HyperDbg Documentation
HyperDbgResearchDownloadSource code
Search…
HyperDbg
Getting Started
Quick Start
FAQ
Build & Install
Attach to HyperDbg
Using HyperDbg
Prerequisites
User-mode Debugging
Kernel-mode Debugging
Commands
Debugging Commands
Meta Commands
.help (show the help of commands)
.debug (prepare and connect to debugger)
.connect (connect to a session)
.disconnect (disconnect from a session)
.listen (listen on a port and wait for the debugger to connect)
.status (show the debugger status)
.start (start a new process)
.restart (restart the process)
.attach (attach to a process)
.detach (detach from the process)
.switch (show the list and switch between active debugging processes)
.kill (terminate the process)
.process, .process2 (show the current process and switch to another process)
.thread, .thread2 (show the current thread and switch to another thread)
.formats (show number formats)
.script (run batch script commands)
.sympath (set the symbol server)
.sym (load pdb symbols)
.pe (parse PE file)
.logopen (open log file)
.logclose (close log file)
.cls (clear the screen)
Extension Commands
Scripting Language
Commands Map
Tips & Tricks
Considerations
Nested-Virtualization Environments
Misc
Contribution
Style Guide
Logo & Artworks
Design
Features
Debugger Internals
Links
Twitter
YouTube
Doxygen
Contribution
Powered By GitBook
.debug (prepare and connect to debugger)
Description of the '.debug' command in HyperDbg.

.debug

.debug [remote] [serial|namedpipe] [Baudrate (decimal)] [Address (string)]
.debug [prepare] [serial] [Baudrate (decimal)] [Address (string)]
.debug [close]

This command prepares debuggee for a remote connection or connects to a remote debuggee.
Please note that you should first wait for reconnecting on the debugger, then connect to it in the debuggee.

[remote]
If you specify remote then it means that you want to connect to a debuggee.
[prepare]
If you specify prepare then it means that you want to prepare the current machine to be debugged as debuggee.
[close]
close means to close all the connections to the debuggee.
[serial|namedpipe]
If you want to use a serial port as the connection, you should choose serial, and if you want to connect to a named pipe, then you should specify namedpipe. Please note that namedpipe cannot be used in debuggee, and it can be used only in the debugger.
[serial]
In the case of choosing prepare, only serial is supported as the type of connection.
[Baudrate (Decimal)]
This value shows the baud rate of the device. (See Remarks for more information)
[Address (string)]
COM port address or named pipe address. (See Remarks for more information)

If you want to have a kernel debug connection, first, you should run the following command in a debugger (host). As you can see, you can change the com3to your COM port that is connected to the debuggee.
HyperDbg> .debug remote serial 115200 com3
If you want to use a named pipe instead of a COM port, you can execute the following command in the debugger (Host).
HyperDbg> .debug remote namedpipe \\.\pipe\HyperDbgPipe
After you tell the debugger to listen on a COM port or a named pipe, now you can run the following command in the debuggee.
HyperDbg> .debug prepare serial 115200 com2
If you want to disconnect from the debuggee, then you should run the following command.
HyperDbg> .debug close

See here to see the design of the kernel debugger connectin.

  1. 1.
    The following values are valid baud rates for serial connections.
Baud rate
110
300
600
1200
2400
4800
9600
14400
19200
38400
56000
57600
115200
128000
256000
The following COM ports are valid for debugging.
COM Port
com1
com2
com3
com4

None
Previous
.help (show the help of commands)
Next
.connect (connect to a session)
Last modified 5mo ago
Copy link
Edit on GitHub
On this page
Command
Syntax
Description
Parameters
Examples
IOCTL
Remarks
Requirements
Related