HyperDbg
Action needed from Sina
I noticed there are many issues in this repo, and I'm not sure which ones require my action. To improve our communication, I've created this Issue. Please post anything that needs my attention here, so I won't miss any of them.
我注意到这个 repo 中有很多问题,我不确定哪些需要我处理。为了改善我们的沟通,我创建了这个 Issue。请在此处发布任何需要我注意的内容,这样我就不会错过任何内容。
I noticed there are many issues in this repo, and I'm not sure which ones require my action. To improve our communication, I've created this Issue. Please post anything that needs my attention here, so I won't miss any of them.
我注意到这个 repo 中有很多问题,我不确定哪些需要我处理。为了改善我们的沟通,我创建了这个 Issue。请在此处发布任何需要我注意的内容,这样我就不会错过任何内容。
先来研究这个 https://github.com/HyperDbg/gui/issues/59
are you online? See https://github.com/HyperDbg/gui/issues/59 again please.
Hi, Yes, I just came online. I'll check it now.
Hello you, please try build gui and handle https://github.com/HyperDbg/gui/issues/60 now.
Could you please send me a link to which version of GCC you use? How do you install it on Windows?
I've got this error compiling it:
C:\Users\Sina\Desktop\gui>go build .
go: downloading github.com/ddkwork/app v0.0.0-20240615140632-acdad7498240
go: downloading github.com/ddkwork/golibrary v0.0.62
go: downloading github.com/richardwilkes/unison v0.70.1
go: downloading github.com/dc0d/caseconv v0.5.0
go: downloading github.com/fatih/color v1.17.0
go: downloading github.com/rivo/uniseg v0.4.7
go: downloading golang.org/x/exp v0.0.0-20240613232115-7f521ea00fb8
go: downloading golang.org/x/text v0.16.0
go: downloading golang.org/x/tools v0.22.0
go: downloading mvdan.cc/gofumpt v0.6.0
go: downloading github.com/axgle/mahonia v0.0.0-20180208002826-3358181d7394
go: downloading github.com/richardwilkes/toolbox v1.114.1
go: downloading github.com/zzl/go-win32api/v2 v2.2.0
go: downloading golang.org/x/sys v0.21.0
go: downloading github.com/alecthomas/chroma/v2 v2.14.0
go: downloading github.com/google/uuid v1.6.0
go: downloading github.com/cespare/xxhash/v2 v2.3.0
go: downloading github.com/go-gl/gl v0.0.0-20231021071112-07e5d0ea2e71
go: downloading github.com/go-gl/glfw/v3.3/glfw v0.0.0-20240506104042-037f3cc74f2a
go: downloading github.com/richardwilkes/json v0.2.0
go: downloading github.com/yuin/goldmark v1.7.2
go: downloading golang.org/x/image v0.17.0
go: downloading github.com/mattn/go-colorable v0.1.13
go: downloading github.com/mattn/go-isatty v0.0.20
go: downloading github.com/google/go-cmp v0.6.0
go: downloading golang.org/x/mod v0.18.0
go: downloading github.com/dlclark/regexp2 v1.11.0
go: downloading gopkg.in/yaml.v3 v3.0.1
go: downloading github.com/winlabs/gowin32 v0.0.0-20221003142512-0d265587d3c9
package github.com/ddkwork/hyperdbgui
imports github.com/ddkwork/hyperdbgui/ux
imports github.com/ddkwork/app
imports github.com/richardwilkes/unison
imports github.com/go-gl/gl/v3.2-core/gl: build constraints exclude all Go files in C:\Users\Sina\go\pkg\mod\github.com\go-gl\[email protected]\v3.2-core\gl
..\..\go\pkg\mod\github.com\ddkwork\[email protected]\ms\xed\pe.go:4:2: missing go.sum entry for module providing package github.com/saferwall/pe (imported by github.com/ddkwork/app/ms/xed); to add:
go get github.com/ddkwork/app/ms/[email protected]
..\..\go\pkg\mod\github.com\ddkwork\[email protected]\ms\xed\xed.go:6:2: missing go.sum entry for module providing package golang.org/x/arch/x86/x86asm (imported by github.com/ddkwork/app/ms/xed); to add:
go get github.com/ddkwork/app/ms/[email protected]
Could you please send me a link to which version of GCC you use? How do you install it on Windows?
https://github.com/jmeubank/tdm-gcc
这个看似是gcc不正确,尝试 gcc -v .返回什么
---Original--- From: "Sina @.> Date: Sat, Jun 15, 2024 23:00 PM To: @.>; Cc: @.@.>; Subject: Re: [HyperDbg/gui] Action needed from Sina (Issue #76)
image.png (view on web)
— Reply to this email directly, view it on GitHub, or unsubscribe. You are receiving this because you were assigned.Message ID: @.***>
新开一个cmd窗口试试,我感觉是gcc环境变量不生效
---Original--- From: "Sina @.> Date: Sat, Jun 15, 2024 23:00 PM To: @.>; Cc: @.@.>; Subject: Re: [HyperDbg/gui] Action needed from Sina (Issue #76)
image.png (view on web)
— Reply to this email directly, view it on GitHub, or unsubscribe. You are receiving this because you were assigned.Message ID: @.***>
Another error:
C:\Users\Sina\Desktop\gui>go build .
^C
C:\Users\Sina\Desktop\gui>gcc -v
Using built-in specs.
COLLECT_GCC=gcc
COLLECT_LTO_WRAPPER=C:/TDM-GCC-64/bin/../libexec/gcc/x86_64-w64-mingw32/10.3.0/lto-wrapper.exe
Target: x86_64-w64-mingw32
Configured with: ../../../src/gcc-git-10.3.0/configure --build=x86_64-w64-mingw32 --enable-targets=all --enable-languages=ada,c,c++,fortran,jit,lto,objc,obj-c++ --enable-libgomp --enable-lto --enable-graphite --enable-cxx-flags=-DWINPTHREAD_STATIC --disable-build-with-cxx --disable-build-poststage1-with-cxx --enable-libstdcxx-debug --enable-threads=posix --enable-version-specific-runtime-libs --enable-fully-dynamic-string --enable-libstdcxx-filesystem-ts=yes --disable-libstdcxx-pch --enable-libstdcxx-threads --enable-libstdcxx-time=yes --enable-mingw-wildcard --with-gnu-ld --disable-werror --enable-nls --disable-win32-registry --enable-large-address-aware --disable-rpath --disable-symvers --prefix=/mingw64tdm --with-local-prefix=/mingw64tdm --with-pkgversion=tdm64-1 --with-bugurl=https://github.com/jmeubank/tdm-gcc/issues
Thread model: posix
Supported LTO compression algorithms: zlib zstd
gcc version 10.3.0 (tdm64-1)
C:\Users\Sina\Desktop\gui>go build .
C:\Users\Sina\Desktop\gui>go run .
2024-06-15 08:09:08 Trace -> --------- title --------- │ ------------------ info ------------------ //runtime.doInit1+0xec C:/Program Files/Go/src/runtime/proc.go:7176
ERR | 2024-06-15 | 08:09:09.042 | recovered from panic
[github.com/ddkwork/golibrary/mylog.check[...]] C:/Users/Sina/go/pkg/mod/github.com/ddkwork/[email protected]/mylog/check.go:216
[github.com/ddkwork/golibrary/mylog.Check2[...]] C:/Users/Sina/go/pkg/mod/github.com/ddkwork/[email protected]/mylog/check.go:27
[github.com/ddkwork/app/ms/xed.ParserPe] C:/Users/Sina/go/pkg/mod/github.com/ddkwork/[email protected]/ms/xed/pe.go:10
[github.com/ddkwork/hyperdbgui/ux.LayoutDisassemblyTable.func3] C:/Users/Sina/Desktop/gui/ux/cpu.go:235
[github.com/ddkwork/app/widget.NewTable[...]] C:/Users/Sina/go/pkg/mod/github.com/ddkwork/[email protected]/widget/table.go:422
[github.com/ddkwork/hyperdbgui/ux.LayoutDisassemblyTable] C:/Users/Sina/Desktop/gui/ux/cpu.go:214
[github.com/ddkwork/hyperdbgui/ux.LayoutCpu] C:/Users/Sina/Desktop/gui/ux/cpu.go:25
[github.com/ddkwork/hyperdbgui/ux.NewPage] C:/Users/Sina/Desktop/gui/ux/HyperDbg.go:118
[main.main.Run.func1] C:/Users/Sina/Desktop/gui/ux/HyperDbg.go:31
[github.com/ddkwork/app.RunWithIco.func1.1] C:/Users/Sina/go/pkg/mod/github.com/ddkwork/[email protected]/app.go:49
[github.com/richardwilkes/toolbox.CallWithHandler] C:/Users/Sina/go/pkg/mod/github.com/richardwilkes/[email protected]/call.go:24
[github.com/richardwilkes/toolbox.Call] C:/Users/Sina/go/pkg/mod/github.com/richardwilkes/[email protected]/call.go:18
[github.com/richardwilkes/unison.finishStartup] C:/Users/Sina/go/pkg/mod/github.com/richardwilkes/[email protected]/app.go:183
[github.com/richardwilkes/toolbox.CallWithHandler] C:/Users/Sina/go/pkg/mod/github.com/richardwilkes/[email protected]/call.go:24
[github.com/richardwilkes/unison.processNextTask] C:/Users/Sina/go/pkg/mod/github.com/richardwilkes/[email protected]/task.go:51
[github.com/richardwilkes/unison.processEvents] C:/Users/Sina/go/pkg/mod/github.com/richardwilkes/[email protected]/app.go:164
[github.com/richardwilkes/unison.Start] C:/Users/Sina/go/pkg/mod/github.com/richardwilkes/[email protected]/app.go:158
[github.com/ddkwork/app.RunWithIco.func1] C:/Users/Sina/go/pkg/mod/github.com/ddkwork/[email protected]/app.go:43
[github.com/ddkwork/golibrary/mylog.callWithHandler] C:/Users/Sina/go/pkg/mod/github.com/ddkwork/[email protected]/mylog/call.go:15
[github.com/ddkwork/golibrary/mylog.Call] C:/Users/Sina/go/pkg/mod/github.com/ddkwork/[email protected]/mylog/call.go:10
[github.com/ddkwork/app.RunWithIco] C:/Users/Sina/go/pkg/mod/github.com/ddkwork/[email protected]/app.go:42
[github.com/ddkwork/hyperdbgui/ux.Run] C:/Users/Sina/Desktop/gui/ux/HyperDbg.go:30
[main.main] C:/Users/Sina/Desktop/gui/main.go:9
Caused by: open D:\workspace\workspace\branch\gui\bin\debug\hyperdbg-cli.exe: The system cannot find the path specified.
[github.com/ddkwork/golibrary/mylog.check[...]] C:/Users/Sina/go/pkg/mod/github.com/ddkwork/[email protected]/mylog/check.go:216
[github.com/ddkwork/golibrary/mylog.Check2[...]] C:/Users/Sina/go/pkg/mod/github.com/ddkwork/[email protected]/mylog/check.go:27
[github.com/ddkwork/app/ms/xed.ParserPe] C:/Users/Sina/go/pkg/mod/github.com/ddkwork/[email protected]/ms/xed/pe.go:10
[github.com/ddkwork/hyperdbgui/ux.LayoutDisassemblyTable.func3] C:/Users/Sina/Desktop/gui/ux/cpu.go:235
[github.com/ddkwork/app/widget.NewTable[...]] C:/Users/Sina/go/pkg/mod/github.com/ddkwork/[email protected]/widget/table.go:422
[github.com/ddkwork/hyperdbgui/ux.LayoutDisassemblyTable] C:/Users/Sina/Desktop/gui/ux/cpu.go:214
[github.com/ddkwork/hyperdbgui/ux.LayoutCpu] C:/Users/Sina/Desktop/gui/ux/cpu.go:25
[github.com/ddkwork/hyperdbgui/ux.NewPage] C:/Users/Sina/Desktop/gui/ux/HyperDbg.go:118
[main.main.Run.func1] C:/Users/Sina/Desktop/gui/ux/HyperDbg.go:31
[github.com/ddkwork/app.RunWithIco.func1.1] C:/Users/Sina/go/pkg/mod/github.com/ddkwork/[email protected]/app.go:49
[github.com/richardwilkes/toolbox.CallWithHandler] C:/Users/Sina/go/pkg/mod/github.com/richardwilkes/[email protected]/call.go:24
[github.com/richardwilkes/toolbox.Call] C:/Users/Sina/go/pkg/mod/github.com/richardwilkes/[email protected]/call.go:18
[github.com/richardwilkes/unison.finishStartup] C:/Users/Sina/go/pkg/mod/github.com/richardwilkes/[email protected]/app.go:183
[github.com/richardwilkes/toolbox.CallWithHandler] C:/Users/Sina/go/pkg/mod/github.com/richardwilkes/[email protected]/call.go:24
[github.com/richardwilkes/unison.processNextTask] C:/Users/Sina/go/pkg/mod/github.com/richardwilkes/[email protected]/task.go:51
[github.com/richardwilkes/unison.processEvents] C:/Users/Sina/go/pkg/mod/github.com/richardwilkes/[email protected]/app.go:164
[github.com/richardwilkes/unison.Start] C:/Users/Sina/go/pkg/mod/github.com/richardwilkes/[email protected]/app.go:158
[github.com/ddkwork/app.RunWithIco.func1] C:/Users/Sina/go/pkg/mod/github.com/ddkwork/[email protected]/app.go:43
[github.com/ddkwork/golibrary/mylog.callWithHandler] C:/Users/Sina/go/pkg/mod/github.com/ddkwork/[email protected]/mylog/call.go:15
[github.com/ddkwork/golibrary/mylog.Call] C:/Users/Sina/go/pkg/mod/github.com/ddkwork/[email protected]/mylog/call.go:10
[github.com/ddkwork/app.RunWithIco] C:/Users/Sina/go/pkg/mod/github.com/ddkwork/[email protected]/app.go:42
[github.com/ddkwork/hyperdbgui/ux.Run] C:/Users/Sina/Desktop/gui/ux/HyperDbg.go:30
[main.main] C:/Users/Sina/Desktop/gui/main.go:9
Oh my LadyGaga,等我修改下单元测试,呵呵🙂🙂🙂🙂
---Original--- From: "Sina @.> Date: Sat, Jun 15, 2024 23:10 PM To: @.>; Cc: @.@.>; Subject: Re: [HyperDbg/gui] Action needed from Sina (Issue #76)
Another error:
C:\Users\Sina\Desktop\gui>go build . ^C C:\Users\Sina\Desktop\gui>gcc -v Using built-in specs. COLLECT_GCC=gcc COLLECT_LTO_WRAPPER=C:/TDM-GCC-64/bin/../libexec/gcc/x86_64-w64-mingw32/10.3.0/lto-wrapper.exe Target: x86_64-w64-mingw32 Configured with: ../../../src/gcc-git-10.3.0/configure --build=x86_64-w64-mingw32 --enable-targets=all --enable-languages=ada,c,c++,fortran,jit,lto,objc,obj-c++ --enable-libgomp --enable-lto --enable-graphite --enable-cxx-flags=-DWINPTHREAD_STATIC --disable-build-with-cxx --disable-build-poststage1-with-cxx --enable-libstdcxx-debug --enable-threads=posix --enable-version-specific-runtime-libs --enable-fully-dynamic-string --enable-libstdcxx-filesystem-ts=yes --disable-libstdcxx-pch --enable-libstdcxx-threads --enable-libstdcxx-time=yes --enable-mingw-wildcard --with-gnu-ld --disable-werror --enable-nls --disable-win32-registry --enable-large-address-aware --disable-rpath --disable-symvers --prefix=/mingw64tdm --with-local-prefix=/mingw64tdm --with-pkgversion=tdm64-1 --with-bugurl=https://github.com/jmeubank/tdm-gcc/issues Thread model: posix Supported LTO compression algorithms: zlib zstd gcc version 10.3.0 (tdm64-1) C:\Users\Sina\Desktop\gui>go build . C:\Users\Sina\Desktop\gui>go run . 2024-06-15 08:09:08 Trace -> --------- title --------- │ ------------------ info ------------------ //runtime.doInit1+0xec C:/Program Files/Go/src/runtime/proc.go:7176 ERR | 2024-06-15 | 08:09:09.042 | recovered from panic [github.com/ddkwork/golibrary/mylog.check[...]] @./mylog/check.go:216 [github.com/ddkwork/golibrary/mylog.Check2[...]] @./mylog/check.go:27 [github.com/ddkwork/app/ms/xed.ParserPe] @./ms/xed/pe.go:10 [github.com/ddkwork/hyperdbgui/ux.LayoutDisassemblyTable.func3] C:/Users/Sina/Desktop/gui/ux/cpu.go:235 [github.com/ddkwork/app/widget.NewTable[...]] @./widget/table.go:422 [github.com/ddkwork/hyperdbgui/ux.LayoutDisassemblyTable] C:/Users/Sina/Desktop/gui/ux/cpu.go:214 [github.com/ddkwork/hyperdbgui/ux.LayoutCpu] C:/Users/Sina/Desktop/gui/ux/cpu.go:25 [github.com/ddkwork/hyperdbgui/ux.NewPage] C:/Users/Sina/Desktop/gui/ux/HyperDbg.go:118 [main.main.Run.func1] C:/Users/Sina/Desktop/gui/ux/HyperDbg.go:31 [github.com/ddkwork/app.RunWithIco.func1.1] @./app.go:49 [github.com/richardwilkes/toolbox.CallWithHandler] @./call.go:24 [github.com/richardwilkes/toolbox.Call] @./call.go:18 [github.com/richardwilkes/unison.finishStartup] @./app.go:183 [github.com/richardwilkes/toolbox.CallWithHandler] @./call.go:24 [github.com/richardwilkes/unison.processNextTask] @./task.go:51 [github.com/richardwilkes/unison.processEvents] @./app.go:164 [github.com/richardwilkes/unison.Start] @./app.go:158 [github.com/ddkwork/app.RunWithIco.func1] @./app.go:43 [github.com/ddkwork/golibrary/mylog.callWithHandler] @./mylog/call.go:15 [github.com/ddkwork/golibrary/mylog.Call] @./mylog/call.go:10 [github.com/ddkwork/app.RunWithIco] @./app.go:42 [github.com/ddkwork/hyperdbgui/ux.Run] C:/Users/Sina/Desktop/gui/ux/HyperDbg.go:30 [main.main] C:/Users/Sina/Desktop/gui/main.go:9 Caused by: open D:\workspace\workspace\branch\gui\bin\debug\hyperdbg-cli.exe: The system cannot find the path specified. [github.com/ddkwork/golibrary/mylog.check[...]] @./mylog/check.go:216 [github.com/ddkwork/golibrary/mylog.Check2[...]] @./mylog/check.go:27 [github.com/ddkwork/app/ms/xed.ParserPe] @./ms/xed/pe.go:10 [github.com/ddkwork/hyperdbgui/ux.LayoutDisassemblyTable.func3] C:/Users/Sina/Desktop/gui/ux/cpu.go:235 [github.com/ddkwork/app/widget.NewTable[...]] @./widget/table.go:422 [github.com/ddkwork/hyperdbgui/ux.LayoutDisassemblyTable] C:/Users/Sina/Desktop/gui/ux/cpu.go:214 [github.com/ddkwork/hyperdbgui/ux.LayoutCpu] C:/Users/Sina/Desktop/gui/ux/cpu.go:25 [github.com/ddkwork/hyperdbgui/ux.NewPage] C:/Users/Sina/Desktop/gui/ux/HyperDbg.go:118 [main.main.Run.func1] C:/Users/Sina/Desktop/gui/ux/HyperDbg.go:31 [github.com/ddkwork/app.RunWithIco.func1.1] @./app.go:49 [github.com/richardwilkes/toolbox.CallWithHandler] @./call.go:24 [github.com/richardwilkes/toolbox.Call] @./call.go:18 [github.com/richardwilkes/unison.finishStartup] @./app.go:183 [github.com/richardwilkes/toolbox.CallWithHandler] @./call.go:24 [github.com/richardwilkes/unison.processNextTask] @./task.go:51 [github.com/richardwilkes/unison.processEvents] @./app.go:164 [github.com/richardwilkes/unison.Start] @./app.go:158 [github.com/ddkwork/app.RunWithIco.func1] @./app.go:43 [github.com/ddkwork/golibrary/mylog.callWithHandler] @./mylog/call.go:15 [github.com/ddkwork/golibrary/mylog.Call] @./mylog/call.go:10 [github.com/ddkwork/app.RunWithIco] @./app.go:42 [github.com/ddkwork/hyperdbgui/ux.Run] C:/Users/Sina/Desktop/gui/ux/HyperDbg.go:30 [main.main] C:/Users/Sina/Desktop/gui/main.go:9
—
Reply to this email directly, view it on GitHub, or unsubscribe.
You are receiving this because you were assigned.Message ID: @.***>
Okay, that's fine. I'll continue the building process tomorrow. I'll go to sleep now. Good night.
Great. Meanwhile, I try to finish making the new SDK hopefully this week.
okay
---Original--- From: "Sina @.> Date: Sat, Jun 15, 2024 23:35 PM To: @.>; Cc: @.@.>; Subject: Re: [HyperDbg/gui] Action needed from Sina (Issue #76)
Great. Meanwhile, I try to finish making the new SDK hopefully this week.
— Reply to this email directly, view it on GitHub, or unsubscribe. You are receiving this because you were assigned.Message ID: @.***>
ssdt tree table layout is complete, for io, the most effective hook iopxxxcontrolfile, the rest of the ntapi as well, we will implement in each nt api right-click context menu to perform the hook operation, and at the same time pop up the hook parameter panel, enter each api's input parameter, this I have previously implemented a structure to display a smallwidget that I've implemented before, and it's perfect for doing this. Now I need to pause the layout work on ark and work on the sdk side to make debugging a high priority. I desperately want the start command to work, because the subsequent loading of the disassembly and stacking of a series of operations is possible. iopxxx that function I have previously used the disassembly engine to find the correct offsets, just need the sdk to return the nt base to me, and then adjust the appropriate content in the inputbuffer to communicate with the driver.
So the remote start command you mentioned yesterday operates under VMware? Should I loadmm first?
I don't know what the reason is, but the module is not found, and I'm thinking about implementing hyperdbgcontrol entirely in go.
https://github.com/HyperDbg/gui/blob/main/test%2Fdll%2Fdll.go#L26-L33
https://mp.weixin.qq.com/s/zISSWZf9pw1WmdH7wZabtA
我似乎明白dll初始化失败的原因了:hyperdbgControl.dll是不是还依赖别的dll才能正常初始化?如果是这样级联依赖的话,有点不好弄,除非它依赖的是ring3的dll,但是我看到hvkd.dll之类的明明是sys驱动,如果也被cotrol.dll依赖的话就很麻烦。
the ntapi as well, we will implement in each nt api right-click context menu to perform the hook operation, and at the same time pop up the hook parameter panel, enter each api's input parameter, this I have previously implemented a structure to display a smallwidget that I've implemented before, and it's perfect for doing this. Now I need to pause the layout work on ark and work on the sdk side to make debugging a high priority. I desperately want the start command to work, because the subsequent loading of the disassembly and stacking of a series of operations is possible. iopxxx that function I have previously used the disassembly engine to find the correct offsets, just need the sdk to return the nt base to me, and then adjust the appropriate
Yes, the '.start' command works perfectly in the debugger mode (VMware).