Beispiel #1
0
def GetModuleBaseAddress(moduleName):
    (image_base, image_size) = 0, 0
    procs = running_tasks.get_processes_list()

    for p in procs:
        fn = p.get_filename()
        if fn:
            if fn == moduleName:
                try:
                    # There is a little bug when winappdbg looks for the module
                    # in a dict(). Even if the except is reached, the correct ImageBase
                    # is returned by the call to get_image_base().
                    image_base = p.get_image_base()
                    image_size = p.get_image_size()
                except KeyError, e:
                    print "Error in %s:%s" % (os.path.basename(fn), str(e))
                    continue
Beispiel #2
0
def GetModuleBaseAddress(moduleName):
    (image_base, image_size) = 0, 0
    procs = running_tasks.get_processes_list()
    
    for p in procs:
        fn = p.get_filename()
        if fn:
            if fn == moduleName:
                try:
                    # There is a little bug when winappdbg looks for the module
                    # in a dict(). Even if the except is reached, the correct ImageBase
                    # is returned by the call to get_image_base().
                    image_base = p.get_image_base()
                    image_size = p.get_image_size()
                except KeyError, e:
                    print "Error in %s:%s" % (os.path.basename(fn), str(e))
                    continue
Beispiel #3
0
    def loadProcesses(self):
        self.processList.DeleteAllItems()
        self.moduleList.DeleteAllItems()
        procs = running_tasks.get_processes_list()

        i = 0
        for p in procs:
            i += 1
            # the pid act as a key
            pid = p.get_pid()

            if p.get_filename():
                try:
                    name = os.path.basename(p.get_filename())
                    image_base = hex_up(p.get_image_base())
                    size_image = hex_up(p.get_image_size())
                except KeyError, e:
                    wx.MessageBox("Error in: %s, %s" % (name, str(e)), "Error",
                                  wx.ICON_ERROR)
            else:
                name = '[System]'
                image_base = hex_up(0)
                size_image = hex_up(0)
            owner = p.get_owner()

            # create the listctrl item
            index = self.processList.InsertStringItem(sys.maxint, name)
            if self.type_pid_ch == "decimal":
                self.processList.SetStringItem(index, 1, "%d" % pid)
                #index = self.processList.InsertStringItem(sys.maxint, "%d" % pid)
            else:
                self.processList.SetStringItem(index, 1, hex_up(pid))
                #index = self.processList.InsertStringItem(sys.maxint, hex_up_8(pid))

            #self.processList.SetStringItem(index, 1, name)
            self.processList.SetStringItem(index, 2, image_base)
            self.processList.SetStringItem(index, 3, size_image)
            self.processList.SetStringItem(index, 4, owner)
            self.processList.SetItemData(index, i)
            self.itemDataMap[i] = (name, pid, image_base, size_image, owner)