def calculate(self):
addr_space = utils.load_as(self._config)
if not self._config.sys_offset or not self._config.sam_offset:
debug.error("Both SYSTEM and SAM offsets must be provided")
return hashdumpmod.dump_memory_hashes(addr_space, self._config, self._config.sys_offset, self._config.sam_offset)
def calculate(self):
addr_space = utils.load_as(self._config)
if not self._config.sys_offset or not self._config.sam_offset:
debug.error("Both SYSTEM and SAM offsets must be provided")
return hashdumpmod.dump_memory_hashes(addr_space, self._config,
self._config.sys_offset,
self._config.sam_offset)
def calculate(self):
addr_space = utils.load_as(self._config)
if not self._config.sys_offset or not self._config.sam_offset:
regapi = registryapi.RegistryApi(self._config)
for offset in regapi.all_offsets:
name = regapi.all_offsets[offset].lower().split("\\")[-1]
if "system" == name:
self._config.update("SYS_OFFSET", offset)
elif "sam" == name:
self._config.update("SAM_OFFSET", offset)
hashes = hashdumpmod.dump_memory_hashes(addr_space, self._config, self._config.sys_offset, self._config.sam_offset)
if not hashes:
debug.error("Unable to read hashes from registry")
return hashes
