Ejemplo n.º 1
0
def main():


    pid = int(sys.argv[1])
    proc = Process(pid)


    #= info

    print "pid;", proc.get_pid()
    print "is_alive;", proc.is_alive()
    print "is_debugged;", proc.is_debugged()
    print "is_wow;", proc.is_wow64()
    print "arch;", proc.get_arch()
    print "bits;", proc.get_bits()
    print "filename:", proc.get_filename()
    print "exit_time;", proc.get_exit_time()
    print "running_time;", proc.get_running_time()
    print "service;", proc.get_services()
    print "policy;", proc.get_dep_policy()
    print "peb;", proc.get_peb()
    print "main_module;", proc.get_main_module()
    print "peb_address", proc.get_peb_address()
    print "entry_point;", proc.get_entry_point()

    print "image_base;", proc.get_image_base()
    print "image_name;", proc.get_image_name()
    print "command_line;", proc.get_command_line()
    print "environment;", proc.get_environment()
    print "handle;", proc.get_handle()

    print "resume;",proc.resume()
Ejemplo n.º 2
0
def proces_info(pid, addr=""):

    x = int(addr, 16)
    process = Process(pid)

    print "get_arch:", process.get_arch()
    print "get_bits:", process.get_bits()
    #    print "get_main_module:", process.get_main_module()

    print "get_command_line:", process.get_command_line()
    print "get_image_name:", (process.get_image_name())
    print "get_image_base:", hex(process.get_image_base())
    print "get_peb:", hex(process.get_peb().ImageBaseAddress)
    print "get_peb_address:", hex(process.get_peb_address())
    print "get_entry_point:", hex(process.get_entry_point())