def virt_mem_after_read(cpustate, pc, addr, size, buf): curbuf = ffi.cast("char*", buf) current = panda.get_current_process(cpustate) if current != ffi.NULL: if size >= 5: buf_addr = hex(int(ffi.cast("uint64_t", buf))) buf_str = ffi.string(ffi.cast("char*",buf)).decode(errors='ignore') print("Read buf: %s, size: %x, at pc: %x %s" %(buf_addr[2:], size, addr, buf_str))
def __str__(self): if self.osi: self_str = "\'{}\' using \'{}\' - ".format(self.proc_name, self.file_name) else: self_str = "" bits = self.cmd.bits direction = ffi.string(ffi.cast("enum ioctl_direction", bits.direction)) ioctl_desc = f"dir={direction},arg_size={bits.arg_size:x},cmd=0x{bits.cmd_num:x},type=0x{bits.type_num:x}" if (self.guest_ptr == None): self_str += f"ioctl({ioctl_desc}) -> {self.original_ret_code}" else: self_str += f"ioctl({ioctl_desc},ptr={self.guest_ptr:08x},buf={self.guest_buf}) -> {self.original_ret_code}" return self_str
def handle_packet(cpustate,buf,size,direction,old_buf_addr): buf_uint8 = ffi.cast("uint8_t*", buf) packets.append(Ether([buf_uint8[i] for i in range(size)])) return 0