def UnHook(self): """Remove the hook""" debugger.remove_hook(self.desc)
def main(args): imm = Debugger() xmlhost = None xmlport = 0 sql_oledb = imm.getModule("sqloledb.dll") if not sql_oledb.isAnalysed(): imm.analyseCode(sql_oledb.getCodebase()) try: opts,argo = getopt.getopt(args, "ius:") except: return usage(imm) for o,a in opts: if o == "-u": if hasattr(imm, "removeHook"): imm.removeHook("query") elif hasattr(debugger, "remove_hook"): debugger.remove_hook("query") else: imm.log("Could not remove hook - no remove hook function found!") return "Removed hook on SQL function." if o == "-s": xmlhost,xmlport = a.split(":") # Various versions, we need to match on winxp_pro_sp2 = "2000.085.1117.00 (xpsp_sp2_rtm." win2k3 = "2000.086.3959.00 (srv03_sp2_rtm" win2k = "2000.081.9031.018" win2k_old = "2000.080.0194" version = sql_oledb.getVersion() sql_base = sql_oledb.getBaseAddress() if version == winxp_pro_sp2: offset = 0xF6F5 hook_version = "winxp_pro_sp2" if version == win2k3: offset = 0x6522 hook_version = "win2k3" if version == win2k: offset = 0xFA2D hook_version = "win2k" if version == win2k_old: offset = 0x4034 hook_version = "win2k_old" bp_address = sql_base + offset # Set a hook hooker = ole_hooker(hook_version,xmlhost,xmlport) hooker.add("query",bp_address) return "SQL Hooks in Place. Ready for Test Cases."
def main(args): imm = Debugger() xmlhost = None xmlport = 0 sql_oledb = imm.getModule("sqloledb.dll") if not sql_oledb.isAnalysed(): imm.analyseCode(sql_oledb.getCodebase()) try: opts, argo = getopt.getopt(args, "ius:") except: return usage(imm) for o, a in opts: if o == "-u": if hasattr(imm, "removeHook"): imm.removeHook("query") elif hasattr(debugger, "remove_hook"): debugger.remove_hook("query") else: imm.log( "Could not remove hook - no remove hook function found!") return "Removed hook on SQL function." if o == "-s": xmlhost, xmlport = a.split(":") # Various versions, we need to match on winxp_pro_sp2 = "2000.085.1117.00 (xpsp_sp2_rtm." win2k3 = "2000.086.3959.00 (srv03_sp2_rtm" win2k = "2000.081.9031.018" win2k_old = "2000.080.0194" version = sql_oledb.getVersion() sql_base = sql_oledb.getBaseAddress() if version == winxp_pro_sp2: offset = 0xF6F5 hook_version = "winxp_pro_sp2" if version == win2k3: offset = 0x6522 hook_version = "win2k3" if version == win2k: offset = 0xFA2D hook_version = "win2k" if version == win2k_old: offset = 0x4034 hook_version = "win2k_old" bp_address = sql_base + offset # Set a hook hooker = ole_hooker(hook_version, xmlhost, xmlport) hooker.add("query", bp_address) return "SQL Hooks in Place. Ready for Test Cases."