def reverse_cmdline(args):
""" Reverse """
from haystack.reverse import api as rapi
# get the memory handler adequate for the type requested
memory_handler = cli.get_memory_handler(args)
# do the search
rapi.reverse_instances(memory_handler)
return
def reverse_cmdline(args):
""" Reverse """
from haystack.reverse import api as rapi
# get the memory handler adequate for the type requested
memory_handler = _get_memory_handler(args)
# do the search
rapi.reverse_instances(memory_handler)
return
def setUpClass(cls):
cls.dumpname = zeus_856_svchost_exe.dumpname
cls.memory_handler = dump_loader.load(zeus_856_svchost_exe.dumpname)
cls.process_context = cls.memory_handler.get_reverse_context()
cls.process_context.create_record_cache_folder()
##
cls.offset = zeus_856_svchost_exe.known_records[0][0]
cls._context = context.get_context_for_address(cls.memory_handler, cls.offset)
api.reverse_instances(cls.memory_handler)
return
def setUpClass(cls):
cls.dumpname = zeus_856_svchost_exe.dumpname
cls.memory_handler = folder.load(zeus_856_svchost_exe.dumpname)
cls.process_context = cls.memory_handler.get_reverse_context()
cls.process_context.create_record_cache_folder()
##
cls.offset = zeus_856_svchost_exe.known_records[0][0]
cls._context = context.get_context_for_address(cls.memory_handler,
cls.offset)
api.reverse_instances(cls.memory_handler)
return