def _query(self): image_info = [] response = UdkCommandHelper.sendUdkExtensionPacket("fmodules") while response != "l": image_info.append(response.split(";")) response = UdkCommandHelper.sendUdkExtensionPacket("smodules") return image_info
def invoke(self, arg, from_tty): self.dont_repeat() args = UdkCommandHelper.checkParameter(arg, 1) if args != None: if args[0] not in ["on", "off"]: print(ARGUMENT_ON_OFF_EXPECTED) return UdkCommandHelper.sendUdkExtensionPacket("bootscriptentrybreak:%s" % args[0])
def WriteMsr(Index, Value): response = UdkCommandHelper.sendUdkExtensionPacket("MSR%x=%x" % (Index, Value)) if response != "OK": return False else: return True
def invoke(self, arg, from_tty): args = UdkCommandHelper.checkParameterEx(arg, 0, 2) if args == None: return if len(args) < 2: subindex = 0 else: try: subindex = int(args[1], 16) except: print(ARGUMENT_INVALID_SUBINDEX) return if len(args) < 1: index = 1 else: try: index = int(args[0], 16) except: print(ARGUMENT_INVALID_INDEX) return response = UdkCommandHelper.sendUdkExtensionPacket("cpuid,%08x,%08x" % (index, subindex)) try: print(CPUID_INPUT % (index, subindex)) (eax, ebx, ecx, edx) = [int(v, 16) for v in response.split(",")] print(CPUID_OUTPUT % (eax, ebx, ecx, edx)) except Exception: print(FAILED_TO_EXECUTE_COMMAND % response)
def ReadMsr(Index): response = UdkCommandHelper.sendUdkExtensionPacket("msr%x" % Index) m = re.match('E([0-9A-Fa-f]+)', response) if m != None: return None else: return int(response, 16)
def ReadMsr(Index): response = UdkCommandHelper.sendUdkExtensionPacket("msr%x" % Index) m = re.match('E([0-9A-Fa-f]+)', response) if m != None: return None else: return int(response, 16)
def SearchSignature(Address, Length, Alignment, Positive, Signature): response = UdkCommandHelper.sendUdkExtensionPacket( "search,%x,%x,%x,%x,%s" % (Address, Length, Alignment, Positive, UdkCommandHelper.list_to_string(Signature))) if response == "": return None else: return int(response, 16)
def WriteIo(Address, Size, Value): response = UdkCommandHelper.sendUdkExtensionPacket( "IO%x,%x:%s" % (Address, Size, UdkCommandHelper.long_to_string(Value, Size))) if response != "OK": return False else: return True
def invoke(self, arg, from_tty): self.dont_repeat() args = UdkCommandHelper.checkParameter(arg, 0) if args == None: return response = UdkCommandHelper.sendUdkExtensionPacket("fmodules") while response != "l": (image_entry, image_base, image_name) = response.split(";") response = UdkCommandHelper.sendUdkExtensionPacket("smodules") pe_sig = UdkCommandHelper.executeCommand("x/hx %s" % image_base)[0].split()[1] if pe_sig in ["0x5a4d", "0x5a56"]: print(LOADING_SYMBOL_FOR_MODULE % (image_base, image_name)) self._imageloader.loadsymbol(int(image_entry, 16), False, False) else: print(SKIPPING_SYMBOL_FOR_MODULE % (image_base, image_name))
def invoke(self, arg, from_tty): args = UdkCommandHelper.checkParameter(arg, 0) if args != None: response = UdkCommandHelper.sendUdkExtensionPacket("exception") if response != "": (vector, error_code) = response.split(";") vector = int(vector, 16) error_code = int(error_code, 16) print(EXCEPTION_INFO % (vector, error_code))
def SearchSignature(Address, Length, Alignment, Positive, Signature): response = UdkCommandHelper.sendUdkExtensionPacket( "search,%x,%x,%x,%x,%s" % ( Address, Length, Alignment, Positive, UdkCommandHelper.list_to_string(Signature) ) ) if response == "": return None else: return int(response, 16)
def invoke(self, arg, from_tty): self.dont_repeat() args = UdkCommandHelper.checkParameter(arg, 0) if args == None: return response = UdkCommandHelper.sendUdkExtensionPacket("arch") valid_architectures = ['i386', 'i386:x86-64'] if response in valid_architectures: UdkCommandHelper.executeCommand( "set architecture {}".format(response))
def invoke(self, arg, from_tty): args = UdkCommandHelper.checkParameter(arg, 2) if args == None: return try: (port, size) = self.parse_port(args) except: return response = UdkCommandHelper.sendUdkExtensionPacket("Z5,%x,%x" % (port, size)) if response != "OK": print(FAILED_TO_EXECUTE_COMMAND % response) else: self._num_watchpoints += 1 self._watchpoints[self._num_watchpoints] = (port, size) print(IO_WATCH_POINT_INFO % (self._num_watchpoints, port, size))
def _RegisterIndex(Name): response = UdkCommandHelper.sendUdkExtensionPacket("arch") if response == "use64": regs = [ #0 1 2 3 4 5 6 7 8 9 A B C D E F 'rax', 'rbx', 'rcx', 'rdx', 'rsi', 'rdi', 'rbp', 'rsp', 'r8', 'r9', 'r10', 'r11', 'r12', 'r13', 'r14', 'r15', 'rip', 'eflags','cs', 'ss', 'ds', 'es', 'fs', 'gs', 'st0', 'st1', 'st2', 'st3', 'st4', 'st5', 'st6', 'st7', 'fctrl','fstat', 'ftag', 'fiseg','fioff','foseg','fooff','fop', 'xmm0', 'xmm1', 'xmm2','xmm3','xmm4','xmm5','xmm6','xmm7', 'xmm8', 'xmm9', 'xmm10','xmm11','xmm12','xmm13','xmm14','xmm15','mxcsr','orig_rax']; elif response == "use32": regs = [ 'eax', 'ecx', 'edx', 'ebx', 'esp', 'ebp', 'esi', 'edi', 'eip', 'eflags','cs', 'ss', 'ds', 'es', 'fs', 'gs', 'st0', 'st1', 'st2', 'st3', 'st4', 'st5', 'st6', 'st7', 'fctrl','fstat', 'ftag','fiseg','fioff','foseg','fooff','fop', 'xmm0', 'xmm1', 'xmm2', 'xmm3', 'xmm4', 'xmm5', 'xmm6', 'xmm7', 'mxcsr','orig_eax']; else: return None index = 0 for r in regs: if r == Name: return index index += 1 return None
def delete(self, arg): args = UdkCommandHelper.checkParameterEx(arg, 0, 1) if args == None: return if len(args) == 1: try: args[0] = int(args[0], 10) except: args[0] = 0 if args[0] == 0: print(ARGUMENT_MUST_BE_NUMBER_1_BASED) return for index, (port, size) in list(self._watchpoints.items()): if len(args) == 0 or args[0] == index: response = UdkCommandHelper.sendUdkExtensionPacket( "z5,%x,%x" % (port, size)) if response != "OK": print(FAILED_TO_EXECUTE_COMMAND % response) else: del self._watchpoints[index]
def WriteMemory(Address, Width, Value): response = UdkCommandHelper.sendUdkExtensionPacket( "MMIO%x,%x,%x:%s" % (Address, Width, len(Value), UdkCommandHelper.list_to_string(Value, Width)) ) return response == "OK"
def _RegisterIndex(Name): response = UdkCommandHelper.sendUdkExtensionPacket("arch") if response == "use64": regs = [ #0 1 2 3 4 5 6 7 8 9 A B C D E F 'rax', 'rbx', 'rcx', 'rdx', 'rsi', 'rdi', 'rbp', 'rsp', 'r8', 'r9', 'r10', 'r11', 'r12', 'r13', 'r14', 'r15', 'rip', 'eflags', 'cs', 'ss', 'ds', 'es', 'fs', 'gs', 'st0', 'st1', 'st2', 'st3', 'st4', 'st5', 'st6', 'st7', 'fctrl', 'fstat', 'ftag', 'fiseg', 'fioff', 'foseg', 'fooff', 'fop', 'xmm0', 'xmm1', 'xmm2', 'xmm3', 'xmm4', 'xmm5', 'xmm6', 'xmm7', 'xmm8', 'xmm9', 'xmm10', 'xmm11', 'xmm12', 'xmm13', 'xmm14', 'xmm15', 'mxcsr', 'orig_rax' ] elif response == "use32": regs = [ 'eax', 'ecx', 'edx', 'ebx', 'esp', 'ebp', 'esi', 'edi', 'eip', 'eflags', 'cs', 'ss', 'ds', 'es', 'fs', 'gs', 'st0', 'st1', 'st2', 'st3', 'st4', 'st5', 'st6', 'st7', 'fctrl', 'fstat', 'ftag', 'fiseg', 'fioff', 'foseg', 'fooff', 'fop', 'xmm0', 'xmm1', 'xmm2', 'xmm3', 'xmm4', 'xmm5', 'xmm6', 'xmm7', 'mxcsr', 'orig_eax' ] else: return None index = 0 for r in regs: if r == Name: return index index += 1 return None
def WriteMsr(Index, Value): response = UdkCommandHelper.sendUdkExtensionPacket("MSR%x=%x" % (Index, Value)) if response != "OK": return False else: return True
def ReadIo(Address, Size): return UdkCommandHelper.string_to_long( UdkCommandHelper.sendUdkExtensionPacket("io%x,%x" % (Address, Size)))
def GetArch(): response = UdkCommandHelper.sendUdkExtensionPacket("arch") if response == "use32": return 1 else: return 2
def ReadIo(Address, Size): return UdkCommandHelper.string_to_long( UdkCommandHelper.sendUdkExtensionPacket("io%x,%x" % (Address, Size)) );
def ReadMemory(Address, Width, Count): response = UdkCommandHelper.sendUdkExtensionPacket("mmio%x,%x,%x" % (Address, Width, Count)) return UdkCommandHelper.string_to_list(response, Width)
def WriteIo(Address, Size, Value): response = UdkCommandHelper.sendUdkExtensionPacket("IO%x,%x:%s" % (Address, Size, UdkCommandHelper.long_to_string(Value, Size))) if response != "OK": return False else: return True
def WriteMemory(Address, Width, Value): response = UdkCommandHelper.sendUdkExtensionPacket( "MMIO%x,%x,%x:%s" % (Address, Width, len(Value), UdkCommandHelper.list_to_string(Value, Width))) return response == "OK"
def GetArch(): response = UdkCommandHelper.sendUdkExtensionPacket("arch") if response == "use32": return 1 else: return 2
def ReadMemory(Address, Width, Count): response = UdkCommandHelper.sendUdkExtensionPacket( "mmio%x,%x,%x" % (Address, Width, Count) ) return UdkCommandHelper.string_to_list(response, Width)