本文整理汇总了Python中winappdbg.Process.scan_modules方法的典型用法代码示例。如果您正苦于以下问题:Python Process.scan_modules方法的具体用法?Python Process.scan_modules怎么用?Python Process.scan_modules使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类winappdbg.Process
的用法示例。
在下文中一共展示了Process.scan_modules方法的4个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: print_api_address
# 需要导入模块: from winappdbg import Process [as 别名]
# 或者: from winappdbg.Process import scan_modules [as 别名]
def print_api_address( pid, modName, procName ):
# Request debug privileges.
System.request_debug_privileges()
# Instance a Process object.
process = Process( pid )
# Lookup it's modules.
process.scan_modules()
# Get the module.
module = process.get_module_by_name( modName )
if not module:
print "Module not found: %s" % modName
return
# Resolve the requested API function address.
address = module.resolve( procName )
# Print the address.
if address:
print "%s!%s == 0x%.08x" % ( modName, procName, address )
else:
print "Could not resolve %s in module %s" % (procName, modName)
示例2: print_label_address
# 需要导入模块: from winappdbg import Process [as 别名]
# 或者: from winappdbg.Process import scan_modules [as 别名]
def print_label_address( pid, label ):
# Request debug privileges.
System.request_debug_privileges()
# Instance a Process object.
process = Process( pid )
# Lookup it's modules.
process.scan_modules()
# Resolve the requested label address.
address = process.resolve_label( label )
# Print the address.
print "%s == 0x%.08x" % ( label, address )
示例3: main
# 需要导入模块: from winappdbg import Process [as 别名]
# 或者: from winappdbg.Process import scan_modules [as 别名]
def main():
print "Process DLL injector"
print "by Mario Vilas (mvilas at gmail.com)"
print
if len(sys.argv) != 3:
script = os.path.basename(sys.argv[0])
print "Injects a DLL into a running process."
print " %s <pid> <library.dll>" % script
print " %s <process.exe> <library.dll>" % script
return
System.request_debug_privileges()
try:
pid = HexInput.integer(sys.argv[1])
except Exception:
s = System()
s.scan_processes()
pl = s.find_processes_by_filename(sys.argv[1])
if not pl:
print "Process not found: %s" % sys.argv[1]
return
if len(pl) > 1:
print "Multiple processes found for %s" % sys.argv[1]
for p,n in pl:
print "\t%12d: %s" % (p,n)
return
pid = pl[0][0].get_pid()
print "Using PID %d (0x%x)" % (pid, pid)
dll = sys.argv[2]
print "Using DLL %s" % dll
p = Process(pid)
b = p.get_bits()
if b != System.bits:
print (
"Cannot inject into a %d bit process from a %d bit Python VM!"
% (b, System.bits)
)
return
p.scan_modules()
p.inject_dll(dll)
示例4: CloseHandle
# 需要导入模块: from winappdbg import Process [as 别名]
# 或者: from winappdbg.Process import scan_modules [as 别名]
process.close_handle()
except WindowsError, e:
print "Warning: call to CloseHandle() failed: %s" % str(e)
except WindowsError, e:
print "Warning: call to TerminateProcess() failed: %s" % str(e)
except WindowsError, e:
print "Warning: call to OpenProcess() failed: %s" % str(e)
targets = next_targets
# Try to terminate processes by injecting a call to ExitProcess().
next_targets = list()
for pid in targets:
next_targets.append(pid)
try:
process = Process(pid)
process.scan_modules()
try:
module = process.get_module_by_name('kernel32')
pExitProcess = module.resolve('ExitProcess')
try:
process.start_thread(pExitProcess, -1)
next_targets.pop()
count += 1
print "Forced process %d exit" % pid
except WindowsError, e:
print "Warning: call to CreateRemoteThread() failed %d: %s" % (pid, str(e))
except WindowsError, e:
print "Warning: resolving address of ExitProcess() failed %d: %s" % (pid, str(e))
except WindowsError, e:
print "Warning: scanning for loaded modules failed %d: %s" % (pid, str(e))
targets = next_targets