def test_ToolHelpFunctions(self):
# HANDLE WINAPI CreateToolhelp32Snapshot(_In_ DWORD dwFlags, _In_ DWORD th32ProcessID);
jit.push_uint32_t(0) # th32ProcessID
jit.push_uint32_t(0) # dwFlags
jit.push_uint32_t(0) # @return
winapi.kernel32_CreateToolhelp32Snapshot(jit)
hSnap = jit.cpu.EAX
self.assertTrue(hSnap)
# BOOL WINAPI Process32First(_In_ HANDLE hSnapshot, _Inout_ LPPROCESSENTRY32 lppe);
jit.push_uint32_t(jit.stack_base) # lppe
jit.push_uint32_t(hSnap) # hSnapshot
jit.push_uint32_t(0) # @return
winapi.kernel32_Process32First(jit)
vBool = jit.cpu.EAX
self.assertTrue(vBool)
# BOOL WINAPI Process32Next(_In_ HANDLE hSnapshot, _Out_ LPPROCESSENTRY32 lppe);
for i in range(3, -1, -1):
jit.push_uint32_t(jit.stack_base) # lppe
jit.push_uint32_t(hSnap) # hSnapshot
jit.push_uint32_t(0) # @return
winapi.kernel32_Process32Next(jit)
vBool = jit.cpu.EAX
if i: self.assertTrue(vBool)
else: self.assertFalse(vBool)
def test_ToolHelpFunctions(self):
# HANDLE WINAPI CreateToolhelp32Snapshot(_In_ DWORD dwFlags, _In_ DWORD th32ProcessID);
jit.push_uint32_t(0) # th32ProcessID
jit.push_uint32_t(0) # dwFlags
jit.push_uint32_t(0) # @return
winapi.kernel32_CreateToolhelp32Snapshot(jit)
hSnap = jit.cpu.EAX
self.assertTrue(hSnap)
# BOOL WINAPI Process32First(_In_ HANDLE hSnapshot, _Inout_ LPPROCESSENTRY32 lppe);
jit.push_uint32_t(jit.stack_base) # lppe
jit.push_uint32_t(hSnap) # hSnapshot
jit.push_uint32_t(0) # @return
winapi.kernel32_Process32First(jit)
vBool = jit.cpu.EAX
self.assertTrue(vBool)
# BOOL WINAPI Process32Next(_In_ HANDLE hSnapshot, _Out_ LPPROCESSENTRY32 lppe);
for i in range(3, -1, -1):
jit.push_uint32_t(jit.stack_base) # lppe
jit.push_uint32_t(hSnap) # hSnapshot
jit.push_uint32_t(0) # @return
winapi.kernel32_Process32Next(jit)
vBool = jit.cpu.EAX
if i: self.assertTrue(vBool)
else: self.assertFalse(vBool)