event_clear

Description of the 'event_clear' function in HyperDbg Scripts

Function

event_clear

Syntax

event_clear( EventId );

Parameters

[Expression (EventId)]

Event ID of the event that needs to be deactivated.

Description

Clears an event by its Event ID.

Examples

event_clear(1);

Clear an event with EventId = 1.

When an event is executed, the $event_id pseudo-register contains the target event's ID.

For example, you can force an event to be cleared immediately:

!epthook nt!ExAllocatePoolWithTag script {
 event_clear($event_id);
}

Remarks

Previousevent_disable Nextevent_sc

Last updated 1 year ago

event_clear

Description of the 'event_clear' function in HyperDbg Scripts

Function

event_clear

Syntax

event_clear( EventId );

Parameters

[Expression (EventId)]

Event ID of the event that needs to be deactivated.

Description

Clears an event by its Event ID.

Examples

event_clear(1);

Clear an event with EventId = 1.

When an event is executed, the $event_id pseudo-register contains the target event's ID.

For example, you can force an event to be cleared immediately:

!epthook nt!ExAllocatePoolWithTag script {
 event_clear($event_id);
}

The above example, won't guarantee that only one event will be executed, as multiple cores might reach to the above code simultaneously. If you want to avoid multiple runs, you can use functions.

Remarks

You can see events' ID using the command. The first column of 's results shows the event ID.

Like the '' command, using this function won't immediately remove the event effect on the system, instead, it disables the event and once the system is continued, the event will be cleared.

Starting from v0.7, this function is added to HyperDbg as a result of implementing the mechanism.

Previousevent_disable Nextevent_sc

Last updated 1 year ago

Function

Syntax

Parameters

Description

Examples

Remarks

Related

Function

Syntax

Parameters

Description

Examples

Remarks

Related