本文整理汇总了Python中winappdbg.System类的典型用法代码示例。如果您正苦于以下问题:Python System类的具体用法?Python System怎么用?Python System使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
在下文中一共展示了System类的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的Python代码示例。
示例1: print_api_address
def print_api_address( pid, modName, procName ):
# Request debug privileges.
System.request_debug_privileges()
# Instance a Process object.
process = Process( pid )
# Lookup it's modules.
process.scan_modules()
# Get the module.
module = process.get_module_by_name( modName )
if not module:
print "Module not found: %s" % modName
return
# Resolve the requested API function address.
address = module.resolve( procName )
# Print the address.
if address:
print "%s!%s == 0x%.08x" % ( modName, procName, address )
else:
print "Could not resolve %s in module %s" % (procName, modName)
开发者ID:Kent1,项目名称:winappdbg,代码行数:25,代码来源:16_resolve_api.py
示例2: copypasta
def copypasta(action, params, wait_state, doing_verb, done_verb):
'common code in a lot of methods here :)'
try:
target = params[0]
# Do the requested action.
status = System.get_service(target)
try:
name = System.get_service_display_name(target)
except WindowsError:
name = target
print "%s service \"%s\"..." % (doing_verb, name)
action(*params)
# Wait for it to finish.
timeout = 20
status = System.get_service(target)
while status.CurrentState == wait_state:
timeout -= 1
if timeout <= 0:
print "Error: timed out."
return
time.sleep(0.5)
status = System.get_service(target)
# Done.
print "Service %s successfully." % done_verb
# On error show a message and quit.
except WindowsError, e:
print str(e)
return
开发者ID:bosskeyproductions,项目名称:winappdbg,代码行数:32,代码来源:service.py
示例3: print_thread_disassembly
def print_thread_disassembly( tid ):
# Request debug privileges.
System.request_debug_privileges()
# Instance a Thread object.
thread = Thread( tid )
# Suspend the thread execution.
thread.suspend()
# Get the thread's currently running code.
try:
eip = thread.get_pc()
code = thread.disassemble_around( eip )
# You can also do this:
# code = thread.disassemble_around_pc()
# Or even this:
# process = thread.get_process()
# code = process.disassemble_around( eip )
# Resume the thread execution.
finally:
thread.resume()
# Display the disassembled code.
print
print CrashDump.dump_code( code, eip ),
开发者ID:cgiogkarakis,项目名称:winappdbg,代码行数:30,代码来源:15_disassemble.py
示例4: getPidsByImg
def getPidsByImg(img):
result = []
system = System()
system.scan_processes()
for ( process, name ) in system.find_processes_by_filename( img ):
result.append(process.get_pid())
return result
开发者ID:JaanusFuzzing,项目名称:Vanapagan,代码行数:7,代码来源:WinUtils.py
示例5: print_state
def print_state( process_name ):
# Request debug privileges.
System.request_debug_privileges()
# Find the first process that matches the requested name.
system = System()
process, filename = system.find_processes_by_filename( process_name )[ 0 ]
# Suspend the process execution.
process.suspend()
try:
# For each thread in the process...
for thread in process.iter_threads():
# Get the thread state.
tid = thread.get_tid()
eip = thread.get_pc()
code = thread.disassemble_around( eip )
context = thread.get_context()
# Display the thread state.
print
print "-" * 79
print "Thread: %s" % HexDump.integer( tid )
print
print CrashDump.dump_registers( context )
print CrashDump.dump_code( code, eip ),
print "-" * 79
# Resume the process execution.
finally:
process.resume()
开发者ID:cgiogkarakis,项目名称:winappdbg,代码行数:34,代码来源:04_dump.py
示例6: __init__
class TSMonitorHandler:
def __init__(self):
self._system = System()
self._system.request_debug_privileges()
self._process = {}
for process in self._system:
self._process[process.get_pid()] = process
def ping(self):
print "function ping called."
return 0
def refresh(self):
print "function refresh called."
self.__init__()
return 0
def process(self, id):
p = self._process[id]
process = tsm.Process()
process.id = id
if id == 0:
process.name = "System Idle Process"
elif id == 4:
process.name = "System"
else:
process.name = os.path.basename(p.get_filename())
p.scan_threads()
tids = p.get_thread_ids()
#tids.sort()
process.num_threads = len(tids)
process.thread = []
for tid in tids:
# Suspend the thread executior
try:
th = p.get_thread(tid)
th.suspend()
stack_limit, stack_base = th.get_stack_range()
thread = tsm.Thread()
thread.id = tid
thread.stack_size = stack_base - stack_limit
process.thread.append(thread)
except WindowsError:
thread = tsm.Thread()
thread.id = tid
thread.stack_size = -1
process.thread.append(thread)
# Resume the thread execution
finally:
th.resume()
return process
开发者ID:daisukekobayashi,项目名称:ThreadStackMonitor,代码行数:59,代码来源:thread_stack_monitor.py
示例7: wait_for_service
def wait_for_service( service, wait_state, timeout = 20 ):
descriptor = System.get_service( service )
while descriptor.CurrentState == wait_state:
timeout -= 1
if timeout <= 0:
raise RuntimeException( "Error: timed out." )
sleep( 0.5 )
descriptor = System.get_service( service )
开发者ID:hatRiot,项目名称:winappdbg,代码行数:8,代码来源:26_service_restart.py
示例8: main
def main():
# Create a system snaphot.
system = System()
# Get the Desktop window.
root = system.get_desktop_window()
# Now show the window tree.
show_window_tree(root)
开发者ID:MarioVilas,项目名称:winappdbg,代码行数:10,代码来源:19_show_window_tree.py
示例9: create_debugger
def create_debugger(self):
# Instance a debugger
debug = Debug(self, bHostileCode = self.options.hostile)
# Make sure the remote symbol store is set
System.fix_symbol_store_path(remote = True, force = False)
# Populate the snapshot of processes
debug.system.scan()
# Use this debugger
self.start_using_debugger(debug)
开发者ID:Debug-Orz,项目名称:winappdbg,代码行数:13,代码来源:pdebug.py
示例10: main
def main():
print "Process string extractor"
print "by Mario Vilas (mvilas at gmail.com)"
print
if len(sys.argv) != 2:
script = os.path.basename(sys.argv[0])
print " %s <pid>" % script
print " %s <process.exe>" % script
return
System.request_debug_privileges()
try:
pid = HexInput.integer(sys.argv[1])
except Exception, e:
s = System()
s.scan_processes()
pl = s.find_processes_by_filename(sys.argv[1])
if not pl:
print "Process not found: %s" % sys.argv[1]
return
if len(pl) > 1:
print "Multiple processes found for %s" % sys.argv[1]
for p, n in pl:
print "\t%s: %s" % (p.get_pid(), n)
return
pid = pl[0][0].get_pid()
s.clear()
del s
开发者ID:proxymoron,项目名称:winappdbg,代码行数:30,代码来源:pstrings.py
示例11: get_explorer_pid
def get_explorer_pid():
# Request debug privileges.
System.request_debug_privileges()
# Scan for running processes.
system = System()
try:
system.scan_processes()
#system.scan_process_filenames()
except WindowsError:
system.scan_processes_fast()
# For each running process...
for process in system.iter_processes():
try:
pid = process.get_pid()
if pid in (0, 4, 8):
continue
if dev:
print "* Process:", process.get_filename(), "Pid:", pid, "Time:", process.get_running_time()
if process.get_filename() == "explorer.exe":
if process.get_running_time() < 300000:
return pid
# Skip processes we don't have permission to access.
except WindowsError, e:
if e.winerror == ERROR_ACCESS_DENIED:
continue
raise
开发者ID:demtevfik,项目名称:hack4career,代码行数:32,代码来源:cryptokiller.py
示例12: main
def main(argv):
# Print the banner.
print "SelectMyParent: Start a program with a selected parent process"
print "by Mario Vilas (mvilas at gmail.com)"
print "based on a Didier Stevens tool (https://DidierStevens.com)"
print
# Check the command line arguments.
if len(argv) < 3:
script = os.path.basename(argv[0])
print " %s <pid> <process.exe> [arguments]" % script
return
# Request debug privileges.
system = System()
system.request_debug_privileges()
# Parse the parent process argument.
try:
dwParentProcessId = HexInput.integer(argv[1])
except ValueError:
dwParentProcessId = None
if dwParentProcessId is not None:
dwMyProcessId = win32.GetProcessId( win32.GetCurrentProcess() )
if dwParentProcessId != dwMyProcessId:
system.scan_processes_fast()
if not system.has_process(dwParentProcessId):
print "Can't find process ID %d" % dwParentProcessId
return
else:
system.scan_processes()
process_list = system.find_processes_by_filename(argv[1])
if not process_list:
print "Can't find process %r" % argv[1]
return
if len(process_list) > 1:
print "Too many processes found:"
for process, name in process_list:
print "\t%d:\t%s" % (process.get_pid(), name)
return
dwParentProcessId = process_list[0][0].get_pid()
# Parse the target process argument.
filename = argv[2]
if not os.path.exists(filename):
try:
filename = win32.SearchPath(None, filename, '.exe')[0]
except WindowsError, e:
print "Error searching for %s: %s" % (filename, str(e))
return
argv = list(argv)
argv[2] = filename
开发者ID:Debug-Orz,项目名称:winappdbg,代码行数:53,代码来源:SelectMyParent.py
示例13: print_label_address
def print_label_address( pid, label ):
# Request debug privileges.
System.request_debug_privileges()
# Instance a Process object.
process = Process( pid )
# Lookup it's modules.
process.scan_modules()
# Resolve the requested label address.
address = process.resolve_label( label )
# Print the address.
print "%s == 0x%.08x" % ( label, address )
开发者ID:Kent1,项目名称:winappdbg,代码行数:16,代码来源:16_resolve_label.py
示例14: list_processes
def list_processes(match_name=""):
print "[+] processes:"
s = System()
l = []
if len(match_name) > 0:
l1 = []
for p in s.find_processes_by_filename(match_name):
l.append(p[0])
else:
l = s
for p in l:
print "%5d\t%s" % (p.get_pid(), p.get_filename())
return l
开发者ID:nitram2342,项目名称:spooky-hook,代码行数:17,代码来源:spooky-hook.py
示例15: test_windbg_version
def test_windbg_version():
from winappdbg import System, win32
dbghelp = System.load_dbghelp()
pathname = win32.GetModuleFileNameEx(-1, dbghelp._handle)
sysroot = os.getenv("SystemRoot")
system = os.path.join(sysroot, "System32")
syswow = os.path.join(sysroot, "SysWoW64")
if pathname.lower().startswith(system.lower()) or pathname.lower().startswith(syswow.lower()):
raise RuntimeError("WinDbg not found")
开发者ID:hatRiot,项目名称:winappdbg,代码行数:10,代码来源:test.py
示例16: queue_initial_commands
def queue_initial_commands(self):
# Queue the attach commands, if needed
if self.options.attach:
cmd = 'attach %s' % self.join_tokens(self.options.attach)
self.cmdqueue.append(cmd)
# Queue the windowed commands, if needed
for argv in self.options.windowed:
cmdline = System.argv_to_cmdline(argv)
self.cmdqueue.append( 'windowed %s' % cmdline )
# Queue the console commands, if needed
for argv in self.options.console:
cmdline = System.argv_to_cmdline(argv)
self.cmdqueue.append( 'console %s' % cmdline )
# Queue the continue command, if other commands were queued before
if len(self.cmdqueue) > 0:
self.cmdqueue.append('continue')
开发者ID:Debug-Orz,项目名称:winappdbg,代码行数:20,代码来源:pdebug.py
示例17: find_window
def find_window():
# If two arguments are given, the first is the classname
# and the second is the caption text.
if len(sys.argv) > 2:
classname = sys.argv[1]
caption = sys.argv[2]
if not classname:
classname = None
if not caption:
caption = None
window = System.find_window(classname, caption)
# If only one argument is given, try the caption text, then the classname.
else:
try:
window = System.find_window(windowName=sys.argv[1])
except WindowsError:
window = System.find_window(className=sys.argv[1])
return window
开发者ID:proxymoron,项目名称:winappdbg,代码行数:21,代码来源:21_find_window.py
示例18: get_processes_list
def get_processes_list():
"""Take a snapshot and return the list of processes"""
if sys.platform == 'win32':
# (based on winappdbg examples)
# Create a system snaphot
system = System()
# The snapshot is initially empty, so populate it
system.scan_processes()
process_ids = list(system.iter_process_ids())
# winappdbg does not include our pid, add it manually
process_ids.append(get_current_process_id())
process_ids.sort()
# Return the processes in the system snapshot (iterator)
return (WinProcess(pid) for pid in process_ids)
else:
pids = psi.process.ProcessTable()
return (LinuxProcess(pid) for pid in pids)
开发者ID:ohio813,项目名称:pypeelf,代码行数:22,代码来源:running_tasks.py
示例19: unfreeze_threads
def unfreeze_threads( pid ):
# Request debug privileges.
System.request_debug_privileges()
# Instance a Process object.
process = Process( pid )
# This would also do the trick...
#
# process.resume()
#
# ...but let's do it the hard way:
# Lookup the threads in the process.
process.scan_threads()
# For each thread in the process...
for thread in process.iter_threads():
# Resume the thread execution.
thread.resume()
开发者ID:cgiogkarakis,项目名称:winappdbg,代码行数:22,代码来源:13_freeze.py
示例20: print_thread_context
def print_thread_context( tid ):
# Request debug privileges.
System.request_debug_privileges()
# Instance a Thread object.
thread = Thread( tid )
# Suspend the thread execution.
thread.suspend()
# Get the thread context.
try:
context = thread.get_context()
# Resume the thread execution.
finally:
thread.resume()
# Display the thread context.
print
print CrashDump.dump_registers( context ),
开发者ID:Kent1,项目名称:winappdbg,代码行数:22,代码来源:14_registers.py
注:本文中的winappdbg.System类示例由纯净天空整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。 |
请发表评论