def kill_thread( pid, kill_tid=None ):
System.request_debug_privileges()
process = Process(pid)
process.scan_threads()
tmp = kill_tid.split(',')
print tmp, ":", type(tmp), ":", len(tmp)
for thread in process.iter_threads():
thread.suspend()
tid = thread.get_tid()
try:
if kill_tid is None or kill_tid == 0:
hThread = thread.get_handle()
win32.CloseHandle(hThread)
win32.TerminateThread(hThread, -999)
else:
if len(tmp)>1:
for s in tmp:
if tid == int(s):
print "kill > ", pid, " > ", tid, " > ", kill_tid
hThread = thread.get_handle()
#win32.CloseHandle(hThread)
win32.TerminateThread(hThread, -999)
except Exception, e:
print e
pass
thread.resume()
def freeze_threads( pid, _tid=None ):
System.request_debug_privileges()
process = Process(pid)
process.scan_threads()
tmp = _tid.split(',')
print tmp, ":", type(tmp), ":", len(tmp)
for thread in process.iter_threads():
tid = thread.get_tid()
_tid = int(tid)
if _tid is None or _tid == 0 :
thread.suspend()
print tid, " suspend()"
else:
if len(tmp)>1:
for s in tmp:
if tid == int(s):
print tid, " suspend()"
thread.suspend()
else:
if tid == _tid:
print tid, " suspend()"
thread.suspend()
def unfreeze_threads(pid):
System.request_debug_privileges()
process = Process(pid)
#process.resume()
process.scan_threads()
for thread in process.iter_threads():
thread.resume()
def freeze_threads(pid):
System.request_debug_privileges()
process = Process(pid)
process.scan_threads()
for thread in process.iter_threads():
thread.suspend()
def print_threads_and_modules(pid):
process = Process(pid)
print "Process %d" % process.get_pid()
print "Threads:"
for thread in process.iter_threads():
print "\t %d" % thread.get_tid()
print "Modules:"
bits = process.get_bits()
for module in process.iter_modules():
print "\t%s\t%s" % (HexDump.address(module.get_base(),
bits), module.get_filename())
def print_threads_and_modules(pid):
# Instance a Process object.
process = Process(pid)
print "Process %d" % process.get_pid()
# Now we can enumerate the threads in the process...
print "Threads:"
for thread in process.iter_threads():
print "\t%d" % thread.get_tid()
# ...and the modules in the process.
print "Modules:"
bits = process.get_bits()
for module in process.iter_modules():
print "\t%s\t%s" % (HexDump.address(module.get_base(),
bits), module.get_filename())
def print_threads_and_modules( pid ):
# Instance a Process object.
process = Process( pid )
print "Process %d" % process.get_pid()
# Now we can enumerate the threads in the process...
print "Threads:"
for thread in process.iter_threads():
print "\t%d" % thread.get_tid()
# ...and the modules in the process.
print "Modules:"
bits = process.get_bits()
for module in process.iter_modules():
print "\t%s\t%s" % (
HexDump.address( module.get_base(), bits ), module.get_filename()
)
def list_thread( pid ):
System.request_debug_privileges()
process = Process(pid)
process.scan_threads()
list=[]
for thread in process.iter_threads():
tid = thread.get_tid()
list.append(str(tid))
try:
print_thread_context( tid )
except:
pass
pid_line = ','.join(list)
print pid_line
return pid_line
def print_threads_and_modules(pid, debug):
# Instance a Process object.
process = Process(pid)
print "Process %d" % process.get_pid()
# Now we can enumerate the threads in the process...
print "Threads:"
for thread in process.iter_threads():
print "\t%d" % thread.get_tid()
# ...and the modules in the process.
print "Modules:"
bits = process.get_bits()
for module in process.iter_modules():
print "\thas module: %s\t%s" % (HexDump.address(
module.get_base(), bits), module.get_filename())
print "Breakpoints:"
for i in debug.get_all_breakpoints():
bp = i[2]
print "breakpoint: %s %x" % (bp.get_state_name(), bp.get_address())
def unfreeze_threads( pid ):
# Request debug privileges.
System.request_debug_privileges()
# Instance a Process object.
process = Process( pid )
# This would also do the trick...
#
# process.resume()
#
# ...but let's do it the hard way:
# Lookup the threads in the process.
process.scan_threads()
# For each thread in the process...
for thread in process.iter_threads():
# Resume the thread execution.
thread.resume()
def unfreeze_threads( pid ):
# Request debug privileges.
System.request_debug_privileges()
# Instance a Process object.
process = Process( pid )
# This would also do the trick...
#
# process.resume()
#
# ...but let's do it the hard way:
# Lookup the threads in the process.
process.scan_threads()
# For each thread in the process...
for thread in process.iter_threads():
# Resume the thread execution.
thread.resume()
def print_threads_and_modules( pid, debug ):
# Instance a Process object.
process = Process( pid )
print "Process %d" % process.get_pid()
# Now we can enumerate the threads in the process...
print "Threads:"
for thread in process.iter_threads():
print "\t%d" % thread.get_tid()
# ...and the modules in the process.
print "Modules:"
bits = process.get_bits()
for module in process.iter_modules():
print "\thas module: %s\t%s" % (
HexDump.address( module.get_base(), bits ),
module.get_filename()
)
print "Breakpoints:"
for i in debug.get_all_breakpoints():
bp = i[2]
print "breakpoint: %s %x" % (bp.get_state_name(), bp.get_address())
