def add2(self, description, address = 0, replace = True):
if self.type == HookTypes["ORDINARY_BP_HOOK"]:
debugger.set_breakpoint(address,0x200L,"")
elif self.type == HookTypes["LOG_BP_HOOK"]:
debugger.set_logging_breakpoint(address)
self.desc = description
self.address = address
self.replace = replace
self.descdict[address] = description
return debugger.AddHook(self, self.check_run, self.desc, self.type, self.address, self.replace)
def ss_handler(address,kode):
global bp_last
global bSingleStep
global bp_info
global dll_info
mod = debugger.get_module(dll_info,address)
i,o,s,b = debugger.dissy(kode)
print 'ss @ %s_%x %s %s'%(mod,address,i,o)
if bp_last != None:
if bp_last.Name != 'Return':
bInst = c_ubyte()
ret = SetBP(bp_last.Address,byref(bInst))
print '<Setting bp again:%d>'%(ret)
else:
print '<Not setting BP>'
bSingleStep = True
bp_info.__delitem__(bp_last.Address)
bp_last = None
if i == 'call':
bSingleStep = False
bp = debugger.set_breakpoint(address + s,'Return')
if bp != None:
bp_info[address + s] = bp
bSingleStep = False
print '<setting bp at return>'
if bSingleStep:
print 'enabling ss'
EnableSS()
return 1
def add(self,description,address=0,force=0,timeout=0,mode=0):
"""Add hook to Immunity Debugger hook database
@param type: Type of hook
@param desc: Descriptive string
@param force: Force hook adding
@param timeout: time to live in memory
@param mode: thread mode of ttl execution
"""
self.desc = description
self.address = address
self.force=force
self.timeout=timeout
# mode = 1 then, execute ttl hook in the same thread enviroment as the python command/script
# mode = 0 use your own thread enviroment to place and execute the ttl hook
# you'll be using mode = 0 at least you really know what you are doing.
self.mode=mode
if self.type == HookTypes["ORDINARY_BP_HOOK"]:
debugger.set_breakpoint(self.address,0x200L,"")
elif self.type == HookTypes["LOG_BP_HOOK"]:
debugger.set_logging_breakpoint(self.address)
pickled_object = pickle.dumps(self)
return debugger.add_hook( pickled_object , self.desc , self.type, self.address,self.force,self.timeout,self.mode)
def exe_cmd(args):
global thread_info
global dll_info
global bp_info
global bSingleStep
while True:
cmd = raw_input('?')
print 'executing:',cmd
if cmd == 'q':
print 'Exiting..'
for address,bp in bp_info.iteritems():
FixBP(bp.Address,bp.Instruction,1)
print 'Fixing:%s'%(bp.Name)
ExitDebugging()
return
if cmd == 'dlls':
for base,info in dll_info.iteritems():
print '%x %s'%(info.Base,info.Path)
if cmd == 'bl':
for address,info in bp_info.iteritems():
print '%x %s'%(info.Address,info.Name)
if cmd == 'threads':
for thread in thread_info:
print 'Proc:%x id:%d'%(thread.StartProc,thread.ThreadId)
if cmd[:2] == 'bp':
arg = cmd.split()[1]
dll,api = arg.split('.')
print 'setting bp @ ',dll,api
for base,info in dll_info.iteritems():
if info.Name == dll:
break
address = debugger.get_api_address(info,api,dll)
if address != 0:
bp = debugger.set_breakpoint(address,api)
else:
print 'API could not be resolved'
bp = None
if bp != None:
bp_info[address] = bp
bSingleStep = True
print bp_info
else:
print 'BP not set'
break
return