def set_bp(pid, func, size):
process = Process(pid)
search_dll, search_func = _split_dll_func(func)
print search_dll, ":", search_func
if search_dll is None or search_func is None:
print "%s not found!" % arg
sys.exit(-1)
dict = {}
for file, file_addr in process.get_modules():
if ismatch(file, ".*" + search_dll + "$") or ismatch(
file, ".*" + search_dll + ".dll$"):
module = Module(file_addr, process=process, fileName=file)
module.get_symbols()
print file, "!", file_addr, " > ", search_dll, " > ", search_func
for func, addr, _ in module.iter_symbols():
if ismatch(func, search_func + ".*"):
dict[hex(addr)] = func
print "%s : [%s] %s" % (hex(addr), addr, func)
print "len", len(dict)
if len(dict) == 1:
break_addr, break_func = dict.items()[0]
print " : ", break_addr, "", break_func
do_bp(process, break_addr)
else:
i = 0
for key in dict.keys():
print "%d : %s!%s" % (i, key, dict[key])
i += 1
number = int(raw_input("What is your Number? "))
print
break_addr, break_func = dict.items()[number]
print break_func, ":", break_addr
if do_bp(process, break_addr[:-1]) == True:
print_breakpoints()
def search_string(pid, func, size):
process = Process(pid)
print "get_image_base:", hex(process.get_image_base())
print "get_main_module:", process.get_main_module()
dosheader = process.read(process.get_image_base(), 100)
print ''.join(["%02X " % ord(x) for x in dosheader]).strip()
sys.exit(0)
search_dll, search_func = _split_dll_func(func)
print search_dll, ":", search_func
if search_dll is None or search_func is None:
print "%s not found!" % arg
sys.exit(-1)
dict = {}
for file, file_addr in process.get_modules():
if ismatch(file, ".*" + search_dll + "$") or ismatch(
file, ".*" + search_dll + ".dll$"):
print file, " : ", hex(file_addr), " (", file_addr, ")"
return ""
