test (test functionalities)

Description of the 'test' command in HyperDbg.

Command

test

Syntax

test [Task (string)]

Description

Tests the functionalities of HyperDbg in the running system.

Parameters

[Task (string)]

Different options are used mostly for debugging the internal mechanisms of HyperDbg.

Option

Description

Examples

The following command shows how to check all the test-cases.

The following command shows the 'lock' state of each core.

The following command shows the state of pool allocation.

The following command is used to turn OFF/ON the breakpoint (#BP) interception.

The following command is used to turn OFF/ON the debug break (#DB) interception.

The following command shows the state of simultaneously debugging threads that HyperDbg sets the trap flag on them.

IOCTL

None

Remarks

Each time the connection to the debugger is restarted, the breakpoint interception and debug break interception are activated.

Requirements

None

Previousoutput (create output source for event forwarding)Nextsettings (configures different options and preferences)

Last updated 1 year ago

0: kHyperDbg> test query ================================================ Debugging Lock Info ================================================ (04:32:04.709 - core : 0 - vmx-root? yes) [+] Information (KdQuerySystemState:1603) | Core : 0 is locked (04:32:04.709 - core : 0 - vmx-root? yes) [+] Information (KdQuerySystemState:1603) | Core : 1 is locked (04:32:04.709 - core : 0 - vmx-root? yes) [+] Information (KdQuerySystemState:1603) | Core : 2 is locked (04:32:04.709 - core : 0 - vmx-root? yes) [+] Information (KdQuerySystemState:1603) | Core : 3 is locked (04:32:04.709 - core : 0 - vmx-root? yes) [+] Information (KdQuerySystemState:1603) | Core : 4 is locked (04:32:04.709 - core : 0 - vmx-root? yes) [+] Information (KdQuerySystemState:1603) | Core : 5 is locked ================================================ NMI Receiver State =======+========================================= (04:32:04.709 - core : 0 - vmx-root? yes) [+] Information (KdQuerySystemState:1625) | Core : 0 - not called from an NMI handler (through the immediate VM-exit mechanism) (04:32:04.709 - core : 0 - vmx-root? yes) [+] Information (KdQuerySystemState:1625) | Core : 1 - not called from an NMI handler (through the immediate VM-exit mechanism) (04:32:04.709 - core : 0 - vmx-root? yes) [+] Information (KdQuerySystemState:1625) | Core : 2 - not called from an NMI handler (through the immediate VM-exit mechanism) (04:32:04.709 - core : 0 - vmx-root? yes) [+] Information (KdQuerySystemState:1625) | Core : 3 - not called from an NMI handler (through the immediate VM-exit mechanism) (04:32:04.709 - core : 0 - vmx-root? yes) [+] Information (KdQuerySystemState:1625) | Core : 4 - not called from an NMI handler (through the immediate VM-exit mechanism) (04:32:04.709 - core : 0 - vmx-root? yes) [+] Information (KdQuerySystemState:1625) | Core : 5 - not called from an NMI handler (through the immediate VM-exit mechanism)

0: kHyperDbg> test pool (04:32:04.709 - core : 0 - vmx-root? yes) [+] Information (PoolManagerShowPreAllocatedPools:218) | Pool details, Pool intention: 4 | Pool address: ffffc1059fdd1cc0 | Pool state: free | Should be freed: false | Already freed: false (04:32:04.709 - core : 0 - vmx-root? yes) [+] Information (PoolManagerShowPreAllocatedPools:218) | Pool details, Pool intention: 4 | Pool address: ffffc1059fdd1f00 | Pool state: free | Should be freed: false | Already freed: false (04:32:04.709 - core : 0 - vmx-root? yes) [+] Information (PoolManagerShowPreAllocatedPools:218) | Pool details, Pool intention: 4 | Pool address: ffffc1059fdd1b40 | Pool state: free | Should be freed: false | Already freed: false ...

0: kHyperDbg> test breakpoint on breakpoint interception (#BP) is activated 0: kHyperDbg> test breakpoint off breakpoint interception (#BP) is deactivated from now, the breakpoints will be re-injected into the guest debuggee

0: kHyperDbg> test breakpoint on debug break interception (#DB) is activated 4: kHyperDbg> test trap off debug break interception (#DB) is deactivated from now, the debug breaks will be re-injected into the guest debuggee

0: kHyperDbg> test trap-status (01:14:17.385 - core : 0 - vmx-root? yes) [+] Information (KdQueryRflagTrapState:1568) | Number of valid entries: 0x0 (Please be aware that only top 0x0 items are considered valid. There could be other items present in the array, but they are not valid.) (01:14:17.385 - core : 0 - vmx-root? yes) [+] Information (KdQueryRflagTrapState:1575) | g_TrapFlagState.ThreadInformation[0].ProcessId = 0 | ThreadId = 0 (01:14:17.385 - core : 0 - vmx-root? yes) [+] Information (KdQueryRflagTrapState:1575) | g_TrapFlagState.ThreadInformation[1].ProcessId = 0 | ThreadId = 0 (01:14:17.385 - core : 0 - vmx-root? yes) [+] Information (KdQueryRflagTrapState:1575) | g_TrapFlagState.ThreadInformation[2].ProcessId = 0 | ThreadId = 0 (01:14:17.385 - core : 0 - vmx-root? yes) [+] Information (KdQueryRflagTrapState:1575) | g_TrapFlagState.ThreadInformation[3].ProcessId = 0 | ThreadId = 0 (01:14:17.385 - core : 0 - vmx-root? yes) [+] Information (KdQueryRflagTrapState:1575) | g_TrapFlagState.ThreadInformation[4].ProcessId = 0 | ThreadId = 0 (01:14:17.385 - core : 0 - vmx-root? yes) [+] Information (KdQueryRflagTrapState:1575) | g_TrapFlagState.ThreadInformation[5].ProcessId = 0 | ThreadId = 0 (01:14:17.385 - core : 0 - vmx-root? yes) [+] Information (KdQueryRflagTrapState:1575) | g_TrapFlagState.ThreadInformation[6].ProcessId = 0 | ThreadId = 0

Command

Syntax

Description

Parameters

Examples

IOCTL

Remarks

Requirements

Related

Command

Syntax

Description

Parameters

Examples

IOCTL

Remarks

Requirements

Related