-
Notifications
You must be signed in to change notification settings - Fork 0
/
_attaching_8h_source.html
234 lines (232 loc) · 43.4 KB
/
_attaching_8h_source.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "https://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en-US">
<head>
<meta http-equiv="Content-Type" content="text/xhtml;charset=UTF-8"/>
<meta http-equiv="X-UA-Compatible" content="IE=11"/>
<meta name="generator" content="Doxygen 1.11.0"/>
<meta name="viewport" content="width=device-width, initial-scale=1"/>
<title>HyperDbg Debugger: hyperdbg/hyperkd/header/debugger/user-level/Attaching.h Source File</title>
<link href="tabs.css" rel="stylesheet" type="text/css"/>
<script type="text/javascript" src="jquery.js"></script>
<script type="text/javascript" src="dynsections.js"></script>
<script type="text/javascript" src="clipboard.js"></script>
<link href="navtree.css" rel="stylesheet" type="text/css"/>
<script type="text/javascript" src="navtreedata.js"></script>
<script type="text/javascript" src="navtree.js"></script>
<script type="text/javascript" src="resize.js"></script>
<script type="text/javascript" src="cookie.js"></script>
<link href="search/search.css" rel="stylesheet" type="text/css"/>
<script type="text/javascript" src="search/searchdata.js"></script>
<script type="text/javascript" src="search/search.js"></script>
<link href="doxygen.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="top"><!-- do not remove this div, it is closed by doxygen! -->
<div id="titlearea">
<table cellspacing="0" cellpadding="0">
<tbody>
<tr id="projectrow">
<td id="projectalign">
<div id="projectname">HyperDbg Debugger
</div>
</td>
</tr>
</tbody>
</table>
</div>
<!-- end header part -->
<!-- Generated by Doxygen 1.11.0 -->
<script type="text/javascript">
/* @license magnet:?xt=urn:btih:d3d9a9a6595521f9666a5e94cc830dab83b65699&dn=expat.txt MIT */
var searchBox = new SearchBox("searchBox", "search/",'.html');
/* @license-end */
</script>
<script type="text/javascript">
/* @license magnet:?xt=urn:btih:d3d9a9a6595521f9666a5e94cc830dab83b65699&dn=expat.txt MIT */
$(function() { codefold.init(0); });
/* @license-end */
</script>
<script type="text/javascript" src="menudata.js"></script>
<script type="text/javascript" src="menu.js"></script>
<script type="text/javascript">
/* @license magnet:?xt=urn:btih:d3d9a9a6595521f9666a5e94cc830dab83b65699&dn=expat.txt MIT */
$(function() {
initMenu('',true,false,'search.php','Search',true);
$(function() { init_search(); });
});
/* @license-end */
</script>
<div id="main-nav"></div>
</div><!-- top -->
<div id="side-nav" class="ui-resizable side-nav-resizable">
<div id="nav-tree">
<div id="nav-tree-contents">
<div id="nav-sync" class="sync"></div>
</div>
</div>
<div id="splitbar" style="-moz-user-select:none;"
class="ui-resizable-handle">
</div>
</div>
<script type="text/javascript">
/* @license magnet:?xt=urn:btih:d3d9a9a6595521f9666a5e94cc830dab83b65699&dn=expat.txt MIT */
$(function(){initNavTree('_attaching_8h_source.html',''); initResizable(true); });
/* @license-end */
</script>
<div id="doc-content">
<!-- window showing the filter options -->
<div id="MSearchSelectWindow"
onmouseover="return searchBox.OnSearchSelectShow()"
onmouseout="return searchBox.OnSearchSelectHide()"
onkeydown="return searchBox.OnSearchSelectKey(event)">
</div>
<!-- iframe showing the search results (closed by default) -->
<div id="MSearchResultsWindow">
<div id="MSearchResults">
<div class="SRPage">
<div id="SRIndex">
<div id="SRResults"></div>
<div class="SRStatus" id="Loading">Loading...</div>
<div class="SRStatus" id="Searching">Searching...</div>
<div class="SRStatus" id="NoMatches">No Matches</div>
</div>
</div>
</div>
</div>
<div class="header">
<div class="headertitle"><div class="title">Attaching.h</div></div>
</div><!--header-->
<div class="contents">
<a href="_attaching_8h.html">Go to the documentation of this file.</a><div class="fragment"><div class="line"><a id="l00001" name="l00001"></a><span class="lineno"> 1</span> </div>
<div class="line"><a id="l00012" name="l00012"></a><span class="lineno"> 12</span><span class="preprocessor">#pragma once</span></div>
<div class="line"><a id="l00013" name="l00013"></a><span class="lineno"> 13</span> </div>
<div class="line"><a id="l00015" name="l00015"></a><span class="lineno"> 15</span><span class="comment">// Constants //</span></div>
<div class="line"><a id="l00017" name="l00017"></a><span class="lineno"> 17</span> </div>
<div class="line"><a id="l00022" name="l00022"></a><span class="lineno"><a class="line" href="_attaching_8h.html#a71a7b969b4769247f9e1c54276f6514f"> 22</a></span><span class="preprocessor">#define MAX_USER_ACTIONS_FOR_THREADS 3</span></div>
<div class="line"><a id="l00023" name="l00023"></a><span class="lineno"> 23</span> </div>
<div class="line"><a id="l00028" name="l00028"></a><span class="lineno"><a class="line" href="_attaching_8h.html#a0c6e13c5d1c8b877d7e31b6f5065b1e3"> 28</a></span><span class="preprocessor">#define MAX_THREADS_IN_A_PROCESS_HOLDER 100</span></div>
<div class="line"><a id="l00037" name="l00037"></a><span class="lineno"><a class="line" href="_attaching_8h.html#a829d27c9709ca2e1f18c2b8661652b41"> 37</a></span><span class="preprocessor">#define MAX_CR3_IN_A_PROCESS 4</span></div>
<div class="line"><a id="l00038" name="l00038"></a><span class="lineno"> 38</span> </div>
<div class="line"><a id="l00040" name="l00040"></a><span class="lineno"> 40</span><span class="comment">// Structures //</span></div>
<div class="line"><a id="l00042" name="l00042"></a><span class="lineno"> 42</span> </div>
<div class="foldopen" id="foldopen00048" data-start="{" data-end="};">
<div class="line"><a id="l00048" name="l00048"></a><span class="lineno"><a class="line" href="struct___u_s_e_r_m_o_d_e___d_e_b_u_g_g_i_n_g___p_r_o_c_e_s_s___d_e_t_a_i_l_s.html"> 48</a></span><span class="keyword">typedef</span> <span class="keyword">struct </span><a class="code hl_struct" href="struct___u_s_e_r_m_o_d_e___d_e_b_u_g_g_i_n_g___p_r_o_c_e_s_s___d_e_t_a_i_l_s.html">_USERMODE_DEBUGGING_PROCESS_DETAILS</a></div>
<div class="line"><a id="l00049" name="l00049"></a><span class="lineno"> 49</span>{</div>
<div class="line"><a id="l00050" name="l00050"></a><span class="lineno"><a class="line" href="struct___u_s_e_r_m_o_d_e___d_e_b_u_g_g_i_n_g___p_r_o_c_e_s_s___d_e_t_a_i_l_s.html#aac3f928359d06bdd7572a4bd67c86429"> 50</a></span> <a class="code hl_typedef" href="_basic_types_8h.html#aae17ebb9ef7279d026817fb22f8aebe9">UINT64</a> <a class="code hl_variable" href="struct___u_s_e_r_m_o_d_e___d_e_b_u_g_g_i_n_g___p_r_o_c_e_s_s___d_e_t_a_i_l_s.html#aac3f928359d06bdd7572a4bd67c86429">Token</a>;</div>
<div class="line"><a id="l00051" name="l00051"></a><span class="lineno"><a class="line" href="struct___u_s_e_r_m_o_d_e___d_e_b_u_g_g_i_n_g___p_r_o_c_e_s_s___d_e_t_a_i_l_s.html#acaf7519d69de4a28112b82f39d438ae0"> 51</a></span> <a class="code hl_typedef" href="_basic_types_8h.html#a1cb18096b299d23458d3c7b85fd86555">BOOLEAN</a> <a class="code hl_variable" href="struct___u_s_e_r_m_o_d_e___d_e_b_u_g_g_i_n_g___p_r_o_c_e_s_s___d_e_t_a_i_l_s.html#acaf7519d69de4a28112b82f39d438ae0">Enabled</a>;</div>
<div class="line"><a id="l00052" name="l00052"></a><span class="lineno"><a class="line" href="struct___u_s_e_r_m_o_d_e___d_e_b_u_g_g_i_n_g___p_r_o_c_e_s_s___d_e_t_a_i_l_s.html#aefb16ed28844461dfa42f40f062015b0"> 52</a></span> PVOID <a class="code hl_variable" href="struct___u_s_e_r_m_o_d_e___d_e_b_u_g_g_i_n_g___p_r_o_c_e_s_s___d_e_t_a_i_l_s.html#aefb16ed28844461dfa42f40f062015b0">PebAddressToMonitor</a>;</div>
<div class="line"><a id="l00053" name="l00053"></a><span class="lineno"><a class="line" href="struct___u_s_e_r_m_o_d_e___d_e_b_u_g_g_i_n_g___p_r_o_c_e_s_s___d_e_t_a_i_l_s.html#ac7497bb7cd3585fdc424075cae9ff98c"> 53</a></span> <a class="code hl_typedef" href="_basic_types_8h.html#ae1e6edbbc26d6fbc71a90190d0266018">UINT32</a> <a class="code hl_variable" href="struct___u_s_e_r_m_o_d_e___d_e_b_u_g_g_i_n_g___p_r_o_c_e_s_s___d_e_t_a_i_l_s.html#ac7497bb7cd3585fdc424075cae9ff98c">ActiveThreadId</a>; <span class="comment">// active thread</span></div>
<div class="line"><a id="l00054" name="l00054"></a><span class="lineno"><a class="line" href="struct___u_s_e_r_m_o_d_e___d_e_b_u_g_g_i_n_g___p_r_o_c_e_s_s___d_e_t_a_i_l_s.html#af1e099cfea06517081aa30ee23c77fbc"> 54</a></span> <a class="code hl_struct" href="struct_g_u_e_s_t___r_e_g_s.html">GUEST_REGS</a> <a class="code hl_variable" href="struct___u_s_e_r_m_o_d_e___d_e_b_u_g_g_i_n_g___p_r_o_c_e_s_s___d_e_t_a_i_l_s.html#af1e099cfea06517081aa30ee23c77fbc">Registers</a>; <span class="comment">// active thread</span></div>
<div class="line"><a id="l00055" name="l00055"></a><span class="lineno"><a class="line" href="struct___u_s_e_r_m_o_d_e___d_e_b_u_g_g_i_n_g___p_r_o_c_e_s_s___d_e_t_a_i_l_s.html#aa7a5b51d9e965b52e2b6f85e22cd84c9"> 55</a></span> <a class="code hl_typedef" href="_basic_types_8h.html#aae17ebb9ef7279d026817fb22f8aebe9">UINT64</a> <a class="code hl_variable" href="struct___u_s_e_r_m_o_d_e___d_e_b_u_g_g_i_n_g___p_r_o_c_e_s_s___d_e_t_a_i_l_s.html#aa7a5b51d9e965b52e2b6f85e22cd84c9">Context</a>; <span class="comment">// $context</span></div>
<div class="line"><a id="l00056" name="l00056"></a><span class="lineno"><a class="line" href="struct___u_s_e_r_m_o_d_e___d_e_b_u_g_g_i_n_g___p_r_o_c_e_s_s___d_e_t_a_i_l_s.html#af9cc943c4e24dbad2df94819db2c2c72"> 56</a></span> LIST_ENTRY <a class="code hl_variable" href="struct___u_s_e_r_m_o_d_e___d_e_b_u_g_g_i_n_g___p_r_o_c_e_s_s___d_e_t_a_i_l_s.html#af9cc943c4e24dbad2df94819db2c2c72">AttachedProcessList</a>;</div>
<div class="line"><a id="l00057" name="l00057"></a><span class="lineno"><a class="line" href="struct___u_s_e_r_m_o_d_e___d_e_b_u_g_g_i_n_g___p_r_o_c_e_s_s___d_e_t_a_i_l_s.html#ac2d3522e9585dce69980ff651c53cb1d"> 57</a></span> <a class="code hl_typedef" href="_basic_types_8h.html#aae17ebb9ef7279d026817fb22f8aebe9">UINT64</a> <a class="code hl_variable" href="struct___u_s_e_r_m_o_d_e___d_e_b_u_g_g_i_n_g___p_r_o_c_e_s_s___d_e_t_a_i_l_s.html#ac2d3522e9585dce69980ff651c53cb1d">UsermodeReservedBuffer</a>;</div>
<div class="line"><a id="l00058" name="l00058"></a><span class="lineno"><a class="line" href="struct___u_s_e_r_m_o_d_e___d_e_b_u_g_g_i_n_g___p_r_o_c_e_s_s___d_e_t_a_i_l_s.html#adb588665a0fa72d6307d6f8577f2f946"> 58</a></span> <a class="code hl_typedef" href="_basic_types_8h.html#aae17ebb9ef7279d026817fb22f8aebe9">UINT64</a> <a class="code hl_variable" href="struct___u_s_e_r_m_o_d_e___d_e_b_u_g_g_i_n_g___p_r_o_c_e_s_s___d_e_t_a_i_l_s.html#adb588665a0fa72d6307d6f8577f2f946">EntrypointOfMainModule</a>;</div>
<div class="line"><a id="l00059" name="l00059"></a><span class="lineno"><a class="line" href="struct___u_s_e_r_m_o_d_e___d_e_b_u_g_g_i_n_g___p_r_o_c_e_s_s___d_e_t_a_i_l_s.html#abd720fc6f1ffcd6488f3229bf1455573"> 59</a></span> <a class="code hl_typedef" href="_basic_types_8h.html#aae17ebb9ef7279d026817fb22f8aebe9">UINT64</a> <a class="code hl_variable" href="struct___u_s_e_r_m_o_d_e___d_e_b_u_g_g_i_n_g___p_r_o_c_e_s_s___d_e_t_a_i_l_s.html#abd720fc6f1ffcd6488f3229bf1455573">BaseAddressOfMainModule</a>;</div>
<div class="line"><a id="l00060" name="l00060"></a><span class="lineno"><a class="line" href="struct___u_s_e_r_m_o_d_e___d_e_b_u_g_g_i_n_g___p_r_o_c_e_s_s___d_e_t_a_i_l_s.html#af3376ddf4a0eed532aa22d4be1747764"> 60</a></span> PEPROCESS <a class="code hl_variable" href="struct___u_s_e_r_m_o_d_e___d_e_b_u_g_g_i_n_g___p_r_o_c_e_s_s___d_e_t_a_i_l_s.html#af3376ddf4a0eed532aa22d4be1747764">Eprocess</a>;</div>
<div class="line"><a id="l00061" name="l00061"></a><span class="lineno"><a class="line" href="struct___u_s_e_r_m_o_d_e___d_e_b_u_g_g_i_n_g___p_r_o_c_e_s_s___d_e_t_a_i_l_s.html#ace267a6473505408e798a827e1b244f0"> 61</a></span> <a class="code hl_typedef" href="_basic_types_8h.html#ae1e6edbbc26d6fbc71a90190d0266018">UINT32</a> <a class="code hl_variable" href="struct___u_s_e_r_m_o_d_e___d_e_b_u_g_g_i_n_g___p_r_o_c_e_s_s___d_e_t_a_i_l_s.html#ace267a6473505408e798a827e1b244f0">ProcessId</a>;</div>
<div class="line"><a id="l00062" name="l00062"></a><span class="lineno"><a class="line" href="struct___u_s_e_r_m_o_d_e___d_e_b_u_g_g_i_n_g___p_r_o_c_e_s_s___d_e_t_a_i_l_s.html#ac1a80680491ceb043b754ab5e9a7eec8"> 62</a></span> <a class="code hl_typedef" href="_basic_types_8h.html#a1cb18096b299d23458d3c7b85fd86555">BOOLEAN</a> <a class="code hl_variable" href="struct___u_s_e_r_m_o_d_e___d_e_b_u_g_g_i_n_g___p_r_o_c_e_s_s___d_e_t_a_i_l_s.html#ac1a80680491ceb043b754ab5e9a7eec8">Is32Bit</a>;</div>
<div class="line"><a id="l00063" name="l00063"></a><span class="lineno"><a class="line" href="struct___u_s_e_r_m_o_d_e___d_e_b_u_g_g_i_n_g___p_r_o_c_e_s_s___d_e_t_a_i_l_s.html#af2d10b22659ae7fab7f797a4332c0808"> 63</a></span> <a class="code hl_typedef" href="_basic_types_8h.html#a1cb18096b299d23458d3c7b85fd86555">BOOLEAN</a> <a class="code hl_variable" href="struct___u_s_e_r_m_o_d_e___d_e_b_u_g_g_i_n_g___p_r_o_c_e_s_s___d_e_t_a_i_l_s.html#af2d10b22659ae7fab7f797a4332c0808">IsOnTheStartingPhase</a>;</div>
<div class="line"><a id="l00064" name="l00064"></a><span class="lineno"><a class="line" href="struct___u_s_e_r_m_o_d_e___d_e_b_u_g_g_i_n_g___p_r_o_c_e_s_s___d_e_t_a_i_l_s.html#ad3d6574cef84c00d549493d88c62e68f"> 64</a></span> <a class="code hl_typedef" href="_basic_types_8h.html#a1cb18096b299d23458d3c7b85fd86555">BOOLEAN</a> <a class="code hl_variable" href="struct___u_s_e_r_m_o_d_e___d_e_b_u_g_g_i_n_g___p_r_o_c_e_s_s___d_e_t_a_i_l_s.html#ad3d6574cef84c00d549493d88c62e68f">IsOnThreadInterceptingPhase</a>;</div>
<div class="line"><a id="l00065" name="l00065"></a><span class="lineno"><a class="line" href="struct___u_s_e_r_m_o_d_e___d_e_b_u_g_g_i_n_g___p_r_o_c_e_s_s___d_e_t_a_i_l_s.html#ab748a7db00ec4b671fa65ef900986080"> 65</a></span> <a class="code hl_typedef" href="_basic_types_8h.html#a1cb18096b299d23458d3c7b85fd86555">BOOLEAN</a> <a class="code hl_variable" href="struct___u_s_e_r_m_o_d_e___d_e_b_u_g_g_i_n_g___p_r_o_c_e_s_s___d_e_t_a_i_l_s.html#ab748a7db00ec4b671fa65ef900986080">CheckCallBackForInterceptingFirstInstruction</a>; <span class="comment">// checks for the callbacks for interceptions of the very first instruction (used by RE Machine)</span></div>
<div class="line"><a id="l00066" name="l00066"></a><span class="lineno"><a class="line" href="struct___u_s_e_r_m_o_d_e___d_e_b_u_g_g_i_n_g___p_r_o_c_e_s_s___d_e_t_a_i_l_s.html#a03824d851e6ed19772d65969892f267e"> 66</a></span> <a class="code hl_struct" href="struct___c_r3___t_y_p_e.html">CR3_TYPE</a> <a class="code hl_variable" href="struct___u_s_e_r_m_o_d_e___d_e_b_u_g_g_i_n_g___p_r_o_c_e_s_s___d_e_t_a_i_l_s.html#a03824d851e6ed19772d65969892f267e">InterceptedCr3</a>[<a class="code hl_define" href="_attaching_8h.html#a829d27c9709ca2e1f18c2b8661652b41">MAX_CR3_IN_A_PROCESS</a>];</div>
<div class="line"><a id="l00067" name="l00067"></a><span class="lineno"><a class="line" href="struct___u_s_e_r_m_o_d_e___d_e_b_u_g_g_i_n_g___p_r_o_c_e_s_s___d_e_t_a_i_l_s.html#aa599a0813df15b4250895e755bc484b9"> 67</a></span> LIST_ENTRY <a class="code hl_variable" href="struct___u_s_e_r_m_o_d_e___d_e_b_u_g_g_i_n_g___p_r_o_c_e_s_s___d_e_t_a_i_l_s.html#aa599a0813df15b4250895e755bc484b9">ThreadsListHead</a>;</div>
<div class="line"><a id="l00068" name="l00068"></a><span class="lineno"> 68</span> </div>
<div class="line"><a id="l00069" name="l00069"></a><span class="lineno"><a class="line" href="_attaching_8h.html#ac289d6b25a670c70d1f6a5105788fb04"> 69</a></span>} <a class="code hl_typedef" href="_attaching_8h.html#ae69b85159349c201bde2de678d985193">USERMODE_DEBUGGING_PROCESS_DETAILS</a>, *<a class="code hl_typedef" href="_attaching_8h.html#ac289d6b25a670c70d1f6a5105788fb04">PUSERMODE_DEBUGGING_PROCESS_DETAILS</a>;</div>
</div>
<div class="line"><a id="l00070" name="l00070"></a><span class="lineno"> 70</span> </div>
<div class="line"><a id="l00072" name="l00072"></a><span class="lineno"> 72</span><span class="comment">// Functions //</span></div>
<div class="line"><a id="l00074" name="l00074"></a><span class="lineno"> 74</span> </div>
<div class="line"><a id="l00075" name="l00075"></a><span class="lineno"> 75</span><a class="code hl_typedef" href="_basic_types_8h.html#a1cb18096b299d23458d3c7b85fd86555">BOOLEAN</a></div>
<div class="line"><a id="l00076" name="l00076"></a><span class="lineno"> 76</span><a class="code hl_function" href="_attaching_8h.html#ac973601a8671bd7f982fb9f7fd13ccc4">AttachingInitialize</a>();</div>
<div class="line"><a id="l00077" name="l00077"></a><span class="lineno"> 77</span> </div>
<div class="line"><a id="l00078" name="l00078"></a><span class="lineno"> 78</span><a class="code hl_typedef" href="_basic_types_8h.html#a1cb18096b299d23458d3c7b85fd86555">BOOLEAN</a></div>
<div class="line"><a id="l00079" name="l00079"></a><span class="lineno"> 79</span><a class="code hl_function" href="_attaching_8h.html#af709328759d9b5fb6d0213ee458723dd">AttachingCheckPageFaultsWithUserDebugger</a>(<a class="code hl_typedef" href="_basic_types_8h.html#ae1e6edbbc26d6fbc71a90190d0266018">UINT32</a> CoreId,</div>
<div class="line"><a id="l00080" name="l00080"></a><span class="lineno"> 80</span> <a class="code hl_typedef" href="_basic_types_8h.html#aae17ebb9ef7279d026817fb22f8aebe9">UINT64</a> <a class="code hl_variable" href="_hyper_dbg_script_imports_8h.html#a3f7c5b71d899e923be0a80d4ac7902fe">Address</a>,</div>
<div class="line"><a id="l00081" name="l00081"></a><span class="lineno"> 81</span> <a class="code hl_typedef" href="_basic_types_8h.html#ae1e6edbbc26d6fbc71a90190d0266018">UINT32</a> PageFaultErrorCode);</div>
<div class="line"><a id="l00082" name="l00082"></a><span class="lineno"> 82</span> </div>
<div class="line"><a id="l00083" name="l00083"></a><span class="lineno"> 83</span><a class="code hl_typedef" href="_basic_types_8h.html#a1cb18096b299d23458d3c7b85fd86555">BOOLEAN</a></div>
<div class="line"><a id="l00084" name="l00084"></a><span class="lineno"> 84</span><a class="code hl_function" href="_attaching_8h.html#a7f67611f7474cb9199c0b941fcf82a85">AttachingConfigureInterceptingThreads</a>(<a class="code hl_typedef" href="_basic_types_8h.html#aae17ebb9ef7279d026817fb22f8aebe9">UINT64</a> ProcessDebuggingToken, <a class="code hl_typedef" href="_basic_types_8h.html#a1cb18096b299d23458d3c7b85fd86555">BOOLEAN</a> Enable);</div>
<div class="line"><a id="l00085" name="l00085"></a><span class="lineno"> 85</span> </div>
<div class="line"><a id="l00086" name="l00086"></a><span class="lineno"> 86</span><a class="code hl_typedef" href="_basic_types_8h.html#a1cb18096b299d23458d3c7b85fd86555">BOOLEAN</a></div>
<div class="line"><a id="l00087" name="l00087"></a><span class="lineno"> 87</span><a class="code hl_function" href="_attaching_8h.html#a2a634f245bfc5d1ce07e9df31f37f26a">AttachingHandleCr3VmexitsForThreadInterception</a>(<a class="code hl_typedef" href="_basic_types_8h.html#ae1e6edbbc26d6fbc71a90190d0266018">UINT32</a> CoreId, <a class="code hl_struct" href="struct___c_r3___t_y_p_e.html">CR3_TYPE</a> NewCr3);</div>
<div class="line"><a id="l00088" name="l00088"></a><span class="lineno"> 88</span> </div>
<div class="line"><a id="l00089" name="l00089"></a><span class="lineno"> 89</span><a class="code hl_define" href="_basic_types_8h.html#a7f319bfc2492a2136964194204e7a8cf">VOID</a></div>
<div class="line"><a id="l00090" name="l00090"></a><span class="lineno"> 90</span><a class="code hl_function" href="_attaching_8h.html#a6fba37d8db6966c26c921887bcf11656">AttachingTargetProcess</a>(<a class="code hl_struct" href="struct___d_e_b_u_g_g_e_r___a_t_t_a_c_h___d_e_t_a_c_h___u_s_e_r___m_o_d_e___p_r_o_c_e_s_s.html">PDEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS</a> Request);</div>
<div class="line"><a id="l00091" name="l00091"></a><span class="lineno"> 91</span> </div>
<div class="line"><a id="l00092" name="l00092"></a><span class="lineno"> 92</span><a class="code hl_define" href="_basic_types_8h.html#a7f319bfc2492a2136964194204e7a8cf">VOID</a></div>
<div class="line"><a id="l00093" name="l00093"></a><span class="lineno"> 93</span><a class="code hl_function" href="_attaching_8h.html#adadde19c6465b57b781fff52e7f8db85">AttachingHandleEntrypointInterception</a>(<a class="code hl_struct" href="struct___p_r_o_c_e_s_s_o_r___d_e_b_u_g_g_i_n_g___s_t_a_t_e.html">PROCESSOR_DEBUGGING_STATE</a> * DbgState);</div>
<div class="line"><a id="l00094" name="l00094"></a><span class="lineno"> 94</span> </div>
<div class="line"><a id="l00095" name="l00095"></a><span class="lineno"> 95</span><a class="code hl_define" href="_basic_types_8h.html#a7f319bfc2492a2136964194204e7a8cf">VOID</a></div>
<div class="line"><a id="l00096" name="l00096"></a><span class="lineno"> 96</span><a class="code hl_function" href="_attaching_8h.html#ad16b106f9f7b6a857bafc12252bcfadd">AttachingRemoveAndFreeAllProcessDebuggingDetails</a>();</div>
<div class="line"><a id="l00097" name="l00097"></a><span class="lineno"> 97</span> </div>
<div class="line"><a id="l00098" name="l00098"></a><span class="lineno"> 98</span><a class="code hl_struct" href="struct___u_s_e_r_m_o_d_e___d_e_b_u_g_g_i_n_g___p_r_o_c_e_s_s___d_e_t_a_i_l_s.html">PUSERMODE_DEBUGGING_PROCESS_DETAILS</a></div>
<div class="line"><a id="l00099" name="l00099"></a><span class="lineno"> 99</span><a class="code hl_function" href="_attaching_8h.html#ab826f65586e0a294b97e505c6affe8b5">AttachingFindProcessDebuggingDetailsByToken</a>(<a class="code hl_typedef" href="_basic_types_8h.html#aae17ebb9ef7279d026817fb22f8aebe9">UINT64</a> Token);</div>
<div class="line"><a id="l00100" name="l00100"></a><span class="lineno"> 100</span> </div>
<div class="line"><a id="l00101" name="l00101"></a><span class="lineno"> 101</span><a class="code hl_struct" href="struct___u_s_e_r_m_o_d_e___d_e_b_u_g_g_i_n_g___p_r_o_c_e_s_s___d_e_t_a_i_l_s.html">PUSERMODE_DEBUGGING_PROCESS_DETAILS</a></div>
<div class="line"><a id="l00102" name="l00102"></a><span class="lineno"> 102</span><a class="code hl_function" href="_attaching_8h.html#a733d0f343ddcccaeec221bbbb20483c7">AttachingFindProcessDebuggingDetailsByProcessId</a>(<a class="code hl_typedef" href="_basic_types_8h.html#ae1e6edbbc26d6fbc71a90190d0266018">UINT32</a> ProcessId);</div>
<div class="line"><a id="l00103" name="l00103"></a><span class="lineno"> 103</span> </div>
<div class="line"><a id="l00104" name="l00104"></a><span class="lineno"> 104</span><a class="code hl_typedef" href="_basic_types_8h.html#a1cb18096b299d23458d3c7b85fd86555">BOOLEAN</a></div>
<div class="line"><a id="l00105" name="l00105"></a><span class="lineno"> 105</span><a class="code hl_function" href="_attaching_8h.html#a640e936614ebe9a68cf54e78f7d8f323">AttachingQueryDetailsOfActiveDebuggingThreadsAndProcesses</a>(PVOID BufferToStoreDetails, <a class="code hl_typedef" href="_basic_types_8h.html#ae1e6edbbc26d6fbc71a90190d0266018">UINT32</a> BufferSize);</div>
<div class="line"><a id="l00106" name="l00106"></a><span class="lineno"> 106</span> </div>
<div class="line"><a id="l00107" name="l00107"></a><span class="lineno"> 107</span><a class="code hl_typedef" href="_basic_types_8h.html#a1cb18096b299d23458d3c7b85fd86555">BOOLEAN</a></div>
<div class="line"><a id="l00108" name="l00108"></a><span class="lineno"> 108</span><a class="code hl_function" href="_attaching_8h.html#af92565f7d626021eb2e7312480126fa5">AttachingCheckUnhandledEptViolation</a>(<a class="code hl_typedef" href="_basic_types_8h.html#ae1e6edbbc26d6fbc71a90190d0266018">UINT32</a> CoreId,</div>
<div class="line"><a id="l00109" name="l00109"></a><span class="lineno"> 109</span> <a class="code hl_typedef" href="_basic_types_8h.html#aae17ebb9ef7279d026817fb22f8aebe9">UINT64</a> ViolationQualification,</div>
<div class="line"><a id="l00110" name="l00110"></a><span class="lineno"> 110</span> <a class="code hl_typedef" href="_basic_types_8h.html#aae17ebb9ef7279d026817fb22f8aebe9">UINT64</a> GuestPhysicalAddr);</div>
<div class="line"><a id="l00111" name="l00111"></a><span class="lineno"> 111</span> </div>
<div class="line"><a id="l00112" name="l00112"></a><span class="lineno"> 112</span><a class="code hl_typedef" href="_basic_types_8h.html#a1cb18096b299d23458d3c7b85fd86555">BOOLEAN</a></div>
<div class="line"><a id="l00113" name="l00113"></a><span class="lineno"> 113</span><a class="code hl_function" href="_attaching_8h.html#afb4b04c662929a9dc3b74b45b634aff4">AttachingReachedToValidLoadedModule</a>(<a class="code hl_struct" href="struct___p_r_o_c_e_s_s_o_r___d_e_b_u_g_g_i_n_g___s_t_a_t_e.html">PROCESSOR_DEBUGGING_STATE</a> * DbgState,</div>
<div class="line"><a id="l00114" name="l00114"></a><span class="lineno"> 114</span> <a class="code hl_struct" href="struct___u_s_e_r_m_o_d_e___d_e_b_u_g_g_i_n_g___p_r_o_c_e_s_s___d_e_t_a_i_l_s.html">PUSERMODE_DEBUGGING_PROCESS_DETAILS</a> ProcessDebuggingDetail);</div>
<div class="ttc" id="a_attaching_8h_html_a2a634f245bfc5d1ce07e9df31f37f26a"><div class="ttname"><a href="_attaching_8h.html#a2a634f245bfc5d1ce07e9df31f37f26a">AttachingHandleCr3VmexitsForThreadInterception</a></div><div class="ttdeci">BOOLEAN AttachingHandleCr3VmexitsForThreadInterception(UINT32 CoreId, CR3_TYPE NewCr3)</div><div class="ttdoc">Handle the cr3 vm-exits for thread interception.</div><div class="ttdef"><b>Definition</b> Attaching.c:1036</div></div>
<div class="ttc" id="a_attaching_8h_html_a640e936614ebe9a68cf54e78f7d8f323"><div class="ttname"><a href="_attaching_8h.html#a640e936614ebe9a68cf54e78f7d8f323">AttachingQueryDetailsOfActiveDebuggingThreadsAndProcesses</a></div><div class="ttdeci">BOOLEAN AttachingQueryDetailsOfActiveDebuggingThreadsAndProcesses(PVOID BufferToStoreDetails, UINT32 BufferSize)</div><div class="ttdoc">Query details of active debugging threads.</div><div class="ttdef"><b>Definition</b> Attaching.c:1476</div></div>
<div class="ttc" id="a_attaching_8h_html_a6fba37d8db6966c26c921887bcf11656"><div class="ttname"><a href="_attaching_8h.html#a6fba37d8db6966c26c921887bcf11656">AttachingTargetProcess</a></div><div class="ttdeci">VOID AttachingTargetProcess(PDEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS Request)</div><div class="ttdoc">Dispatch and perform attaching tasks.</div><div class="ttdef"><b>Definition</b> Attaching.c:1508</div></div>
<div class="ttc" id="a_attaching_8h_html_a733d0f343ddcccaeec221bbbb20483c7"><div class="ttname"><a href="_attaching_8h.html#a733d0f343ddcccaeec221bbbb20483c7">AttachingFindProcessDebuggingDetailsByProcessId</a></div><div class="ttdeci">PUSERMODE_DEBUGGING_PROCESS_DETAILS AttachingFindProcessDebuggingDetailsByProcessId(UINT32 ProcessId)</div><div class="ttdoc">Find user-mode debugging details for threads by process Id.</div><div class="ttdef"><b>Definition</b> Attaching.c:187</div></div>
<div class="ttc" id="a_attaching_8h_html_a7f67611f7474cb9199c0b941fcf82a85"><div class="ttname"><a href="_attaching_8h.html#a7f67611f7474cb9199c0b941fcf82a85">AttachingConfigureInterceptingThreads</a></div><div class="ttdeci">BOOLEAN AttachingConfigureInterceptingThreads(UINT64 ProcessDebuggingToken, BOOLEAN Enable)</div><div class="ttdoc">Enable or disable the thread intercepting phase.</div><div class="ttdef"><b>Definition</b> Attaching.c:695</div></div>
<div class="ttc" id="a_attaching_8h_html_a829d27c9709ca2e1f18c2b8661652b41"><div class="ttname"><a href="_attaching_8h.html#a829d27c9709ca2e1f18c2b8661652b41">MAX_CR3_IN_A_PROCESS</a></div><div class="ttdeci">#define MAX_CR3_IN_A_PROCESS</div><div class="ttdoc">Maximum number of CR3 registers that a process can have.</div><div class="ttdef"><b>Definition</b> Attaching.h:37</div></div>
<div class="ttc" id="a_attaching_8h_html_ab826f65586e0a294b97e505c6affe8b5"><div class="ttname"><a href="_attaching_8h.html#ab826f65586e0a294b97e505c6affe8b5">AttachingFindProcessDebuggingDetailsByToken</a></div><div class="ttdeci">PUSERMODE_DEBUGGING_PROCESS_DETAILS AttachingFindProcessDebuggingDetailsByToken(UINT64 Token)</div><div class="ttdoc">Find user-mode debugging details for threads by token.</div><div class="ttdef"><b>Definition</b> Attaching.c:164</div></div>
<div class="ttc" id="a_attaching_8h_html_ac289d6b25a670c70d1f6a5105788fb04"><div class="ttname"><a href="_attaching_8h.html#ac289d6b25a670c70d1f6a5105788fb04">PUSERMODE_DEBUGGING_PROCESS_DETAILS</a></div><div class="ttdeci">struct _USERMODE_DEBUGGING_PROCESS_DETAILS * PUSERMODE_DEBUGGING_PROCESS_DETAILS</div></div>
<div class="ttc" id="a_attaching_8h_html_ac973601a8671bd7f982fb9f7fd13ccc4"><div class="ttname"><a href="_attaching_8h.html#ac973601a8671bd7f982fb9f7fd13ccc4">AttachingInitialize</a></div><div class="ttdeci">BOOLEAN AttachingInitialize()</div><div class="ttdoc">Initialize the attaching mechanism.</div><div class="ttdef"><b>Definition</b> Attaching.c:22</div></div>
<div class="ttc" id="a_attaching_8h_html_ad16b106f9f7b6a857bafc12252bcfadd"><div class="ttname"><a href="_attaching_8h.html#ad16b106f9f7b6a857bafc12252bcfadd">AttachingRemoveAndFreeAllProcessDebuggingDetails</a></div><div class="ttdeci">VOID AttachingRemoveAndFreeAllProcessDebuggingDetails()</div><div class="ttdoc">Remove and deallocate all thread debuggig details.</div><div class="ttdef"><b>Definition</b> Attaching.c:229</div></div>
<div class="ttc" id="a_attaching_8h_html_adadde19c6465b57b781fff52e7f8db85"><div class="ttname"><a href="_attaching_8h.html#adadde19c6465b57b781fff52e7f8db85">AttachingHandleEntrypointInterception</a></div><div class="ttdeci">VOID AttachingHandleEntrypointInterception(PROCESSOR_DEBUGGING_STATE *DbgState)</div><div class="ttdoc">Handle the interception of finding the entrypoint on attaching to user-mode process.</div><div class="ttdef"><b>Definition</b> Attaching.c:436</div></div>
<div class="ttc" id="a_attaching_8h_html_ae69b85159349c201bde2de678d985193"><div class="ttname"><a href="_attaching_8h.html#ae69b85159349c201bde2de678d985193">USERMODE_DEBUGGING_PROCESS_DETAILS</a></div><div class="ttdeci">struct _USERMODE_DEBUGGING_PROCESS_DETAILS USERMODE_DEBUGGING_PROCESS_DETAILS</div><div class="ttdoc">Description of each active thread in user-mode attaching mechanism.</div></div>
<div class="ttc" id="a_attaching_8h_html_af709328759d9b5fb6d0213ee458723dd"><div class="ttname"><a href="_attaching_8h.html#af709328759d9b5fb6d0213ee458723dd">AttachingCheckPageFaultsWithUserDebugger</a></div><div class="ttdeci">BOOLEAN AttachingCheckPageFaultsWithUserDebugger(UINT32 CoreId, UINT64 Address, UINT32 PageFaultErrorCode)</div><div class="ttdoc">Check page-faults with user-debugger.</div><div class="ttdef"><b>Definition</b> Attaching.c:621</div></div>
<div class="ttc" id="a_attaching_8h_html_af92565f7d626021eb2e7312480126fa5"><div class="ttname"><a href="_attaching_8h.html#af92565f7d626021eb2e7312480126fa5">AttachingCheckUnhandledEptViolation</a></div><div class="ttdeci">BOOLEAN AttachingCheckUnhandledEptViolation(UINT32 CoreId, UINT64 ViolationQualification, UINT64 GuestPhysicalAddr)</div><div class="ttdoc">handling unhandled EPT violations</div><div class="ttdef"><b>Definition</b> Attaching.c:1102</div></div>
<div class="ttc" id="a_attaching_8h_html_afb4b04c662929a9dc3b74b45b634aff4"><div class="ttname"><a href="_attaching_8h.html#afb4b04c662929a9dc3b74b45b634aff4">AttachingReachedToValidLoadedModule</a></div><div class="ttdeci">BOOLEAN AttachingReachedToValidLoadedModule(PROCESSOR_DEBUGGING_STATE *DbgState, PUSERMODE_DEBUGGING_PROCESS_DETAILS ProcessDebuggingDetail)</div><div class="ttdoc">Handle cases where we reached to the valid loaded module The main module should be loaded once we rea...</div><div class="ttdef"><b>Definition</b> Attaching.c:348</div></div>
<div class="ttc" id="a_basic_types_8h_html_a1cb18096b299d23458d3c7b85fd86555"><div class="ttname"><a href="_basic_types_8h.html#a1cb18096b299d23458d3c7b85fd86555">BOOLEAN</a></div><div class="ttdeci">UCHAR BOOLEAN</div><div class="ttdef"><b>Definition</b> BasicTypes.h:39</div></div>
<div class="ttc" id="a_basic_types_8h_html_a7f319bfc2492a2136964194204e7a8cf"><div class="ttname"><a href="_basic_types_8h.html#a7f319bfc2492a2136964194204e7a8cf">VOID</a></div><div class="ttdeci">#define VOID</div><div class="ttdef"><b>Definition</b> BasicTypes.h:33</div></div>
<div class="ttc" id="a_basic_types_8h_html_aae17ebb9ef7279d026817fb22f8aebe9"><div class="ttname"><a href="_basic_types_8h.html#aae17ebb9ef7279d026817fb22f8aebe9">UINT64</a></div><div class="ttdeci">unsigned __int64 UINT64</div><div class="ttdef"><b>Definition</b> BasicTypes.h:21</div></div>
<div class="ttc" id="a_basic_types_8h_html_ae1e6edbbc26d6fbc71a90190d0266018"><div class="ttname"><a href="_basic_types_8h.html#ae1e6edbbc26d6fbc71a90190d0266018">UINT32</a></div><div class="ttdeci">unsigned int UINT32</div><div class="ttdef"><b>Definition</b> BasicTypes.h:48</div></div>
<div class="ttc" id="a_hyper_dbg_script_imports_8h_html_a3f7c5b71d899e923be0a80d4ac7902fe"><div class="ttname"><a href="_hyper_dbg_script_imports_8h.html#a3f7c5b71d899e923be0a80d4ac7902fe">Address</a></div><div class="ttdeci">UINT64 Address</div><div class="ttdef"><b>Definition</b> HyperDbgScriptImports.h:67</div></div>
<div class="ttc" id="astruct___c_r3___t_y_p_e_html"><div class="ttname"><a href="struct___c_r3___t_y_p_e.html">_CR3_TYPE</a></div><div class="ttdoc">CR3 Structure.</div><div class="ttdef"><b>Definition</b> BasicTypes.h:130</div></div>
<div class="ttc" id="astruct___d_e_b_u_g_g_e_r___a_t_t_a_c_h___d_e_t_a_c_h___u_s_e_r___m_o_d_e___p_r_o_c_e_s_s_html"><div class="ttname"><a href="struct___d_e_b_u_g_g_e_r___a_t_t_a_c_h___d_e_t_a_c_h___u_s_e_r___m_o_d_e___p_r_o_c_e_s_s.html">_DEBUGGER_ATTACH_DETACH_USER_MODE_PROCESS</a></div><div class="ttdoc">request for attaching user-mode process</div><div class="ttdef"><b>Definition</b> RequestStructures.h:631</div></div>
<div class="ttc" id="astruct___p_r_o_c_e_s_s_o_r___d_e_b_u_g_g_i_n_g___s_t_a_t_e_html"><div class="ttname"><a href="struct___p_r_o_c_e_s_s_o_r___d_e_b_u_g_g_i_n_g___s_t_a_t_e.html">_PROCESSOR_DEBUGGING_STATE</a></div><div class="ttdoc">Saves the debugger state.</div><div class="ttdef"><b>Definition</b> State.h:165</div></div>
<div class="ttc" id="astruct___u_s_e_r_m_o_d_e___d_e_b_u_g_g_i_n_g___p_r_o_c_e_s_s___d_e_t_a_i_l_s_html"><div class="ttname"><a href="struct___u_s_e_r_m_o_d_e___d_e_b_u_g_g_i_n_g___p_r_o_c_e_s_s___d_e_t_a_i_l_s.html">_USERMODE_DEBUGGING_PROCESS_DETAILS</a></div><div class="ttdoc">Description of each active thread in user-mode attaching mechanism.</div><div class="ttdef"><b>Definition</b> Attaching.h:49</div></div>
<div class="ttc" id="astruct___u_s_e_r_m_o_d_e___d_e_b_u_g_g_i_n_g___p_r_o_c_e_s_s___d_e_t_a_i_l_s_html_a03824d851e6ed19772d65969892f267e"><div class="ttname"><a href="struct___u_s_e_r_m_o_d_e___d_e_b_u_g_g_i_n_g___p_r_o_c_e_s_s___d_e_t_a_i_l_s.html#a03824d851e6ed19772d65969892f267e">_USERMODE_DEBUGGING_PROCESS_DETAILS::InterceptedCr3</a></div><div class="ttdeci">CR3_TYPE InterceptedCr3[MAX_CR3_IN_A_PROCESS]</div><div class="ttdef"><b>Definition</b> Attaching.h:66</div></div>
<div class="ttc" id="astruct___u_s_e_r_m_o_d_e___d_e_b_u_g_g_i_n_g___p_r_o_c_e_s_s___d_e_t_a_i_l_s_html_aa599a0813df15b4250895e755bc484b9"><div class="ttname"><a href="struct___u_s_e_r_m_o_d_e___d_e_b_u_g_g_i_n_g___p_r_o_c_e_s_s___d_e_t_a_i_l_s.html#aa599a0813df15b4250895e755bc484b9">_USERMODE_DEBUGGING_PROCESS_DETAILS::ThreadsListHead</a></div><div class="ttdeci">LIST_ENTRY ThreadsListHead</div><div class="ttdef"><b>Definition</b> Attaching.h:67</div></div>
<div class="ttc" id="astruct___u_s_e_r_m_o_d_e___d_e_b_u_g_g_i_n_g___p_r_o_c_e_s_s___d_e_t_a_i_l_s_html_aa7a5b51d9e965b52e2b6f85e22cd84c9"><div class="ttname"><a href="struct___u_s_e_r_m_o_d_e___d_e_b_u_g_g_i_n_g___p_r_o_c_e_s_s___d_e_t_a_i_l_s.html#aa7a5b51d9e965b52e2b6f85e22cd84c9">_USERMODE_DEBUGGING_PROCESS_DETAILS::Context</a></div><div class="ttdeci">UINT64 Context</div><div class="ttdef"><b>Definition</b> Attaching.h:55</div></div>
<div class="ttc" id="astruct___u_s_e_r_m_o_d_e___d_e_b_u_g_g_i_n_g___p_r_o_c_e_s_s___d_e_t_a_i_l_s_html_aac3f928359d06bdd7572a4bd67c86429"><div class="ttname"><a href="struct___u_s_e_r_m_o_d_e___d_e_b_u_g_g_i_n_g___p_r_o_c_e_s_s___d_e_t_a_i_l_s.html#aac3f928359d06bdd7572a4bd67c86429">_USERMODE_DEBUGGING_PROCESS_DETAILS::Token</a></div><div class="ttdeci">UINT64 Token</div><div class="ttdef"><b>Definition</b> Attaching.h:50</div></div>
<div class="ttc" id="astruct___u_s_e_r_m_o_d_e___d_e_b_u_g_g_i_n_g___p_r_o_c_e_s_s___d_e_t_a_i_l_s_html_ab748a7db00ec4b671fa65ef900986080"><div class="ttname"><a href="struct___u_s_e_r_m_o_d_e___d_e_b_u_g_g_i_n_g___p_r_o_c_e_s_s___d_e_t_a_i_l_s.html#ab748a7db00ec4b671fa65ef900986080">_USERMODE_DEBUGGING_PROCESS_DETAILS::CheckCallBackForInterceptingFirstInstruction</a></div><div class="ttdeci">BOOLEAN CheckCallBackForInterceptingFirstInstruction</div><div class="ttdef"><b>Definition</b> Attaching.h:65</div></div>
<div class="ttc" id="astruct___u_s_e_r_m_o_d_e___d_e_b_u_g_g_i_n_g___p_r_o_c_e_s_s___d_e_t_a_i_l_s_html_abd720fc6f1ffcd6488f3229bf1455573"><div class="ttname"><a href="struct___u_s_e_r_m_o_d_e___d_e_b_u_g_g_i_n_g___p_r_o_c_e_s_s___d_e_t_a_i_l_s.html#abd720fc6f1ffcd6488f3229bf1455573">_USERMODE_DEBUGGING_PROCESS_DETAILS::BaseAddressOfMainModule</a></div><div class="ttdeci">UINT64 BaseAddressOfMainModule</div><div class="ttdef"><b>Definition</b> Attaching.h:59</div></div>
<div class="ttc" id="astruct___u_s_e_r_m_o_d_e___d_e_b_u_g_g_i_n_g___p_r_o_c_e_s_s___d_e_t_a_i_l_s_html_ac1a80680491ceb043b754ab5e9a7eec8"><div class="ttname"><a href="struct___u_s_e_r_m_o_d_e___d_e_b_u_g_g_i_n_g___p_r_o_c_e_s_s___d_e_t_a_i_l_s.html#ac1a80680491ceb043b754ab5e9a7eec8">_USERMODE_DEBUGGING_PROCESS_DETAILS::Is32Bit</a></div><div class="ttdeci">BOOLEAN Is32Bit</div><div class="ttdef"><b>Definition</b> Attaching.h:62</div></div>
<div class="ttc" id="astruct___u_s_e_r_m_o_d_e___d_e_b_u_g_g_i_n_g___p_r_o_c_e_s_s___d_e_t_a_i_l_s_html_ac2d3522e9585dce69980ff651c53cb1d"><div class="ttname"><a href="struct___u_s_e_r_m_o_d_e___d_e_b_u_g_g_i_n_g___p_r_o_c_e_s_s___d_e_t_a_i_l_s.html#ac2d3522e9585dce69980ff651c53cb1d">_USERMODE_DEBUGGING_PROCESS_DETAILS::UsermodeReservedBuffer</a></div><div class="ttdeci">UINT64 UsermodeReservedBuffer</div><div class="ttdef"><b>Definition</b> Attaching.h:57</div></div>
<div class="ttc" id="astruct___u_s_e_r_m_o_d_e___d_e_b_u_g_g_i_n_g___p_r_o_c_e_s_s___d_e_t_a_i_l_s_html_ac7497bb7cd3585fdc424075cae9ff98c"><div class="ttname"><a href="struct___u_s_e_r_m_o_d_e___d_e_b_u_g_g_i_n_g___p_r_o_c_e_s_s___d_e_t_a_i_l_s.html#ac7497bb7cd3585fdc424075cae9ff98c">_USERMODE_DEBUGGING_PROCESS_DETAILS::ActiveThreadId</a></div><div class="ttdeci">UINT32 ActiveThreadId</div><div class="ttdef"><b>Definition</b> Attaching.h:53</div></div>
<div class="ttc" id="astruct___u_s_e_r_m_o_d_e___d_e_b_u_g_g_i_n_g___p_r_o_c_e_s_s___d_e_t_a_i_l_s_html_acaf7519d69de4a28112b82f39d438ae0"><div class="ttname"><a href="struct___u_s_e_r_m_o_d_e___d_e_b_u_g_g_i_n_g___p_r_o_c_e_s_s___d_e_t_a_i_l_s.html#acaf7519d69de4a28112b82f39d438ae0">_USERMODE_DEBUGGING_PROCESS_DETAILS::Enabled</a></div><div class="ttdeci">BOOLEAN Enabled</div><div class="ttdef"><b>Definition</b> Attaching.h:51</div></div>
<div class="ttc" id="astruct___u_s_e_r_m_o_d_e___d_e_b_u_g_g_i_n_g___p_r_o_c_e_s_s___d_e_t_a_i_l_s_html_ace267a6473505408e798a827e1b244f0"><div class="ttname"><a href="struct___u_s_e_r_m_o_d_e___d_e_b_u_g_g_i_n_g___p_r_o_c_e_s_s___d_e_t_a_i_l_s.html#ace267a6473505408e798a827e1b244f0">_USERMODE_DEBUGGING_PROCESS_DETAILS::ProcessId</a></div><div class="ttdeci">UINT32 ProcessId</div><div class="ttdef"><b>Definition</b> Attaching.h:61</div></div>
<div class="ttc" id="astruct___u_s_e_r_m_o_d_e___d_e_b_u_g_g_i_n_g___p_r_o_c_e_s_s___d_e_t_a_i_l_s_html_ad3d6574cef84c00d549493d88c62e68f"><div class="ttname"><a href="struct___u_s_e_r_m_o_d_e___d_e_b_u_g_g_i_n_g___p_r_o_c_e_s_s___d_e_t_a_i_l_s.html#ad3d6574cef84c00d549493d88c62e68f">_USERMODE_DEBUGGING_PROCESS_DETAILS::IsOnThreadInterceptingPhase</a></div><div class="ttdeci">BOOLEAN IsOnThreadInterceptingPhase</div><div class="ttdef"><b>Definition</b> Attaching.h:64</div></div>
<div class="ttc" id="astruct___u_s_e_r_m_o_d_e___d_e_b_u_g_g_i_n_g___p_r_o_c_e_s_s___d_e_t_a_i_l_s_html_adb588665a0fa72d6307d6f8577f2f946"><div class="ttname"><a href="struct___u_s_e_r_m_o_d_e___d_e_b_u_g_g_i_n_g___p_r_o_c_e_s_s___d_e_t_a_i_l_s.html#adb588665a0fa72d6307d6f8577f2f946">_USERMODE_DEBUGGING_PROCESS_DETAILS::EntrypointOfMainModule</a></div><div class="ttdeci">UINT64 EntrypointOfMainModule</div><div class="ttdef"><b>Definition</b> Attaching.h:58</div></div>
<div class="ttc" id="astruct___u_s_e_r_m_o_d_e___d_e_b_u_g_g_i_n_g___p_r_o_c_e_s_s___d_e_t_a_i_l_s_html_aefb16ed28844461dfa42f40f062015b0"><div class="ttname"><a href="struct___u_s_e_r_m_o_d_e___d_e_b_u_g_g_i_n_g___p_r_o_c_e_s_s___d_e_t_a_i_l_s.html#aefb16ed28844461dfa42f40f062015b0">_USERMODE_DEBUGGING_PROCESS_DETAILS::PebAddressToMonitor</a></div><div class="ttdeci">PVOID PebAddressToMonitor</div><div class="ttdef"><b>Definition</b> Attaching.h:52</div></div>
<div class="ttc" id="astruct___u_s_e_r_m_o_d_e___d_e_b_u_g_g_i_n_g___p_r_o_c_e_s_s___d_e_t_a_i_l_s_html_af1e099cfea06517081aa30ee23c77fbc"><div class="ttname"><a href="struct___u_s_e_r_m_o_d_e___d_e_b_u_g_g_i_n_g___p_r_o_c_e_s_s___d_e_t_a_i_l_s.html#af1e099cfea06517081aa30ee23c77fbc">_USERMODE_DEBUGGING_PROCESS_DETAILS::Registers</a></div><div class="ttdeci">GUEST_REGS Registers</div><div class="ttdef"><b>Definition</b> Attaching.h:54</div></div>
<div class="ttc" id="astruct___u_s_e_r_m_o_d_e___d_e_b_u_g_g_i_n_g___p_r_o_c_e_s_s___d_e_t_a_i_l_s_html_af2d10b22659ae7fab7f797a4332c0808"><div class="ttname"><a href="struct___u_s_e_r_m_o_d_e___d_e_b_u_g_g_i_n_g___p_r_o_c_e_s_s___d_e_t_a_i_l_s.html#af2d10b22659ae7fab7f797a4332c0808">_USERMODE_DEBUGGING_PROCESS_DETAILS::IsOnTheStartingPhase</a></div><div class="ttdeci">BOOLEAN IsOnTheStartingPhase</div><div class="ttdef"><b>Definition</b> Attaching.h:63</div></div>
<div class="ttc" id="astruct___u_s_e_r_m_o_d_e___d_e_b_u_g_g_i_n_g___p_r_o_c_e_s_s___d_e_t_a_i_l_s_html_af3376ddf4a0eed532aa22d4be1747764"><div class="ttname"><a href="struct___u_s_e_r_m_o_d_e___d_e_b_u_g_g_i_n_g___p_r_o_c_e_s_s___d_e_t_a_i_l_s.html#af3376ddf4a0eed532aa22d4be1747764">_USERMODE_DEBUGGING_PROCESS_DETAILS::Eprocess</a></div><div class="ttdeci">PEPROCESS Eprocess</div><div class="ttdef"><b>Definition</b> Attaching.h:60</div></div>
<div class="ttc" id="astruct___u_s_e_r_m_o_d_e___d_e_b_u_g_g_i_n_g___p_r_o_c_e_s_s___d_e_t_a_i_l_s_html_af9cc943c4e24dbad2df94819db2c2c72"><div class="ttname"><a href="struct___u_s_e_r_m_o_d_e___d_e_b_u_g_g_i_n_g___p_r_o_c_e_s_s___d_e_t_a_i_l_s.html#af9cc943c4e24dbad2df94819db2c2c72">_USERMODE_DEBUGGING_PROCESS_DETAILS::AttachedProcessList</a></div><div class="ttdeci">LIST_ENTRY AttachedProcessList</div><div class="ttdef"><b>Definition</b> Attaching.h:56</div></div>
<div class="ttc" id="astruct_g_u_e_s_t___r_e_g_s_html"><div class="ttname"><a href="struct_g_u_e_s_t___r_e_g_s.html">GUEST_REGS</a></div><div class="ttdef"><b>Definition</b> BasicTypes.h:70</div></div>
</div><!-- fragment --></div><!-- contents -->
</div><!-- doc-content -->
<!-- start footer part -->
<div id="nav-path" class="navpath"><!-- id is needed for treeview function! -->
<ul>
<li class="navelem"><a class="el" href="dir_53a6cdbae347618e9ee76d4be5c6ea96.html">hyperdbg</a></li><li class="navelem"><a class="el" href="dir_fd401680aa8c7ceffc479e97f6bdc4df.html">hyperkd</a></li><li class="navelem"><a class="el" href="dir_b9a42e394d8efcca63fc5d2d60127445.html">header</a></li><li class="navelem"><a class="el" href="dir_b7f82d642e4d0c525e6cfe8908059b17.html">debugger</a></li><li class="navelem"><a class="el" href="dir_313e9e9e5342a34428cfe05999879d58.html">user-level</a></li><li class="navelem"><a class="el" href="_attaching_8h.html">Attaching.h</a></li>
<li class="footer">Generated by <a href="https://www.doxygen.org/index.html"><img class="footer" src="doxygen.svg" width="104" height="31" alt="doxygen"/></a> 1.11.0 </li>
</ul>
</div>
</body>
</html>