def recvInPackets(self,event): nPid = event.get_pid() oProcess = Process(nPid) if(self.bStartLog ==True): #RECV_LENGTH_ADDRESS = 0x0018FC04 #RECV_ADDRESS = 0x0018FC10 RECV_LENGTH_ADDRESS = 0x0018FC14 RECV_ADDRESS = 0x0018FC20 if(oProcess.is_address_readable(RECV_ADDRESS)): address = oProcess.read_pointer(RECV_ADDRESS) if(oProcess.is_address_readable(address)): sLength = oProcess.read(RECV_LENGTH_ADDRESS,1) nLength = int(toHex(sLength),16) if(nLength>0): file = open("config/recv.cfg", "r") hPacket = self.checkInPacket(address,oProcess,nLength) if(self.bBlock==True): if(len(self.lBlockRecv)>0): for pck in self.lBlockRecv: if(hPacket == pck): bytes = len(hPacket)/2 packie = "" for i in range(0,bytes): packie +="00" print packie blockPacket = binascii.unhexlify(packie) oProcess.write(address,blockPacket) hPacket = self.checkInPacket(address,oProcess,nLength) if(hPacket[0:4]=='2901'): stackDbg.put("RCV|"+hPacket) self.recvQuests(hPacket) elif(hPacket[0:4]=='5401'): stackDbg.put("RCV|"+hPacket) self.editQuests(hPacket) elif(hPacket[0:2]=='36'): stackDbg.put("RCV|"+hPacket) else: stackDbg.put("RCV|"+hPacket) else: event.debug.dont_break_at(nPid,self.hRecvAddress)
def recvOutPackets(self,event): nPid = event.get_pid() oProcess = Process(nPid) if(self.bStartLog ==True): stackMem = event.get_thread().get_sp() address = event.get_process().read_pointer( stackMem+0x4 ) if(oProcess.is_address_readable(address)): hPacket = self.checkOutPacket(address,oProcess) if(self.bBlock==True): if(len(self.lBlockSend)>0): for pck in self.lBlockSend: if(hPacket == pck): bytes = len(hPacket)/2 packie = hPacket[:4] for i in range(0,bytes-2): packie +="00" if(len(packie) % 2 == 0): blockPacket = binascii.unhexlify(packie) oProcess.write(address,blockPacket) else: packie +="0" blockPacket = binascii.unhexlify(packie) oProcess.write(address,blockPacket) hPacket = self.checkOutPacket(address,oProcess) if(hPacket[:2]=="01"): if(self.bSend==True): sSendPacket = self.sendPacket(oProcess,address) if(sSendPacket!="NOWRITE"): if(sSendPacket!=None): stackDbg.put("SND|"+sSendPacket) else: stackDbg.put("SND|"+hPacket) else: stackDbg.put("SND|"+hPacket) else: stackDbg.put("SND|"+hPacket) else: event.debug.dont_break_at(nPid,self.hSendAddress)