def main(): debugger = my_debugger.debugger() # debugger.load(r'C:\Users\killa\Desktop\peTest.exe') #pid = raw_input('Enter the pid: ') pid = find_tartget_pid('demo.exe') debugger.attach(int(pid)) try: #printf_address = debugger.func_resolve('msvcr90.dll','printf') printf_address = 0x6a3a7ef0 va_a_address = 0x00417138 #debugger.bp_set(printf_address) #debugger.bp_set_hw(printf_address, 1, my_debugger_defines.HW_EXECUTE) debugger.bp_set_mem(va_a_address, 4) debugger.run() # list_threads = debugger.enumerate_threads() # # for thread in list_threads: # thread_context = debugger.get_thread_context(thread) # print 'th32ThreadID: {}'.format(thread) # print 'eax: 0x%08x' % thread_context.Eax # print 'ebx: 0x%08x' % thread_context.Ebx # print 'ecx: 0x%08x' % thread_context.Ecx # print 'edx: 0x%08x' % thread_context.Edx # print 'esp: 0x%08x' % thread_context.Esp finally: debugger.detach()
import my_debugger import os debugger = my_debugger.debugger() #path = b"C:/WINDOWS/System32/calc.exe" pid = input("Enter the PID of the process to attach to: ") debugger.attach(int(pid)) list = debugger.enumerate_threads() if list is False: print("[*] Faild get list") #else: # print(list) for thread in list: context = debugger.get_thread_context(thread) print("[*] Dumping regisers for thread ID: 0x%08x" % thread) print("[Rip]0x{:016X}".format(context.Rip)) print("[Rax]0x{:016X}".format(context.Rax)) print("[Rcx]0x{:016X}".format(context.Rcx)) print("[Rdx]0x{:016X}".format(context.Rdx)) print("[Rbx]0x{:016X}".format(context.Rbx)) print("[Rsp]0x{:016X}".format(context.Rsp)) print("[Rbp]0x{:016X}".format(context.Rsp)) print("[Rsi]0x{:016X}".format(context.Rsi)) print("[Rdi]0x{:016X}".format(context.Rdi)) print("[*] END DUMP")
import my_debugger from my_debugger_defines import * debugger = my_debugger.debugger() pid = raw_input("Enter the PID of the process to attach to: ") debugger.attach(int(pid)) debugger.run() debugger.detach()
''' Created on 2014. 6. 25. @author: austin ''' import my_debugger dbg = my_debugger.debugger() dbg.load("C:\\WINDOWS\\System32\\calc.exe")
def main(): debugger = my_debugger.debugger() debugger.load("C:\\WINDOWS\\system32\\calc.exe", showGUI=True)
import my_debugger as db debugger = db.debugger() pid = int(raw_input("Enter the PID of the process to attach to: ")) debugger.attach(pid) debugger.run() debugger.detach()
from my_debugger import debugger debugger = debugger() pid = input("输入需要依附的程序的pid:") debugger.attach(int(pid)) list = debugger.enumerate_threads() for thread in list: thread_context = debugger.get_thread_context(thread) print("[*] 线程id:0x%08x" % thread) print("[*] EIP:0x%08x" % thread_context.Eip) print("[*] ESP:0x%08x" % thread_context.Esp) print("[*] EBP:0x%08x" % thread_context.Ebp) print("[*] EAX:0x%08x" % thread_context.Eax) print("[*] EBX:0x%08x" % thread_context.Ebx) print("[*] ECX:0x%08x" % thread_context.Ecx) print("[*] EDX:0x%08x" % thread_context.Edx) debugger.detach()
import my_debugger as dbg dbg = dbg.debugger() dbg.load(r'c:\windows\system32\calc.exe')