Python find_control_set Exemples

Langage de programmation: Python

Espace de nommage/Pack: volatility.win32.hashdump

Méthode/Fonction: find_control_set

Exemples au hotexamples.com: 3

Python find_control_set - 3 exemples trouvés. Ce sont les exemples réels les mieux notés de volatility.win32.hashdump.find_control_set extraits de projets open source. Vous pouvez noter les exemples pour nous aider à en améliorer la qualité.

Associées

dump_json

gf_irred_p_ben_or

Game

_extract_json_data_from_rietveld

install_irc_handler

Pref

create

RemoteClient

mkDir

FourBandsTwoBitsEncoder

Related in langs

_call_phing (PHP)

show_table_separator (PHP)

CefMediaSource (C#)

UPopupItemRegisterInfo (C#)

checkDbVersion (C++)

SET_Uniform1fvARB (C++)

Frame (Go)

DAOOrderByDirectionFromString (Go)

AcFormatter (Java)

Player (Java)

Exemple #1

0

Afficher le fichier

def calculate(self): addr_space = utils.load_as(self._config) #scan for registries and populate them: print "Scanning for registries...." self.populate_offsets() #set our current registry of interest and get its path #and get current control set print "Getting Current Control Set...." currentcs = "ControlSet001" self.set_current('system') for o in self.current_offsets: sysaddr = hivemod.HiveAddressSpace(addr_space, self._config, o) cs = find_control_set(sysaddr) currentcs = "ControlSet{0:03}".format(cs) #set the services root. print "Getting Services and calculating SIDs...." services = self.reg_get_key('system', currentcs + '\\' + 'Services') if services: for s in rawreg.subkeys(services): if s.Name not in servicesids.values(): sid = createservicesid(str(s.Name)) yield sid, str(s.Name) for sid in servicesids: yield sid, servicesids[sid]

Exemple #2

0

Afficher le fichier

Fichier : registryapi.py Projet : Jack47/volatility

def reg_get_currentcontrolset(self, fullname = True): ''' get the CurrentControlSet If fullname is not specified, we only get the number like "1" or "2" etc The default is ControlSet00{#} so we can append it to the desired key path We return None if it fails, so you need to verify before using. ''' for offset in self.all_offsets: name = self.all_offsets[offset] + " " if name.lower().find("\\system ") != -1: sysaddr = hivemod.HiveAddressSpace(self.addr_space, self._config, offset) if fullname: return "ControlSet00{0}".format(hashdump.find_control_set(sysaddr)) else: return hashdump.find_control_set(sysaddr) return None

Exemple #3

0

Afficher le fichier

def reg_get_currentcontrolset(self, fullname = True): ''' get the CurrentControlSet If fullname is not specified, we only get the number like "1" or "2" etc The default is ControlSet00{#} so we can append it to the desired key path We return None if it fails, so you need to verify before using. ''' for offset in self.all_offsets: name = self.all_offsets[offset] + " " if name.lower().find("\\system ") != -1: sysaddr = hivemod.HiveAddressSpace(self.addr_space, self._config, offset) if fullname: return "ControlSet00{0}".format(hashdump.find_control_set(sysaddr)) else: return hashdump.find_control_set(sysaddr) return None