t (step-in)
Description of the 't' command in HyperDbg.
Last updated
Description of the 't' command in HyperDbg.
Last updated
t
tr
t
t [Count (hex)]
tr
tr [Count (hex)]
Executes a single instruction (step-in) and optionally displays the resulting values of all registers and flags.
The difference between this command and the '' command is that, in the '' command, no other cores and other threads find a chance to be executed during the stepping process; the system is fully halted, and only the current core will execute just one instruction and halts again. However, in this command, all the threads and cores are continued until an instruction in the target thread is executed. This command won't follow the execution between different rings.
[Count (hex)] (optional)
Count of step(s), or how many times perform the stepping operation. If you don't set this argument, then by default, the Count is 1.
If you want to step-in one instruction.
If you want to step-in one instruction and view the registers.
If you want to step-in for 5 instructions.
To step through the instruction (regular step-in), you need to use the following function in libhyperdbg:
This command will set a trap flag in debuggee and continue all the cores. After executing one instruction, it halts the debuggee again.
If the currently executing instruction is a call instruction, it will follow and enter the call instruction.
All cores and threads (except the currently executing thread) find a chance to be executed between each step in this type of stepping.
None
If you load symbols and you don't want to see function names, you turn addressconversion off in the '' command.