def __init__(self, scan_in_kernel_address_space=False, **kwargs):
super(CallbackScan, self).__init__(**kwargs)
self.scan_in_kernel_address_space = scan_in_kernel_address_space
if self.profile.metadata("arch") == "I386":
# Add some plugin specific vtypes.
self.profile.add_types(callback_types)
self.profile.add_classes({
'_SHUTDOWN_PACKET': _SHUTDOWN_PACKET,
})
self.profile = self.profile.copy()
pe_vtypes.PEProfile.Initialize(self.profile)
else:
raise obj.ProfileError("This plugin only supports 32 bit profiles "
"for now.")
def __init__(self, scan_in_kernel_address_space=False, **kwargs):
"""Scan for callbacks.
Args:
scan_in_kernel_address_space: If False we will use the physical
address space for scanning, while if true we scan in the kernel
address space.
"""
super(Callbacks, self).__init__(**kwargs)
self.scan_in_kernel_address_space = scan_in_kernel_address_space
if self.profile.metadata("arch") == "I386":
# Add some plugin specific vtypes.
self.profile.add_types(callback_types)
self.profile.add_classes({
'_SHUTDOWN_PACKET': _SHUTDOWN_PACKET,
})
self.profile = self.profile.copy()
pe_vtypes.PEProfile.Initialize(self.profile)
else:
raise obj.ProfileError("This plugin only supports 32 bit profiles "
"for now.")