HyperDbg Documentation
HyperDbg Documentation
HyperDbg
Download
Source code
Blog
HyperDbg
Getting Started
Quick Start
FAQ
Build & Install
Attach to HyperDbg
Using HyperDbg
Prerequisites
Examples
Commands
Debugging Commands
? (evaluate and execute expressions and scripts in debuggee)
~ (display and change the current operating core)
load (load the kernel modules)
unload (unload the kernel modules)
status (show the debuggee status)
events (show and modify active/disabled events)
p (step-over)
t (step-in)
i (instrument step-in)
r (read or modify registers)
bp (set breakpoint)
bl (list breakpoints)
be (enable breakpoints)
bd (disable breakpoints)
bc (clear and remove breakpoints)
g (continue debuggee or processing kernel packets)
x (examine symbols and find functions and variables address)
db, dc, dd, dq (read virtual memory)
eb, ed, eq (edit virtual memory)
sb, sd, sq (search virtual memory)
u, u2 (disassemble virtual address)
sleep (wait for specific time in the .script command)
pause (break to the debugger and pause processing kernel packets)
print (evaluate and print expression in debuggee)
lm (view loaded modules)
cpu (check cpu supported technologies)
rdmsr (read model-specific register)
wrmsr (write model-specific register)
flush (remove pending kernel buffers and messages)
output (create output source for event forwarding)
test (test functionalities)
settings (configures different options and preferences)
exit (exit from the debugger)
Meta Commands
Extension Commands
Scripting Language
Tips & Tricks
Considerations
Nested-Virtualization Environments
Misc
Contribution
Style Guide
Logo & Artworks
Design
Features
Debugger Internals
Script Engine
Links
Twitter
YouTube
Doxygen
Contribution
Powered by GitBook

pause (break to the debugger and pause processing kernel packets)

Description of 'pause' command in HyperDbg.

Command

pause

Syntax

pause

Description

On the remote system, this command halts the system and gives control of the remote system to the debugger. In local debugging, this command stops processing kernel and vmx packets and ignores them.

You can unpause using the g command.

Parameters

None

IOCTL

None

Remarks

In remote debugging, pause command or CTRL+C or CTRL+BREAK causes the target system to pause completely, and the target system halts.

In local debugging, pause command or CTRL+C or CTRL+BREAK causes the debugger to stop processing kernel and vmx packets (they won't stop working, we ignore the messages). Also, we don't save messages, so when you pause the debugger, then the logs from the events are ignored, and you can't process them in the future.

Most of the time, this command is used in scripts after the 'sleep' command to block further messages caused by triggering events.

Requirements

None

Related

​.script (run batch script commands)​

​g (continue debugging or processing kernel packets)​

​settings (configures different options and preferences)​

​

Previous
sleep (wait for specific time in the .script command)
Next
print (evaluate and print expression in debuggee)
Last updated 2 months ago
Edit on GitHub
Contents
Command
Syntax
Description
Parameters
IOCTL
Remarks
Requirements
Related