Python taskmods.PSList方法代碼示例

本文整理匯總了Python中volatility.plugins.taskmods.PSList方法的典型用法代碼示例。如果您正苦於以下問題：Python taskmods.PSList方法的具體用法？Python taskmods.PSList怎麽用？Python taskmods.PSList使用的例子？那麽, 這裏精選的方法代碼示例或許可以為您提供幫助。您也可以進一步了解該方法所在類volatility.plugins.taskmods的用法示例。

在下文中一共展示了taskmods.PSList方法的2個代碼示例，這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚，您的評價將有助於係統推薦出更棒的Python代碼示例。

示例1: main

# 需要導入模塊: from volatility.plugins import taskmods [as 別名]
# 或者: from volatility.plugins.taskmods import PSList [as 別名]
def main():

    ## sys.argv[1] = volatility profile 
    ## sys.argv[2] = full path on disk to your memory sample

    config = libapi.get_config(sys.argv[1], sys.argv[2])
    data = libapi.get_json(config, taskmods.PSList)

    ## `data` now contains json with two keys: `columns` and `rows`, where `columns`
    ## contains a list of column headings (matching the corresponding volatility 
    ## plugin output) and `rows` contains a list of the values for each object found.

    ## you can either print/save all columns, or you can drill down to a particular 
    ## column by getting the desired column's index as shown below and then accessing
    ## the index in each row. the following example prints each process' name. 
    
    name_index = data['columns'].index('Name')

    for row in data['rows']:
        print row[name_index]

開發者ID:virtualrealitysystems，項目名稱:aumfor，代碼行數:22，代碼來源:pslist_json.py

示例2: pslist

# 需要導入模塊: from volatility.plugins import taskmods [as 別名]
# 或者: from volatility.plugins.taskmods import PSList [as 別名]
def pslist(self):
        """Volatility pslist plugin.
        @see volatility/plugins/taskmods.py
        """
        log.debug("Executing Volatility pslist plugin on "
                  "{0}".format(self.memdump))

        self.__config()
        results = []

        command = taskmods.PSList(self.config)
        for process in command.calculate():
            new = {
                "process_name": str(process.ImageFileName),
                "process_id": int(process.UniqueProcessId),
                "parent_id": int(process.InheritedFromUniqueProcessId),
                "num_threads": str(process.ActiveThreads),
                "num_handles": str(process.ObjectTable.HandleCount),
                "session_id": str(process.SessionId),
                "create_time": str(process.CreateTime or ""),
                "exit_time": str(process.ExitTime or ""),
            }

            results.append(new)

        return dict(config={}, data=results)

開發者ID:davidoren，項目名稱:CuckooSploit，代碼行數:28，代碼來源:memory.py

注：本文中的volatility.plugins.taskmods.PSList方法示例由純淨天空整理自Github/MSDocs等開源代碼及文檔管理平台，相關代碼片段篩選自各路編程大神貢獻的開源項目，源碼版權歸原作者所有，傳播和使用請參考對應項目的License；未經允許，請勿轉載。