Python Findmodule Examples

Programming Language: Python

Namespace/Package Name: ollyapi2

Method/Function: Findmodule

Examples at hotexamples.com: 2

Python Findmodule - 2 examples found. These are the top rated real world Python examples of ollyapi2.Findmodule extracted from open source projects. You can rate examples to help us improve the quality of examples.

Example #1

Show file

File: ollyutils.py Project: whyliuxing/labeless

def get_memory_map():
    # import labeless.rdebug
    api.Listmemory()
    t = api.cvar.memory
    rv = rpc.GetMemoryMapResult()

    for i in xrange(t.sorted.n):
        mi = rv.memories.add()
        m = api.void_to_t_memory(api.Getsortedbyselection(t.sorted, i))
        module = api.Findmodule(m.base)
        module_name = ("'%s'" % module.modname) if module else ''
        mi.access = m.access
        mi.base = m.base
        mi.name = str(module_name)
        mi.size = m.size

    return rv

Example #2

Show file

File: ollyutils.py Project: whyliuxing/labeless

def analyze_external_refs(ea_from, ea_to, increment, analysing_base,
                          analysing_size):
    # print >> sys.stderr, 'analyze_external_refs(%08X, %08X, %08X, %08X, %08X)' % \
    #                      (ea_from, ea_to, increment, analysing_base, analysing_size)

    update_modules_meta()

    rv = rpc.AnalyzeExternalRefsResult()
    if ea_from > ea_to:
        print >> sys.stderr, 'Invalid arguments passed'
        return rv

    mem = safe_read_chunked_memory_region_as_one(ea_from, ea_to - ea_from)
    if not mem:
        print >> sys.stderr, 'Unable to read specified memory (0x%08X - 0x%08X)' % (
            ea_from, ea_to)
        return rv
    mem = buffer(mem[1])
    intptr_size = struct.calcsize("<I")
    main_module_name = api.Findmodule(analysing_base)
    if main_module_name is None:
        main_module_name = ''
    else:
        main_module_name = path.splitext(path.basename(
            main_module_name.path))[0].lower()

    p_reg = api.Threadregisters(api.Getcputhreadid())
    r = api.ulongArray.frompointer(p_reg.r)
    rv.context.eax = r[api.REG_EAX]
    rv.context.ecx = r[api.REG_ECX]
    rv.context.edx = r[api.REG_EDX]
    rv.context.ebx = r[api.REG_EBX]
    rv.context.esp = r[api.REG_ESP]
    rv.context.ebp = r[api.REG_EBP]
    rv.context.esi = r[api.REG_ESI]
    rv.context.edi = r[api.REG_EDI]
    rv.context.rip = p_reg.ip

    global modules_exports

    scan_for_ref_api_calls(ea_from,
                           ea_to,
                           increment,
                           rv=rv,
                           mem=mem,
                           base=analysing_base)
    used_addrs = set([])

    for ea in xrange(ea_from, ea_to, increment):
        try:
            if ea in used_addrs:
                continue
            l = ea_to - ea
            off = ea - ea_from

            if l < intptr_size:
                break
            addr = struct.unpack_from("<I", mem, off)[0]
            if addr not in modules_exports:
                continue
            symb = modules_exports[addr]
            module_name, proc_name = symb.split('.')
            if module_name == main_module_name:
                continue

            v = rv.api_constants.add()
            v.ea = ea
            v.module = module_name
            v.proc = proc_name

        except Exception as exc:
            print >> sys.stderr, 'Exception: %r\r\n%s' % (
                exc, traceback.format_exc().replace('\n', '\r\n'))
    print 'AnalyzeExternalRefs: found %u' % len(rv.api_constants)
    print rv
    return rv