def calculate(self): addr_space = utils.load_as(self._config) if not self._config.sys_offset or not self._config.sam_offset: debug.error("Both SYSTEM and SAM offsets must be provided") return hashdumpmod.dump_memory_hashes(addr_space, self._config, self._config.sys_offset, self._config.sam_offset)
def calculate(self): addr_space = utils.load_as(self._config) if not self._config.sys_offset or not self._config.sam_offset: regapi = registryapi.RegistryApi(self._config) for offset in regapi.all_offsets: name = regapi.all_offsets[offset].lower().split("\\")[-1] if "system" == name: self._config.update("SYS_OFFSET", offset) elif "sam" == name: self._config.update("SAM_OFFSET", offset) hashes = hashdumpmod.dump_memory_hashes(addr_space, self._config, self._config.sys_offset, self._config.sam_offset) if not hashes: debug.error("Unable to read hashes from registry") return hashes