search
DownloadResearchTutorialhwdbg
githubEdit

.formats (show number formats)

Description of the '.formats' command in HyperDbg.

hashtag
Command

.formats

hashtag
Syntax

.formats [Expression (string)]

hashtag
Description

Evaluates an expression or register or a value in the current thread and process context and displays it in multiple numeric formats.

hashtag
Parameters

[Expression (string)]

An expression, or a register, or a hex value to be evaluated.

hashtag
Examples

Show 0x10 in different formats.

HyperDbg> .formats 10
Evaluate expression:
Hex :        00000000`00000010
Decimal :    16
Octal :      20
Binary :     00000000 00000000 00000000 00000000 00000000 00000000 00000000 00010000
Char :       ........
Time :       04/28/20 - 06:35AM
Float :      0.00 +8e-323 7.905050E-323
Double :     7.90505033345994471e-323

Show different formats of rcx register.

Show different formats of rcx register added to rbx register.

hashtag
IOCTL

To evaluate an expression on the target process (thread) in the user debugger or in the target debuggee in the kernel debugger, you need to use the following function in libhyperdbg:

Note that the above function only evaluates the expression and converts it to a 64-bit integer value. It does not display the value in different formats. To show it in different formats, you can run it as a command (string) through the main command parser SDK API.

hashtag
Remarks

This command is guaranteed to keep debuggee in a halt state (in Debugger Mode); thus, nothing will change during its execution.

hashtag
Requirements

None

hashtag
Related

None

Previous.dump (save the virtual memory into a file)Next.script (run batch script commands)

Last updated