuidAverage uint64 + CpuidStandardDeviation uint64 + CpuidMedian uint64 + + RdtscAverage uint64 + RdtscStandardDeviation uint64 + RdtscMedian uint64 + + TrueIfProcessIdAndFalseIfProcessName bool + ProcId uint32 + LengthOfProcessName uint32 // in the case of !hide name xxx, this parameter + // shows the length of xxx + + KernelStatus uint64 /* DEBUGGER_OPERATION_WAS_SUCCESSFUL , + DEBUGGER_ERROR_UNABLE_TO_HIDE_OR_UNHIDE_DEBUGGER + */ + } + PDEBUGGER_HIDE_AND_TRANSPARENT_DEBUGGER_MODE *DEBUGGER_HIDE_AND_TRANSPARENT_DEBUGGER_MODE +) + +var SIZEOF_DEBUGGER_PREPARE_DEBUGGEE = binary.Size(DEBUGGER_PREPARE_DEBUGGEE{}) + +type ( + DEBUGGER_PREPARE_DEBUGGEE struct { + PortAddress uint32 + Baudrate uint32 + NtoskrnlBaseAddress uint64 + Result uint32 // Result from the kernel + OsName [MAXIMUM_CHARACTER_FOR_OS_NAME]int8 + } + PDEBUGGER_PREPARE_DEBUGGEE *DEBUGGER_PREPARE_DEBUGGEE +) + +type ( + DEBUGGEE_CHANGE_CORE_PACKET struct { + NewCore uint32 + Result uint32 + } + PDEBUGGEE_CHANGE_CORE_PACKET *DEBUGGEE_CHANGE_CORE_PACKET +) + +var SIZEOF_DEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS = binary.Size(DEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS{}) + +type DEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS_ACTION_TYPE byte + +const ( + DEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS_ACTION_ATTACH DEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS_ACTION_TYPE = iota + DEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS_ACTION_DETACH + DEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS_ACTION_REMOVE_HOOKS + DEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS_ACTION_KILL_PROCESS + DEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS_ACTION_PAUSE_PROCESS + DEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS_ACTION_SWITCH_BY_PROCESS_OR_THREAD + DEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS_ACTION_QUERY_COUNT_OF_ACTIVE_DEBUGGING_THREADS +) + +type ( + DEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS struct { + IsStartingNewProcess bool + ProcessId uint32 + ThreadId uint32 + Is32Bit bool + IsPaused bool // used in switching to threads + Action DEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS_ACTION_TYPE + CountOfActiveDebuggingThreadsAndProcesses uint32 // used in showing the list of active threads/processes + Token uint64 + Result uint64 + } + PDEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS *DEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS +) + +var SIZEOF_DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS = binary.Size(DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS{}) + +type DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_TYPES byte + +const ( + DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_TYPES_bad DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_TYPES = iota + DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_QUERY_PROCESS_COUNT + DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_QUERY_THREAD_COUNT + DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_QUERY_PROCESS_LIST + DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_QUERY_THREAD_LIST + DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_QUERY_CURRENT_PROCESS + DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_QUERY_CURRENT_THREAD +) + +type DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_ACTIONS byte + +const ( + DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_ACTIONS_bad DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_ACTIONS = iota + DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_ACTION_SHOW_INSTANTLY + DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_ACTION_QUERY_COUNT + DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_ACTION_QUERY_SAVE_DETAILS +) + +type ( + DEBUGGEE_PROCESS_LIST_NEEDED_DETAILS struct { + PsActiveProcessHead uint64 // nt!PsActiveProcessHead + ImageFileNameOffset uint32 // nt!_EPROCESS.ImageFileName + UniquePidOffset uint32 // nt!_EPROCESS.UniqueProcessId + ActiveProcessLinksOffset uint32 // nt!_EPROCESS.ActiveProcessLinks + } + PDEBUGGEE_PROCESS_LIST_NEEDED_DETAILS *DEBUGGEE_PROCESS_LIST_NEEDED_DETAILS +) + +type ( + DEBUGGEE_THREAD_LIST_NEEDED_DETAILS struct { + ThreadListHeadOffset uint32 // nt!_EPROCESS.ThreadListHead + ThreadListEntryOffset uint32 // nt!_ETHREAD.ThreadListEntry + CidOffset uint32 // nt!_ETHREAD.Cid + PsActiveProcessHead uint64 // nt!PsActiveProcessHead + ActiveProcessLinksOffset uint32 // nt!_EPROCESS.ActiveProcessLinks + Process uint64 + } + PDEBUGGEE_THREAD_LIST_NEEDED_DETAILS *DEBUGGEE_THREAD_LIST_NEEDED_DETAILS +) + +type ( + DEBUGGEE_PROCESS_LIST_DETAILS_ENTRY struct { + Eprocess uint64 + Pid uint32 + Cr3 uint64 + ImageFileName [15 + 1]byte + } + PDEBUGGEE_PROCESS_LIST_DETAILS_ENTRY *DEBUGGEE_PROCESS_LIST_DETAILS_ENTRY +) + +type ( + DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS struct { + ProcessListNeededDetails DEBUGGEE_PROCESS_LIST_NEEDED_DETAILS + ThreadListNeededDetails DEBUGGEE_THREAD_LIST_NEEDED_DETAILS + QueryType DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_TYPES + QueryAction DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS_ACTIONS + Count uint32 + Result uint64 + } + PDEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS *DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS +) + +type ( + DEBUGGER_SINGLE_CALLSTACK_FRAME struct { + IsStackAddressValid bool + IsValidAddress bool + IsExecutable bool + Value uint64 + InstructionBytesOnRip [MAXIMUM_CALL_INSTR_SIZE]byte + } + PDEBUGGER_SINGLE_CALLSTACK_FRAME *DEBUGGER_SINGLE_CALLSTACK_FRAME +) + +var SIZEOF_DEBUGGER_CALLSTACK_REQUEST = binary.Size(DEBUGGER_CALLSTACK_REQUEST{}) + +type DEBUGGER_CALLSTACK_DISPLAY_METHOD byte + +const ( + DEBUGGER_CALLSTACK_DISPLAY_METHOD_WITHOUT_PARAMS DEBUGGER_CALLSTACK_DISPLAY_METHOD = iota + DEBUGGER_CALLSTACK_DISPLAY_METHOD_WITH_PARAMS +) + +type ( + DEBUGGER_CALLSTACK_REQUEST struct { + Is32Bit bool + KernelStatus uint32 + DisplayMethod DEBUGGER_CALLSTACK_DISPLAY_METHOD + Size uint32 + FrameCount uint32 + BaseAddress uint64 + BufferSize uint64 + // Here is the size of stack frames + } + PDEBUGGER_CALLSTACK_REQUEST *DEBUGGER_CALLSTACK_REQUEST +) + +var SIZEOF_USERMODE_DEBUGGING_THREAD_OR_PROCESS_STATE_DETAILS = binary.Size(USERMODE_DEBUGGING_THREAD_OR_PROCESS_STATE_DETAILS{}) + +type ( + USERMODE_DEBUGGING_THREAD_OR_PROCESS_STATE_DETAILS struct { + ProcessId uint32 + ThreadId uint32 + IsProcess bool + } + PUSERMODE_DEBUGGING_THREAD_OR_PROCESS_STATE_DETAILS *USERMODE_DEBUGGING_THREAD_OR_PROCESS_STATE_DETAILS +) + +type ( + DEBUGGER_EVENT_ACTION_RUN_SCRIPT_CONFIGURATION struct { + ScriptBuffer uint64 + ScriptLength uint32 + ScriptPointer uint32 + OptionalRequestedBufferSize uint32 + } + PDEBUGGER_EVENT_ACTION_RUN_SCRIPT_CONFIGURATION *DEBUGGER_EVENT_ACTION_RUN_SCRIPT_CONFIGURATION +) + +type ( + DEBUGGER_EVENT_REQUEST_BUFFER struct { + EnabledRequestBuffer bool + RequestBufferSize uint32 + RequstBufferAddress uint64 + } + PDEBUGGER_EVENT_REQUEST_BUFFER *DEBUGGER_EVENT_REQUEST_BUFFER +) + +type ( + DEBUGGER_EVENT_REQUEST_CUSTOM_CODE struct { + CustomCodeBufferSize uint32 + CustomCodeBufferAddress PVOID + OptionalRequestedBufferSize uint32 + } + PDEBUGGER_EVENT_REQUEST_CUSTOM_CODE *DEBUGGER_EVENT_REQUEST_CUSTOM_CODE +) +type DEBUGGER_UD_COMMAND_ACTION_TYPE byte + +const ( + DEBUGGER_UD_COMMAND_ACTION_TYPE_NONE DEBUGGER_UD_COMMAND_ACTION_TYPE = iota + DEBUGGER_UD_COMMAND_ACTION_TYPE_PAUSE + DEBUGGER_UD_COMMAND_ACTION_TYPE_CONTINUE + DEBUGGER_UD_COMMAND_ACTION_TYPE_REGULAR_STEP +) + +type ( + DEBUGGER_UD_COMMAND_ACTION struct { + ActionType DEBUGGER_UD_COMMAND_ACTION_TYPE + OptionalParam1 uint64 + OptionalParam2 uint64 + OptionalParam3 uint64 + OptionalParam4 uint64 + } + PDEBUGGER_UD_COMMAND_ACTION *DEBUGGER_UD_COMMAND_ACTION +) + +type ( + DEBUGGER_UD_COMMAND_PACKET struct { + UdAction DEBUGGER_UD_COMMAND_ACTION + ProcessDebuggingDetailToken uint64 + TargetThreadId uint32 + ApplyToAllPausedThreads bool + Result uint32 + } + PDEBUGGER_UD_COMMAND_PACKET *DEBUGGER_UD_COMMAND_PACKET +) +type DEBUGGEE_DETAILS_AND_SWITCH_PROCESS_TYPE byte + +const ( + DEBUGGEE_DETAILS_AND_SWITCH_PROCESS_GET_PROCESS_DETAILS DEBUGGEE_DETAILS_AND_SWITCH_PROCESS_TYPE = iota + DEBUGGEE_DETAILS_AND_SWITCH_PROCESS_GET_PROCESS_LIST + DEBUGGEE_DETAILS_AND_SWITCH_PROCESS_PERFORM_SWITCH +) + +type ( + DEBUGGEE_DETAILS_AND_SWITCH_PROCESS_PACKET struct { + ActionType DEBUGGEE_DETAILS_AND_SWITCH_PROCESS_TYPE + ProcessId uint32 + Process uint64 + IsSwitchByClkIntr bool + ProcessName [16]byte + ProcessListSymDetails DEBUGGEE_PROCESS_LIST_NEEDED_DETAILS + Result uint32 + } + PDEBUGGEE_DETAILS_AND_SWITCH_PROCESS_PACKET *DEBUGGEE_DETAILS_AND_SWITCH_PROCESS_PACKET +) + +var SIZEOF_DEBUGGEE_DETAILS_AND_SWITCH_PROCESS_PACKET = binary.Size(DEBUGGEE_DETAILS_AND_SWITCH_PROCESS_PACKET{}) + +type DEBUGGEE_DETAILS_AND_SWITCH_THREAD_TYPE byte + +const ( + DEBUGGEE_DETAILS_AND_SWITCH_THREAD_PERFORM_SWITCH DEBUGGEE_DETAILS_AND_SWITCH_THREAD_TYPE = iota + DEBUGGEE_DETAILS_AND_SWITCH_THREAD_GET_THREAD_DETAILS + DEBUGGEE_DETAILS_AND_SWITCH_THREAD_GET_THREAD_LIST +) + +type ( + DEBUGGEE_DETAILS_AND_SWITCH_THREAD_PACKET struct { + ActionType DEBUGGEE_DETAILS_AND_SWITCH_THREAD_TYPE + ThreadId uint32 + ProcessId uint32 + Thread uint64 + Process uint64 + CheckByClockInterrupt bool + ProcessName [16]byte + ThreadListSymDetails DEBUGGEE_THREAD_LIST_NEEDED_DETAILS + Result uint32 + } + PDEBUGGEE_DETAILS_AND_SWITCH_THREAD_PACKET *DEBUGGEE_DETAILS_AND_SWITCH_THREAD_PACKET +) + +var SIZEOF_DEBUGGEE_DETAILS_AND_SWITCH_THREAD_PACKET = binary.Size(DEBUGGEE_DETAILS_AND_SWITCH_THREAD_PACKET{}) + +type DEBUGGER_REMOTE_STEPPING_REQUEST byte + +const ( + DEBUGGER_REMOTE_STEPPING_REQUEST_STEP_OVER DEBUGGER_REMOTE_STEPPING_REQUEST = iota + DEBUGGER_REMOTE_STEPPING_REQUEST_STEP_IN + DEBUGGER_REMOTE_STEPPING_REQUEST_INSTRUMENTATION_STEP_IN +) + +type ( + DEBUGGEE_STEP_PACKET struct { + StepType DEBUGGER_REMOTE_STEPPING_REQUEST + // Only in the case of call instructions + // the 'p' command + IsCurrentInstructionACall bool + CallLength uint32 + } + PDEBUGGEE_STEP_PACKET *DEBUGGEE_STEP_PACKET +) + +type ( + DEBUGGEE_FORMATS_PACKET struct { + Value uint64 + Result uint32 + } + PDEBUGGEE_FORMATS_PACKET *DEBUGGEE_FORMATS_PACKET +) + +type ( + DEBUGGEE_SYMBOL_REQUEST_PACKET struct { + ProcessId uint32 + } + PDEBUGGEE_SYMBOL_REQUEST_PACKET *DEBUGGEE_SYMBOL_REQUEST_PACKET +) + +type ( + DEBUGGEE_BP_PACKET struct { + Address uint64 + Pid uint32 + Tid uint32 + Core uint32 + Result uint32 + } + PDEBUGGEE_BP_PACKET *DEBUGGEE_BP_PACKET +) + +type ( + DEBUGGEE_BP_DESCRIPTOR struct { + BreakpointId uint64 + // BreakpointsList LIST_ENTRY //todo can use list.list ? + Enabled bool + Address uint64 + PhysAddress uint64 + Pid uint32 + Tid uint32 + Core uint32 + InstructionLength uint16 + PreviousByte byte + SetRflagsIFBitOnMtf bool + AvoidReApplyBreakpoint bool + } + PDEBUGGEE_BP_DESCRIPTOR *DEBUGGEE_BP_DESCRIPTOR +) +type DEBUGGEE_BREAKPOINT_MODIFICATION_REQUEST byte + +const ( + DEBUGGEE_BREAKPOINT_MODIFICATION_REQUEST_LIST_BREAKPOINTS DEBUGGEE_BREAKPOINT_MODIFICATION_REQUEST = iota + DEBUGGEE_BREAKPOINT_MODIFICATION_REQUEST_ENABLE + DEBUGGEE_BREAKPOINT_MODIFICATION_REQUEST_DISABLE + DEBUGGEE_BREAKPOINT_MODIFICATION_REQUEST_CLEAR +) + +type ( + DEBUGGEE_BP_LIST_OR_MODIFY_PACKET struct { + BreakpointId uint64 + Request DEBUGGEE_BREAKPOINT_MODIFICATION_REQUEST + Result uint32 + } + PDEBUGGEE_BP_LIST_OR_MODIFY_PACKET *DEBUGGEE_BP_LIST_OR_MODIFY_PACKET +) + +type DEBUGGER_CONDITIONAL_JUMP_STATUS byte + +const ( + DEBUGGER_CONDITIONAL_JUMP_STATUS_ERROR DEBUGGER_CONDITIONAL_JUMP_STATUS = iota + DEBUGGER_CONDITIONAL_JUMP_STATUS_NOT_CONDITIONAL_JUMP + DEBUGGER_CONDITIONAL_JUMP_STATUS_JUMP_IS_TAKEN + DEBUGGER_CONDITIONAL_JUMP_STATUS_JUMP_IS_NOT_TAKEN +) + +type ( + DEBUGGEE_SCRIPT_PACKET struct { + ScriptBufferSize uint32 + ScriptBufferPointer uint32 + IsFormat bool + Result uint32 + // The script buffer is here + } + PDEBUGGEE_SCRIPT_PACKET *DEBUGGEE_SCRIPT_PACKET +) + +type ( + DEBUGGEE_RESULT_OF_SEARCH_PACKET struct { + CountOfResults uint32 + Result uint32 + } + PDEBUGGEE_RESULT_OF_SEARCH_PACKET *DEBUGGEE_RESULT_OF_SEARCH_PACKET +) + +type ( + DEBUGGEE_REGISTER_READ_DESCRIPTION struct { + RegisterID uint32 // the number is from REGS_ENUM + Value uint64 + KernelStatus uint32 + } + PDEBUGGEE_REGISTER_READ_DESCRIPTION *DEBUGGEE_REGISTER_READ_DESCRIPTION +) diff --git a/old_delete/sdk_old/Headers/Symbols.h b/old_delete/sdk_old/Headers/Symbols.h new file mode 100644 index 000000000..6152de43d --- /dev/null +++ b/old_delete/sdk_old/Headers/Symbols.h @@ -0,0 +1,101 @@ +/** + * @file Symbols.h + * @author Sina Karvandi (sina@hyperdbg.org) + * @brief HyperDbg's SDK Header Files For Symbol Parsing + * @details This file contains definitions of symbol parsers + * @version 0.2 + * @date 2022-06-24 + * + * @copyright This project is released under the GNU Public License v3. + * + */ +#pragma once + +////////////////////////////////////////////////// +// Symbols Details // +////////////////////////////////////////////////// + +/** + * @brief structures for sending and saving details + * about each module and symbols details + * + */ +typedef struct _MODULE_SYMBOL_DETAIL +{ + BOOLEAN IsSymbolDetailsFound; // TRUE if the details of symbols found, FALSE if not found + BOOLEAN IsLocalSymbolPath; // TRUE if the ModuleSymbolPath is a real path + // and FALSE if ModuleSymbolPath is just a module name + BOOLEAN IsSymbolPDBAvaliable; // TRUE if the module's pdb is avilable(if exists in the sympath) + BOOLEAN IsUserMode; // TRUE if the module is a user-mode module + UINT64 BaseAddress; + char FilePath[MAX_PATH]; + char ModuleSymbolPath[MAX_PATH]; + char ModuleSymbolGuidAndAge[MAXIMUM_GUID_AND_AGE_SIZE]; + +} MODULE_SYMBOL_DETAIL, *PMODULE_SYMBOL_DETAIL; + +typedef struct _USERMODE_LOADED_MODULE_SYMBOLS +{ + UINT64 BaseAddress; + UINT64 Entrypoint; + wchar_t FilePath[MAX_PATH]; + +} USERMODE_LOADED_MODULE_SYMBOLS, *PUSERMODE_LOADED_MODULE_SYMBOLS; + +typedef struct _USERMODE_LOADED_MODULE_DETAILS +{ + UINT32 ProcessId; + BOOLEAN OnlyCountModules; + UINT32 ModulesCount; + UINT32 Result; + + // + // Here is a list of USERMODE_LOADED_MODULE_SYMBOLS (appended) + // + +} USERMODE_LOADED_MODULE_DETAILS, *PUSERMODE_LOADED_MODULE_DETAILS; + +/** + * @brief Callback type that should be used to add + * list of Addresses to ObjectNames + * + */ +typedef VOID (*SymbolMapCallback)(UINT64 Address, char * ModuleName, char * ObjectName, unsigned int ObjectSize); + +/** + * @brief request to add new symbol detail or update a previous + * symbol table entry + * + */ +typedef struct _DEBUGGER_UPDATE_SYMBOL_TABLE +{ + UINT32 TotalSymbols; + UINT32 CurrentSymbolIndex; + MODULE_SYMBOL_DETAIL SymbolDetailPacket; + +} DEBUGGER_UPDATE_SYMBOL_TABLE, *PDEBUGGER_UPDATE_SYMBOL_TABLE; + +/** + * @brief check so the DEBUGGER_UPDATE_SYMBOL_TABLE should be smaller than packet size + * + */ +static_assert(sizeof(DEBUGGER_UPDATE_SYMBOL_TABLE) < PacketChunkSize, + "err (static_assert), size of PacketChunkSize should be bigger than DEBUGGER_UPDATE_SYMBOL_TABLE (MODULE_SYMBOL_DETAIL)"); + +/* +============================================================================================== + */ + +/** + * @brief request that shows, symbol reload process is finished + * + */ +typedef struct _DEBUGGEE_SYMBOL_UPDATE_RESULT +{ + UINT64 KernelStatus; // Kerenl put the status in this field + +} DEBUGGEE_SYMBOL_UPDATE_RESULT, *PDEBUGGEE_SYMBOL_UPDATE_RESULT; + +/* +============================================================================================== + */ diff --git a/old_delete/sdk_old/Headers/Symbols.h.go b/old_delete/sdk_old/Headers/Symbols.h.go new file mode 100644 index 000000000..f4c8a0840 --- /dev/null +++ b/old_delete/sdk_old/Headers/Symbols.h.go @@ -0,0 +1,65 @@ +package Headers + +import ( + "encoding/binary" +) + +type ( + MODULE_SYMBOL_DETAIL struct { + IsSymbolDetailsFound bool // TRUE if the details of symbols found, FALSE if not found + IsLocalSymbolPath bool // TRUE if the ModuleSymbolPath is a real path + // and FALSE if ModuleSymbolPath is just a module name + IsSymbolPDBAvaliable bool // TRUE if the module's pdb is avilable(if exists in the sympath) + IsUserMode bool // TRUE if the module is a user-mode module + BaseAddress uint64 + FilePath [MAX_PATH]int8 + ModuleSymbolPath [MAX_PATH]int8 + ModuleSymbolGuidAndAge [MAXIMUM_GUID_AND_AGE_SIZE]int8 + } + PMODULE_SYMBOL_DETAIL *MODULE_SYMBOL_DETAIL +) + +type ( + USERMODE_LOADED_MODULE_SYMBOLS struct { + BaseAddress uint64 + Entrypoint uint64 + FilePath [MAX_PATH]rune + } + PUSERMODE_LOADED_MODULE_SYMBOLS *USERMODE_LOADED_MODULE_SYMBOLS +) + +type ( + USERMODE_LOADED_MODULE_DETAILS struct { + ProcessId uint32 + OnlyCountModules bool + ModulesCount uint32 + Result uint32 + // Here is a list of USERMODE_LOADED_MODULE_SYMBOLS (appended) + } + PUSERMODE_LOADED_MODULE_DETAILS *USERMODE_LOADED_MODULE_DETAILS +) + +type SymbolMapCallback func(Address uint64, ModuleName, ObjectName *int8, ObjectSize uint) + +type ( + DEBUGGER_UPDATE_SYMBOL_TABLE struct { + TotalSymbols uint32 + CurrentSymbolIndex uint32 + SymbolDetailPacket MODULE_SYMBOL_DETAIL + } + PDEBUGGER_UPDATE_SYMBOL_TABLE *DEBUGGER_UPDATE_SYMBOL_TABLE +) + +// mock static_assert +func init() { + if binary.Size(DEBUGGER_UPDATE_SYMBOL_TABLE{}) < PacketChunkSize { + // mylog.Check("err (static_assert), size of PacketChunkSize should be bigger than DEBUGGER_UPDATE_SYMBOL_TABLE (MODULE_SYMBOL_DETAIL)") + } +} + +type ( + DEBUGGEE_SYMBOL_UPDATE_RESULT struct { + KernelStatus uint64 + } + PDEBUGGEE_SYMBOL_UPDATE_RESULT *DEBUGGEE_SYMBOL_UPDATE_RESULT +) diff --git a/old_delete/sdk_old/old_delete/sdk_windows.go b/old_delete/sdk_old/old_delete/sdk_windows.go new file mode 100644 index 000000000..572dd1047 --- /dev/null +++ b/old_delete/sdk_old/old_delete/sdk_windows.go @@ -0,0 +1,151 @@ +package sdk + +import ( + "syscall" + "time" + + "github.com/ddkwork/app/ms/hardwareIndo" + "github.com/ddkwork/golibrary/mylog" + "github.com/ddkwork/golibrary/stream/bitfield" +) + +type ( + Interface interface { + LoadVmm() (ok bool) + UnLoadVmm() (ok bool) + VmxSupportDetection() (ok bool) + ReadIrpBasedBuffer() (ok bool) + } + object struct{ handle syscall.Handle } +) + +func (o *object) ReadIrpBasedBuffer() (ok bool) { + if !o.Handle() { + return + } + outBuffer := make([]byte, UsermodeBufferSize) + time.Sleep(DefaultSpeedOfReadingKernelMessages) // need seasoned ? + OperationCode := 0 + mylog.Check(syscall.DeviceIoControl( + o.handle, + IOCTL_REGISTER_EVENT, + // RegisterEvent + nil, + 0, + nil, + 0, + nil, + nil, + )) + // copy() + switch OperationCode { + case OPERATION_LOG_NON_IMMEDIATE_MESSAGE: + case OPERATION_LOG_INFO_MESSAGE: + case OPERATION_LOG_ERROR_MESSAGE: + case OPERATION_LOG_WARNING_MESSAGE: + case OPERATION_COMMAND_FROM_DEBUGGER_CLOSE_AND_UNLOAD_VMM: + case OPERATION_DEBUGGEE_USER_INPUT: + case OPERATION_DEBUGGEE_REGISTER_EVENT: + case OPERATION_DEBUGGEE_ADD_ACTION_TO_EVENT: + case OPERATION_DEBUGGEE_CLEAR_EVENTS: + case OPERATION_HYPERVISOR_DRIVER_IS_SUCCESSFULLY_LOADED: + case OPERATION_HYPERVISOR_DRIVER_END_OF_IRPS: + case OPERATION_COMMAND_FROM_DEBUGGER_RELOAD_SYMBOL: + case OPERATION_NOTIFICATION_FROM_USER_DEBUGGER_PAUSE: + default: + outBuffer = outBuffer[:0] + return mylog.Check(syscall.CloseHandle(o.handle)) + } + return true +} + +func New() Interface { return &object{} } + +func (o *object) VmxSupportDetection() (ok bool) { + /* + if (g_DeviceHandle){ + ShowMessages("handle of the driver found, if you use 'load' before, please " + "unload it using 'unload'\n"); + return 1; + } + */ + hard := hardwareIndo.New() + if !hard.CpuInfo.Get() { + return + } + if hard.CpuInfo.Vendor != "GenuineIntel" { + mylog.Check("this program is not designed to run in a non-VT-x environemnt !") + } + mylog.Info("", "virtualization technology is vt-x") + field := bitfield.NewFromUint32(hard.CpuInfo.Cpu1.Ecx) + if !field.Test(5) { + mylog.Check("vmx operation is not supported by your processor") + } + mylog.Info("", "vmx operation is supported by your processor") + return true +} + +func (o *object) DeviceName() string { return "HyperdbgHypervisorDevice" } +func (o *object) LinkName() (*uint16, error) { + return syscall.UTF16PtrFromString(`\\\\.\\` + o.DeviceName()) +} + +func (o *object) Handle() (ok bool) { + if o.handle != syscall.InvalidHandle { + return true //? + } + name := mylog.Check2(o.LinkName()) + handle := mylog.Check2(syscall.CreateFile( + name, + syscall.GENERIC_READ|syscall.GENERIC_WRITE, + syscall.FILE_SHARE_READ|syscall.FILE_SHARE_WRITE, + nil, + syscall.OPEN_EXISTING, + syscall.FILE_ATTRIBUTE_NORMAL|syscall.FILE_FLAG_OVERLAPPED, + 0, + )) + + if handle == syscall.InvalidHandle { + mylog.Check("handle == syscall.InvalidHandle") + } + o.handle = handle + return true +} + +func (o *object) LoadVmm() (ok bool) { + if !o.VmxSupportDetection() { + return + } + // g_IsVmxOffProcessStart = FALSE; + if !o.Handle() { + return + } + go func() { + o.ReadIrpBasedBuffer() + //select { + //} + }() + return true + // l := list.New() //InitializeListHead(&g_EventTrace); + // ntdll := syscall.NewLazyDLL("ntdll.dll") + // ntCreateThread := ntdll.NewProc("NtCreateThread") +} + +func (o *object) UnLoadVmm() (ok bool) { + mylog.Info("", "start terminating...") + // remove list ? UdUninitializeUserDebugger(); + if !o.Handle() { + return + } + mylog.Check(syscall.DeviceIoControl( + o.handle, + IOCTL_TERMINATE_VMX, + nil, + 0, + nil, + 0, + nil, + nil, + )) + return true +} diff --git a/old_delete/sdk_old/old_delete/sdk_windows_test.go b/old_delete/sdk_old/old_delete/sdk_windows_test.go new file mode 100644 index 000000000..7e7facc22 --- /dev/null +++ b/old_delete/sdk_old/old_delete/sdk_windows_test.go @@ -0,0 +1,45 @@ +package sdk_test + +import ( + _ "embed" + "io/fs" + "path/filepath" + "strconv" + "strings" + "testing" + + "github.com/ddkwork/golibrary/stream" +) + +func TestXmake(t *testing.T) { + targets := stream.NewBuffer("") + targets.WriteStringLn("add_rules(\"mode.debug\", \"mode.release\")\n") + filepath.WalkDir("./HyperDbgDev", func(path string, info fs.DirEntry, err error) error { + ext := filepath.Ext(path) + if ext == ".vcxproj" { + if !strings.Contains(path, "dependencies") { + project := filepath.Base(filepath.Dir(path)) + // println(project) + // cl /analyze /d1Aprintast *.cpp > 1.ast + ast := stream.MakeCommandArg("/analyze", "/d1Aprintast", ">", project+".ast") + println(ast) + + s := stream.NewBuffer("") + s.WriteStringLn("--" + filepath.Dir(path)) + s.WriteStringLn("target(" + strconv.Quote(project) + ")") + if strings.Contains(path, "hyperdbg-cli") { + s.WriteStringLn("set_kind(\"binary\")") + } else { + s.WriteStringLn("set_kind(\"static\")") + } + s.WriteStringLn("add_headerfiles()") + s.WriteStringLn("add_files()") + s.WriteStringLn("add_includedirs(\"\", { public = true })") + s.WriteStringLn("add_deps()") + targets.WriteStringLn(s.String()) + } + } + return err + }) + // stream.WriteTruncate("./HyperDbgDev/xmake.lua", targets.String()) +} diff --git a/old_delete/sdk_old/old_delete/uint_test.go b/old_delete/sdk_old/old_delete/uint_test.go new file mode 100644 index 000000000..86ad64799 --- /dev/null +++ b/old_delete/sdk_old/old_delete/uint_test.go @@ -0,0 +1,65 @@ +package sdk + +import ( + "strings" + "testing" + + "github.com/ddkwork/golibrary/stream" +) + +func TestCpp2Go(t *testing.T) { + //cpp2go.New().RemoveComment("HyperDbgDev/hyperdbg") + //return + //o := cpp2go.New() + //object := o.Src("./HyperDbgDev/hyperdbg"). + // Dst("binding"). + // ExpandPath("miscellaneous\\constants", ".txt"). + // Back() + //if object == nil { + // return + //} + //o.Convert() + //o.String() +} + +/* +mkdir cc +cd cc +git clone --recursive https://github.com/vlang/v.git +git clone --recursive https://github.com/goplus/c2go.git +git clone --recursive https://gitlab.com/cznic/builder +git clone --recursive https://gitlab.com/cznic/ccgo +git clone --recursive https://gitlab.com/cznic/cc +git clone --recursive https://gitlab.com/cznic/memory +git clone --recursive https://gitlab.com/cznic/sqlite +git clone --recursive https://gitlab.com/cznic/ql +git clone --recursive https://gitlab.com/cznic/libc +git clone --recursive https://gitlab.com/cznic/gc +git clone --recursive https://gitlab.com/cznic/parser +git clone --recursive -b dev https://github.com/HyperDbg/HyperDbg.git +git clone --recursive https://github.com/vlang/tccbin/tree/thirdparty-windows-amd64 +*/ + +/* +uname -a +sudo pacman -S linux-headers +sudo pacman -S linux515-headers +yay -S vmware-workstation +sudo modprobe -a vmw_vmci vmmon +sudo systemctl enable vmware-networks.service +sudo systemctl start vmware-networks.service +sudo pacman -Sy open-vm-tools +*/ +func TestName(t *testing.T) { + run := stream.RunCommand("uname -a") + split := strings.Split(run.Result, " ") + s := split[2] + before, _, found := strings.Cut(s, "-") + if !found { + return + } + index := strings.LastIndex(before, ".") + before = before[:index] + before = strings.ReplaceAll(before, ".", "") + stream.RunCommand(`sudo pacman -Sy linux` + before + `-headers`) +} diff --git a/upLib.cmd b/upLib.cmd index 29a06e576..92b3b70c2 100644 --- a/upLib.cmd +++ b/upLib.cmd @@ -1 +1,2 @@ -go get github.com/ddkwork/app@bd28c7f7b73942e5ba4c6c7f7cc682e41870ea6b +go get github.com/ddkwork/app@df6a2637531300d8832b4c9db420e331ad3b2090 +pause \ No newline at end of file