Python Findmodule Examples

Programming Language: Python

Namespace/Package Name: ollyapi

Method/Function: Findmodule

Examples at hotexamples.com: 2

Python Findmodule - 2 examples found. These are the top rated real world Python examples of ollyapi.Findmodule extracted from open source projects. You can rate examples to help us improve the quality of examples.

Example #1

Show file

def get_memory_map():
    api.Listmemory()
    t = api.pluginvalue_to_t_table(api.Plugingetvalue(api.VAL_MEMORY))
    rv = rpc.GetMemoryMapResult()

    for i in xrange(t.data.n):
        mi = rv.memories.add()
        m = api.void_to_t_memory(api.Getsortedbyselection(t.data, i))
        module = api.Findmodule(m.base)
        module_name = ("'%s'" % module.name) if module else ''
        mi.access = m.access
        mi.base = m.base
        mi.name = str(module_name)
        mi.size = m.size
        
    return rv

Example #2

Show file

def analyze_external_refs(ea_from, ea_to, increment, analysing_base, analysing_size):
    # print >> sys.stderr, 'analyze_external_refs(%08X, %08X, %08X, %08X, %08X)' % \
    #                      (ea_from, ea_to, increment, analysing_base, analysing_size)
    rv = rpc.AnalyzeExternalRefsResult()
    if ea_from > ea_to:
        print >> sys.stderr, 'Invalid arguments passed'
        return rv

    mem = safe_read_chunked_memory_region_as_one(ea_from, ea_to - ea_from)
    if not mem:
        print >> sys.stderr, 'Unable to read specified memory (0x%08X - 0x%08X)' % (ea_from, ea_to)
        return rv
    mem = buffer(mem[1])
    intptr_size = struct.calcsize("<I")
    main_module_name = api.Findmodule(analysing_base)
    if main_module_name is None:
        main_module_name = ''
    else:
        main_module_name = path.splitext(path.basename(main_module_name.path))[0].lower()

    th = api.Findthread(api.Getcputhreadid())
    r = api.ulongArray.frompointer(th.reg.r)
    rv.context.eax = r[api.REG_EAX]
    rv.context.ecx = r[api.REG_ECX]
    rv.context.edx = r[api.REG_EDX]
    rv.context.ebx = r[api.REG_EBX]
    rv.context.esp = r[api.REG_ESP]
    rv.context.ebp = r[api.REG_EBP]
    rv.context.esi = r[api.REG_ESI]
    rv.context.edi = r[api.REG_EDI]
    rv.context.rip = th.reg.ip

    global modules_exports

    scan_for_ref_api_calls(ea_from, ea_to, increment, rv=rv, mem=mem, base=analysing_base)
    used_addrs = set([])

    for ea in xrange(ea_from, ea_to, increment):
        try:
            if ea in used_addrs:
                continue
            l = ea_to - ea
            off = ea - ea_from

            if l < intptr_size:
                break
            addr = struct.unpack_from("<I", mem, off)[0]
            if addr not in modules_exports:
                continue
            symb = modules_exports[addr]
            module_name, proc_name = symb.split('.')
            if module_name == main_module_name:
                continue

            v = rv.api_constants.add()
            v.ea = ea
            v.module = module_name
            v.proc = proc_name

        except Exception as exc:
            print >> sys.stderr, 'Exception: %r\r\n%s' % (exc, traceback.format_exc().replace('\n', '\r\n'))
    print 'AnalyzeExternalRefs: found %u' % len(rv.api_constants)
    print rv
    return rv