def handle_pe(pe_file, quiet=True):
dbgdata, tp = get_pe_debug_data(pe_file)
if tp == 'IMAGE_DEBUG_TYPE_CODEVIEW':
# XP+
if dbgdata[:4] == 'RSDS':
guid, filename = get_rsds(dbgdata)
elif dbgdata[:4] == 'NB10':
guid, filename = get_nb10(dbgdata)
else:
print('ERR: CodeView section not NB10 or RSDS')
return
guid = guid.upper()
saved_file = download_file(guid, filename, quiet=quiet)
elif tp == 'IMAGE_DEBUG_TYPE_MISC':
# Win2k
# Get the .dbg file
guid = get_pe_guid(pe_file)
guid = guid.upper()
filename = get_dbg_fname(dbgdata)
saved_file = download_file(guid, filename, quiet=quiet)
# Extract it if it's compressed
# Note: requires cabextract!
if saved_file.endswith('_'):
os.system('cabextract %s' % saved_file)
saved_file = saved_file.replace('.db_', '.dbg')
from pdbparse.dbgold import DbgFile
dbgfile = DbgFile.parse_stream(open(saved_file))
cv_entry = [
d for d in dbgfile.IMAGE_DEBUG_DIRECTORY
if d.Type == 'IMAGE_DEBUG_TYPE_CODEVIEW'
][0]
if cv_entry.Data[:4] == 'NB09':
return
elif cv_entry.Data[:4] == 'NB10':
guid, filename = get_nb10(cv_entry.Data)
guid = guid.upper()
saved_file = download_file(guid, filename, quiet=quiet)
else:
print(
'WARN: DBG file received from symbol server has unknown CodeView section'
)
return
else:
print('Unknown type: %s' % tp)
return
_, extension = os.path.splitext(pe_file)
new_file = pe_file.replace(extension, '.pdb')
if saved_file.endswith('_'):
print('Unpacking to %s' % new_file)
unpack_file(saved_file, new_file)
os.unlink(saved_file)
else:
print('Renaming file to %s' % new_file)
os.rename(saved_file, new_file)
def handle_pe(pe_file):
dbgdata, tp = get_pe_debug_data(pe_file)
if tp == "IMAGE_DEBUG_TYPE_CODEVIEW":
# XP+
if dbgdata[:4] == b"RSDS":
(guid, filename) = get_rsds(dbgdata)
elif dbgdata[:4] == b"NB10":
(guid, filename) = get_nb10(dbgdata)
else:
sys.stderr.write("ERR: CodeView section not NB10 or RSDS" + "\n")
return
guid = guid.upper()
saved_file = download_file(guid, filename)
elif tp == "IMAGE_DEBUG_TYPE_MISC":
# Win2k
# Get the .dbg file
guid = get_pe_guid(pe_file)
guid = guid.upper()
filename = get_dbg_fname(dbgdata)
saved_file = download_file(guid, filename)
# Extract it if it's compressed
# Note: requires cabextract!
if saved_file.endswith("_"):
os.system("cabextract %s" % saved_file)
saved_file = saved_file.replace('.db_', '.dbg')
from pdbparse.dbgold import DbgFile
dbgfile = DbgFile.parse_stream(open(saved_file, 'rb'))
cv_entry = [
d for d in dbgfile.IMAGE_DEBUG_DIRECTORY
if d.Type == "IMAGE_DEBUG_TYPE_CODEVIEW"
][0]
if cv_entry.Data[:4] == b"NB09":
return
elif cv_entry.Data[:4] == b"NB10":
(guid, filename) = get_nb10(cv_entry.Data)
guid = guid.upper()
saved_file = download_file(guid, filename)
else:
sys.stderr.write(
"WARN: DBG file received from symbol server has unknown CodeView section"
+ "\n")
return
else:
sys.stderr.write("Unknown type:", tp + "\n")
return
if saved_file != None and saved_file.endswith("_"):
os.system("cabextract %s" % saved_file)
return saved_file
def handle_pe(pe_file):
dbgdata, tp = get_pe_debug_data(pe_file)
if tp == "IMAGE_DEBUG_TYPE_CODEVIEW":
# XP+
if dbgdata[:4] == "RSDS":
(guid,filename) = get_rsds(dbgdata)
elif dbgdata[:4] == "NB10":
(guid,filename) = get_nb10(dbgdata)
else:
print "ERR: CodeView section not NB10 or RSDS"
return
guid = guid.upper()
saved_file = download_file(guid,filename)
elif tp == "IMAGE_DEBUG_TYPE_MISC":
# Win2k
# Get the .dbg file
guid = get_pe_guid(pe_file)
guid = guid.upper()
filename = get_dbg_fname(dbgdata)
saved_file = download_file(guid,filename)
# Extract it if it's compressed
# Note: requires cabextract!
if saved_file.endswith("_"):
os.system("cabextract %s" % saved_file)
saved_file = saved_file.replace('.db_','.dbg')
from pdbparse.dbgold import DbgFile
dbgfile = DbgFile.parse_stream(open(saved_file))
cv_entry = [ d for d in dbgfile.IMAGE_DEBUG_DIRECTORY
if d.Type == "IMAGE_DEBUG_TYPE_CODEVIEW"][0]
if cv_entry.Data[:4] == "NB09":
return
elif cv_entry.Data[:4] == "NB10":
(guid,filename) = get_nb10(cv_entry.Data)
guid = guid.upper()
saved_file = download_file(guid,filename)
else:
print "WARN: DBG file received from symbol server has unknown CodeView section"
return
else:
print "Unknown type:",tp
return
if saved_file.endswith("_"):
os.system("cabextract %s" % saved_file)
def handle_pe(pe_file, rename=False):
dbgdata, tp = get_pe_debug_data(pe_file)
if tp == "IMAGE_DEBUG_TYPE_CODEVIEW":
# XP+
if dbgdata[:4] == "RSDS":
(guid, filename) = get_rsds(dbgdata)
elif dbgdata[:4] == "NB10":
(guid, filename) = get_nb10(dbgdata)
else:
print "ERR: CodeView section not NB10 or RSDS"
return
guid = guid.upper()
saved_file = download_file(guid, filename)
elif tp == "IMAGE_DEBUG_TYPE_MISC":
# Win2k
# Get the .dbg file
guid = get_pe_guid(pe_file)
guid = guid.upper()
filename = get_dbg_fname(dbgdata)
saved_file = download_file(guid, filename)
# Extract it if it's compressed
# Note: requires cabextract!
if saved_file.endswith("_"):
os.system("cabextract %s" % saved_file)
saved_file = saved_file.replace('.db_', '.dbg')
from pdbparse.dbgold import DbgFile
dbgfile = DbgFile.parse_stream(open(saved_file))
cv_entry = [
d for d in dbgfile.IMAGE_DEBUG_DIRECTORY
if d.Type == "IMAGE_DEBUG_TYPE_CODEVIEW"
][0]
if cv_entry.Data[:4] == "NB09":
return
elif cv_entry.Data[:4] == "NB10":
(guid, filename) = get_nb10(cv_entry.Data)
guid = guid.upper()
saved_file = download_file(guid, filename)
else:
print "WARN: DBG file received from symbol server has unknown CodeView section"
return
else:
print "Unknown type:", tp
return
if saved_file.endswith("_"):
os.system("cabextract %s" % saved_file)
if rename:
_, extension = os.path.splitext(pe_file)
new_file = pe_file.replace(extension, '.pdb')
print "Renaming file to ", new_file
os.rename(saved_file.replace('.pd_', '.pdb'), new_file)
os.unlink(saved_file)
else:
if rename:
_, extension = os.path.splitext(pe_file)
new_file = pe_file.replace(extension, '.pdb')
print "Renaming file to ", new_file
os.rename(saved_file, new_file)