当前位置: 首页>>代码示例>>Python>>正文

Python System.get_process_count方法代码示例

本文整理汇总了Python中winappdbg.System.get_process_count方法的典型用法代码示例。如果您正苦于以下问题:Python System.get_process_count方法的具体用法?Python System.get_process_count怎么用?Python System.get_process_count使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在winappdbg.System的用法示例。


在下文中一共展示了System.get_process_count方法的1个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。

示例1: testRunningProcesses

# 需要导入模块: from winappdbg import System [as 别名]
# 或者: from winappdbg.System import get_process_count [as 别名]
 def testRunningProcesses(self):
     validator = MemoryValidatorClass()
     validator.Initialize("c:\\mem\\user\\")
     CounterMonitor.Start()
     System.request_debug_privileges()
     with UpdateCounterForScope("main"):
         system = System()
         system.scan_processes()
         totalProcesses = system.get_process_count()
         for processIndex, process in enumerate(system.iter_processes()):
             fileName = getattr(process, "fileName")
             pid = getattr(process, "dwProcessId")
             if not fileName or not pid:
                 continue
             validator.ImageName = fileName
             logging.info("---------------------------------------------")
             validator.Message = "[{}] fileName:{} pid:{}".format(processIndex, fileName, pid)
             logging.info(validator.Message)
             if not any(s in fileName for s in self.PROCESS_TO_SCAN):
                 continue
             print "------process {}/{} {}-------".format(processIndex, totalProcesses, fileName)
             with validator.ExceptionHandler("Failed comparing {0}".format(fileName)):
                 process.scan_modules()
                 mods = {}
                 for module in process.iter_modules():
                     baseDllName = ntpath.basename(module.get_filename().lower())
                     mod = {
                         "BaseDllName": baseDllName,
                         "FullDllName": module.get_filename().lower(),
                         "StartAddr": module.get_base(),
                         "EndAddr": module.get_base() + module.get_size(),
                         "SizeOfImage": module.get_size(),
                     }
                     if not mods.get(baseDllName):
                         mods[baseDllName] = []
                     mods[baseDllName].append(mod)
                 validator.BuildLoadedModuleAddressesFromWinAppDbg(mods)
                 totalMods = len(mods)
                 for modIndex, modList in enumerate(mods.itervalues()):
                     print "module {}/{} {}".format(modIndex, totalMods, modList[0]["BaseDllName"])
                     for modIndex, mod in enumerate(modList):
                         validator.InitializeModuleInfoFromWinAppDbg(mod)
                         with validator.ExceptionHandler("failed comparing {0}".format(mod)):
                             memoryData = process.read(validator.DllBase, validator.SizeOfImage)
                             if not memoryData:
                                 validator.Warn("failed to read memory data")
                                 continue
                             validator.CompareExe(memoryData, validator.FullDllPath)
     CounterMonitor.Stop()
     validator.DumpFinalStats()
开发者ID:r1nswenson,项目名称:volatility,代码行数:52,代码来源:test_admemval_cpp_binding.py


注:本文中的winappdbg.System.get_process_count方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。