当前位置: 首页>>代码示例>>Python>>正文

Python utils.remove_unprintable方法代码示例

本文整理汇总了Python中volatility.utils.remove_unprintable方法的典型用法代码示例。如果您正苦于以下问题:Python utils.remove_unprintable方法的具体用法?Python utils.remove_unprintable怎么用?Python utils.remove_unprintable使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在volatility.utils的用法示例。


在下文中一共展示了utils.remove_unprintable方法的4个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。

示例1: reg_get_key_path

# 需要导入模块: from volatility import utils [as 别名]
# 或者: from volatility.utils import remove_unprintable [as 别名]
def reg_get_key_path(self, key):
        ''' 
        Takes in a key object and traverses back through its family to build the path
        '''
        path = key.Name
        while key.Parent and key.Parent & 0xffffffff > 0x20:
            key = key.Parent.dereference()
            if utils.remove_unprintable(str(key.Name)) != "": 
                path = "{0}\\{1}".format(key.Name, path)
        return path
开发者ID:virtualrealitysystems,项目名称:aumfor,代码行数:12,代码来源:registryapi.py

示例2: get_service_info

# 需要导入模块: from volatility import utils [as 别名]
# 或者: from volatility.utils import remove_unprintable [as 别名]
def get_service_info(regapi):
        ccs = regapi.reg_get_currentcontrolset()
        key_name = "{0}\\services".format(ccs)
        info = {}
        for subkey in regapi.reg_get_all_subkeys(hive_name = "system", key = key_name):

            path_value = ""
            dll_value = ""
            failure_value = ""

            image_path = regapi.reg_get_value(hive_name = "system", key = "", value = "ImagePath", given_root = subkey)
            if image_path:
                path_value = utils.remove_unprintable(image_path)

            failure_path = regapi.reg_get_value(hive_name = "system", key = "", value = "FailureCommand", given_root = subkey)
            if failure_path:
                failure_value = utils.remove_unprintable(failure_path)

            for rootkey in regapi.reg_get_all_subkeys(hive_name = "system", key = "", given_root = subkey):
                if rootkey.Name == "Parameters":
                    service_dll = regapi.reg_get_value(hive_name = "system", key = "", value = "ServiceDll", given_root = rootkey)
                    if service_dll != None:
                        dll_value = utils.remove_unprintable(service_dll)
                    break

            info[utils.remove_unprintable(str(subkey.Name))] = (dll_value, path_value, failure_value)

        return info
开发者ID:virtualrealitysystems,项目名称:aumfor,代码行数:30,代码来源:svcscan.py

示例3: get_service_info

# 需要导入模块: from volatility import utils [as 别名]
# 或者: from volatility.utils import remove_unprintable [as 别名]
def get_service_info(regapi):
        ccs = regapi.reg_get_currentcontrolset()
        key_name = "{0}\\services".format(ccs)
        info = {}
        for subkey in regapi.reg_get_all_subkeys(hive_name = "system", key = key_name):

            path_value = ""
            dll_value = ""
            failure_value = ""

            image_path = regapi.reg_get_value(hive_name = "system", key = "", value = "ImagePath", given_root = subkey)
            if image_path:
                # this could be REG_SZ or REG_MULTI_SZ
                if isinstance(image_path, list):
                    image_path = image_path[0]
                path_value = utils.remove_unprintable(image_path)

            failure_path = regapi.reg_get_value(hive_name = "system", key = "", value = "FailureCommand", given_root = subkey)
            if failure_path:
                failure_value = utils.remove_unprintable(failure_path)

            for rootkey in regapi.reg_get_all_subkeys(hive_name = "system", key = "", given_root = subkey):
                if rootkey.Name == "Parameters":
                    service_dll = regapi.reg_get_value(hive_name = "system", key = "", value = "ServiceDll", given_root = rootkey)
                    if service_dll != None:
                        dll_value = utils.remove_unprintable(service_dll)
                    break

            last_write = int(subkey.LastWriteTime)
            info[utils.remove_unprintable(str(subkey.Name))] = (dll_value, path_value, failure_value, last_write)

        return info
开发者ID:volatilityfoundation,项目名称:volatility,代码行数:34,代码来源:svcscan.py

示例4: get_service_dlls

# 需要导入模块: from volatility import utils [as 别名]
# 或者: from volatility.utils import remove_unprintable [as 别名]
def get_service_dlls(regapi):
        ccs = regapi.reg_get_currentcontrolset()
        key_name = "{0}\\services".format(ccs)
        dlls = {}
        for subkey in regapi.reg_get_all_subkeys(hive_name = "system", key = key_name):
            for rootkey in regapi.reg_get_all_subkeys(hive_name = "system", key = "", given_root = subkey):
                if rootkey.Name == "Parameters":
                    service_dll = regapi.reg_get_value(hive_name = "system", key = "", value = "ServiceDll", given_root = rootkey)
                    if service_dll != None:
                        dlls[utils.remove_unprintable(str(subkey.Name))] = "{0}".format(utils.remove_unprintable(service_dll))
        return dlls
开发者ID:vortessence,项目名称:vortessence,代码行数:13,代码来源:svcscan.py


注:本文中的volatility.utils.remove_unprintable方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。