def Data(self): if self.Type == "CNAME": return self.m("Data").cast( "Pointer", target="UnicodeString").deref() elif self.Type == "A": return utils.inet_ntop( socket.AF_INET, self.obj_vm.read(self.m("Data").obj_offset, 4))
def Data(self): if self.Type == "CNAME": return self.m("Data").cast("Pointer", target="UnicodeString").deref() elif self.Type == "A": return utils.inet_ntop( socket.AF_INET, self.obj_vm.read(self.m("Data").obj_offset, 4))
def v(self, vm=None): return utils.inet_ntop(socket.AF_INET6, obj.NativeType.v(self))
# You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # import socket from rekall import kb from rekall import obj from rekall import utils from rekall.plugins.overlays.windows import pe_vtypes AF_INET = 2 AF_INET6 = 0x17 # String representations of INADDR_ANY and INADDR6_ANY inaddr_any = utils.inet_ntop(socket.AF_INET, '\0' * 4) inaddr6_any = utils.inet_ntop(socket.AF_INET6, '\0' * 16) protos = { 0: "HOPOPT", 1: "ICMP", 2: "IGMP", 3: "GGP", 4: "IPv4", 5: "ST", 6: "TCP", 7: "CBT", 8: "EGP", 9: "IGP", 10: "BBN-RCC-MON", 11: "NVP-II",
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # import socket from rekall import kb from rekall import obj from rekall import utils from rekall.plugins.overlays import basic from rekall.plugins.overlays.windows import pe_vtypes AF_INET = 2 AF_INET6 = 0x17 # String representations of INADDR_ANY and INADDR6_ANY inaddr_any = utils.inet_ntop(socket.AF_INET, '\0' * 4) inaddr6_any = utils.inet_ntop(socket.AF_INET6, '\0' * 16) protos = { 0:"HOPOPT", 1:"ICMP", 2:"IGMP", 3:"GGP", 4:"IPv4", 5:"ST", 6:"TCP", 7:"CBT", 8:"EGP", 9:"IGP", 10:"BBN-RCC-MON", 11:"NVP-II",