本文整理汇总了Python中winappdbg.System.get_process_count方法的典型用法代码示例。如果您正苦于以下问题:Python System.get_process_count方法的具体用法?Python System.get_process_count怎么用?Python System.get_process_count使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类winappdbg.System
的用法示例。
在下文中一共展示了System.get_process_count方法的1个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: testRunningProcesses
# 需要导入模块: from winappdbg import System [as 别名]
# 或者: from winappdbg.System import get_process_count [as 别名]
def testRunningProcesses(self):
validator = MemoryValidatorClass()
validator.Initialize("c:\\mem\\user\\")
CounterMonitor.Start()
System.request_debug_privileges()
with UpdateCounterForScope("main"):
system = System()
system.scan_processes()
totalProcesses = system.get_process_count()
for processIndex, process in enumerate(system.iter_processes()):
fileName = getattr(process, "fileName")
pid = getattr(process, "dwProcessId")
if not fileName or not pid:
continue
validator.ImageName = fileName
logging.info("---------------------------------------------")
validator.Message = "[{}] fileName:{} pid:{}".format(processIndex, fileName, pid)
logging.info(validator.Message)
if not any(s in fileName for s in self.PROCESS_TO_SCAN):
continue
print "------process {}/{} {}-------".format(processIndex, totalProcesses, fileName)
with validator.ExceptionHandler("Failed comparing {0}".format(fileName)):
process.scan_modules()
mods = {}
for module in process.iter_modules():
baseDllName = ntpath.basename(module.get_filename().lower())
mod = {
"BaseDllName": baseDllName,
"FullDllName": module.get_filename().lower(),
"StartAddr": module.get_base(),
"EndAddr": module.get_base() + module.get_size(),
"SizeOfImage": module.get_size(),
}
if not mods.get(baseDllName):
mods[baseDllName] = []
mods[baseDllName].append(mod)
validator.BuildLoadedModuleAddressesFromWinAppDbg(mods)
totalMods = len(mods)
for modIndex, modList in enumerate(mods.itervalues()):
print "module {}/{} {}".format(modIndex, totalMods, modList[0]["BaseDllName"])
for modIndex, mod in enumerate(modList):
validator.InitializeModuleInfoFromWinAppDbg(mod)
with validator.ExceptionHandler("failed comparing {0}".format(mod)):
memoryData = process.read(validator.DllBase, validator.SizeOfImage)
if not memoryData:
validator.Warn("failed to read memory data")
continue
validator.CompareExe(memoryData, validator.FullDllPath)
CounterMonitor.Stop()
validator.DumpFinalStats()