def Data(self):
if self.Type == "CNAME":
return self.m("Data").cast(
"Pointer", target="UnicodeString").deref()
elif self.Type == "A":
return utils.inet_ntop(
socket.AF_INET, self.obj_vm.read(self.m("Data").obj_offset, 4))
def Data(self):
if self.Type == "CNAME":
return self.m("Data").cast("Pointer",
target="UnicodeString").deref()
elif self.Type == "A":
return utils.inet_ntop(
socket.AF_INET, self.obj_vm.read(self.m("Data").obj_offset, 4))
def v(self, vm=None):
return utils.inet_ntop(socket.AF_INET6, obj.NativeType.v(self))
def v(self, vm=None):
return utils.inet_ntop(socket.AF_INET6, obj.NativeType.v(self))
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
#
import socket
from rekall import kb
from rekall import obj
from rekall import utils
from rekall.plugins.overlays.windows import pe_vtypes
AF_INET = 2
AF_INET6 = 0x17
# String representations of INADDR_ANY and INADDR6_ANY
inaddr_any = utils.inet_ntop(socket.AF_INET, '\0' * 4)
inaddr6_any = utils.inet_ntop(socket.AF_INET6, '\0' * 16)
protos = {
0: "HOPOPT",
1: "ICMP",
2: "IGMP",
3: "GGP",
4: "IPv4",
5: "ST",
6: "TCP",
7: "CBT",
8: "EGP",
9: "IGP",
10: "BBN-RCC-MON",
11: "NVP-II",
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
#
import socket
from rekall import kb
from rekall import obj
from rekall import utils
from rekall.plugins.overlays import basic
from rekall.plugins.overlays.windows import pe_vtypes
AF_INET = 2
AF_INET6 = 0x17
# String representations of INADDR_ANY and INADDR6_ANY
inaddr_any = utils.inet_ntop(socket.AF_INET, '\0' * 4)
inaddr6_any = utils.inet_ntop(socket.AF_INET6, '\0' * 16)
protos = {
0:"HOPOPT",
1:"ICMP",
2:"IGMP",
3:"GGP",
4:"IPv4",
5:"ST",
6:"TCP",
7:"CBT",
8:"EGP",
9:"IGP",
10:"BBN-RCC-MON",
11:"NVP-II",
