unload (unload the kernel modules)

Description of the 'unload' command in HyperDbg.

Command

unload

Syntax

unload [remove] [ModuleName (string)]

Description

Unloads the HyperDbg drivers and kernel modules from the target system.

Parameters

[remove](optional)

If you want to remove the installed driver. (See Remarks for more information)

[ModuleName (string)]

The name of the module that you want to unload.

Modules

Module Name

Description

vmm

Hypervisor-related capabilities

The debugger functions are implemented on top of the 'vmm' module.

vmm : this module contains commands related to the debugger and all hypervisor-related capabilities. Currently, vmm is the only module of HyperDbg.

Examples

The following example unloads vmm module.

HyperDbg> unload vmm

SDK

To unload the HyperDbg driver on the local machine, you need to use the following functions in libhyperdbg:

INT
hyperdbg_u_stop_vmm_driver();

Then,

INT
hyperdbg_u_unload_vmm();

Later you can uninstall the driver using the following SDK function:

INT
hyperdbg_u_uninstall_vmm_driver();

Remarks

This command will continue the debuggee for some time (in Debugger Mode). This means that you lose the current context (registers & memory) after executing this command.

If you use the remove argument, then the driver will be marked to be stopped and uninstalled. You cannot re-load that module again until the target machine is restarted.

Requirements

None

load (load the kernel modules)

Previousload (load the kernel modules)Nextstatus (show the debuggee status)

Last updated 11 months ago

Command

Syntax

Description

Parameters

Modules

Examples

SDK

Remarks

Requirements

Related