本文整理匯總了Python中winappdbg.Debug.cont方法的典型用法代碼示例。如果您正苦於以下問題:Python Debug.cont方法的具體用法?Python Debug.cont怎麽用?Python Debug.cont使用的例子?那麽, 這裏精選的方法代碼示例或許可以為您提供幫助。您也可以進一步了解該方法所在類winappdbg.Debug的用法示例。
在下文中一共展示了Debug.cont方法的3個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的Python代碼示例。
示例1: __init__
# 需要導入模塊: from winappdbg import Debug [as 別名]
# 或者: from winappdbg.Debug import cont [as 別名]
class Coverage:
verbose = False
bbFiles = {}
bbFilesBreakpints = []
bbFilesData = {}
bbOriginalName = {}
modules = []
fileOutput = None
#Construct
def __init__(self):
self.debugger = Debug( bKillOnExit = True )
def setVerbose(self, val):
self.verbose = val
#cuts after .
def cutDot(self, input):
if (input.find(".") == -1):
return input
return input[0:input.find(".")]
#load basic blocks
def loadBB(self, baseBbDir):
self.bbFiles = {}
count = 0
print "baseBbDir:"+baseBbDir
for bbFile in os.listdir(baseBbDir):
print "bbFile:" + bbFile
f = open(baseBbDir + "/" + bbFile, "r")
fname = f.readline().strip().lower()
#fname = f.readline().strip()
fnameOrig = fname
if ".dll" not in fname and ".exe" not in fname: #Stupid hack to avoid problems in loading libs with other extensions then .dll
fname = self.cutDot(fname) + ".dll"
self.bbOriginalName[fname] = fnameOrig
self.bbFiles[fname] = count
self.bbFilesBreakpints.append({})
rvaHighest = 0
for line in f:
try:
rva = int(line[0:8], 16)
val = int(line[18:20], 16)
self.bbFilesBreakpints[count][rva] = val
if rva > rvaHighest:
rvaHighest = rva
except Exception:
continue
self.bbFilesData[fname] = [rvaHighest + 10, count]
if self.verbose:
print "Loaded breakpoints for %s with index %02X" % (fname, count)
count += 1
f.close()
#Register module (original exe image or dll)
def registerModule(self, filename, baseaddr):
filename = filename.lower()
if ".dll" not in filename and ".exe" not in filename: #Stupid hack to avoid problems in loading libs with other extensions then .dll
filename = self.cutDot(filename) + ".dll"
if filename not in self.bbFiles:
return
if self.verbose:
print " Image %s has breakpoints defined" % filename
self.modules.append([baseaddr,baseaddr+self.bbFilesData[filename][0], self.bbFilesData[filename][1]])
if self.verbose:
print " Image has breakpoints from %08X to %08X with index %02X" % (baseaddr,baseaddr+self.bbFilesData[filename][0],self.bbFilesData[filename][1])
#Handle a breakpoint
def breakpoint(self, location):
index = None
for i in xrange(len(self.modules)):
if location>=self.modules[i][0] and location<=self.modules[i][1]:
index = i
break
if index == None:
return None
rva = location - self.modules[index][0]
index = self.modules[index][2]
if rva not in self.bbFilesBreakpints[index]:
return None
self.fileOutput.write("%02X|%08X\n" % (index, rva))
return self.bbFilesBreakpints[index][rva]
def startFileRec(self, filename):
self.modules = []
self.fileOutput = open(filename, "w")
for image in self.bbFiles:
self.fileOutput.write("%s|%02X\n" % (self.bbOriginalName[image], self.bbFiles[image]))
def endFileRec(self):
self.fileOutput.close()
#Start program
def start(self, execFile, waitTime = 6, recFilename = "output.txt", kill = True):
self.startFileRec(recFilename)
mainProc = self.debugger.execv( execFile, bFollow = True )
event = None
endTime = time() + waitTime
while time() < endTime:
if not mainProc.is_alive():
#.........這裏部分代碼省略.........
示例2: __init__
# 需要導入模塊: from winappdbg import Debug [as 別名]
# 或者: from winappdbg.Debug import cont [as 別名]
class WinBasic:
debugger = None
mainProc = None
alwaysCatchExceptions = [
win32.STATUS_ACCESS_VIOLATION,
win32.STATUS_ILLEGAL_INSTRUCTION,
win32.STATUS_ARRAY_BOUNDS_EXCEEDED,
]
def __init__(self, killOnExit=True):
self.debugger = Debug(bKillOnExit=killOnExit)
self.mainProcs = []
def run(self, executable, children=True):
tmp = self.debugger.execv(executable, bFollow=children)
self.mainProcs.append(tmp)
return tmp.get_pid()
def attachPid(self, pid):
self.mainProcs.append(self.debugger.attach(pid))
def attachImg(self, img):
self.debugger.system.scan_processes()
for (process, name) in self.debugger.system.find_processes_by_filename(img):
self.attachPid(process.get_pid())
def close(self, kill=True, taskkill=True, forced=True):
pids = self.debugger.get_debugee_pids()
self.debugger.detach_from_all(True)
for pid in pids:
if kill:
try:
proc = self.debugger.system.get_process(pid)
proc.kill()
except:
pass
# Taskkill
if taskkill and not forced:
subprocess.call(["taskkill", "/pid", str(pid)], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
if taskkill and forced:
subprocess.call(["taskkill", "/f", "/pid", str(pid)], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
def waitForCrash(self, waitTime=4, checkAlive=False):
event = None
endDebuging = False
endTime = time() + waitTime
while time() < endTime:
if checkAlive:
for proc in self.mainProcs:
if not proc.is_alive():
return None
try:
event = self.debugger.wait(1000)
except WindowsError, e:
if e.winerror in (win32.ERROR_SEM_TIMEOUT, win32.WAIT_TIMEOUT):
continue
raise
crash = self.handler(event)
if crash != None:
return crash
else:
try:
self.debugger.dispatch()
except:
pass
finally:
self.debugger.cont()
return None示例3:
# 需要導入模塊: from winappdbg import Debug [as 別名]
# 或者: from winappdbg.Debug import cont [as 別名]
try:
debug.dispatch(event)
# add breakpoint when acrord32 gets loaded
if event.get_event_code() == 3:
process = event.get_process()
base_address = event.get_image_base()
print "AcroRd32 Main module found at %08x"%base_address
# Hint: Use the string "Check failed: policy_." to hunt
# the function that adds a new policy
breakpoint_offsets = { "10.1.3": 0x21260,
"10.1.4": 0x21630,
"10.1.5": 0x1fca0,
"11.0.0": 0x20370,
"11.0.1": 0x18350, }
breakpoint_address = base_address + breakpoint_offsets[version]
#setting breakpoint
print "Setting breakpoint at %08x"%breakpoint_address
debug.break_at(process.get_pid(), breakpoint_address, print_policy)
except Exception,e:
print "Exception in user code:",e
finally:
debug.cont(event)
# Stop the debugger.
debug.stop()
pmf.commit()