def read_ftr(filename, delete_keys=None): offset_size = 1859 ftr_record_struct = Struct("record", LFloat32("Datetime"), LFloat32("PosX"), LFloat32("PosY"), LFloat32("Altitude"), LFloat32("Qx"), LFloat32("Qy"), LFloat32("Qz"), LFloat32("Qw"), LFloat32("DistUnused"), ) ftr_struct = Struct("ftr_header", String("filetype", 4), #Bytes("unknown00", 136), #String("FirstName", 17), Bytes("unknown00", 135), String("FirstName", 17), String("FamilyName", 17), String("Country", 17), String("RN", 8), String("CN", 4), Bytes("unknown02", 5), String("Landscape", 17), Bytes("unknown03", offset_size - 4 - 135 - 17 - 17 - 17 - 17 - 17), ULInt32("length"), # uint32 (4 bytes) @ 1859 Array(lambda ctx: ctx.length, ftr_record_struct), ) with open(filename, "rb") as fd: dat = ftr_struct.parse_stream(fd) df_ftr = pd.DataFrame(dat['record']) df_ftr['Time'] = df_ftr['Datetime'] * 3600.0 df_ftr['Time'] = df_ftr['Time'] - df_ftr['Time'].irow(0) df_ftr['Datetime'] = pd.to_datetime(df_ftr['Time'], unit='s') df_ftr['Deltatime'] = df_ftr['Datetime'] - df_ftr['Datetime'].shift(1) df_ftr['Deltatime'] = df_ftr['Deltatime'] / np.timedelta64(1, 's') # Deltatime as seconds #df_ftr['Vz'] = ((df_ftr['Altitude'] - df_ftr['Altitude'].shift(1)).fillna(0) / df_ftr['Deltatime']).fillna(0) #df_ftr = df_ftr.set_index('Datetime', verify_integrity=True) df_ftr = df_ftr.set_index('Time', verify_integrity=True) # Time (s) dat['record'] = df_ftr if delete_keys is not None: for key in delete_keys: if key in dat.keys(): del dat[key] for key in ['FirstName', 'FamilyName', 'Country', 'Landscape', 'RN', 'CN']: length = ord(dat[key][0]) s = dat[key][1:length+1] dat[key] = s.replace('\x00', '') assert len(dat[key])==length, "Length error with %s len=%d should be %d" % (s, len(s), length) return(dat)
def __init__(self, filename, encoding=None, password=None, cached=True, check=False, current_tablename=None, date_fieldname=None, time_fieldname=None, decryptor_class=TpsDecryptor): self.filename = filename self.encoding = encoding self.password = password self.cached = cached self.check = check self.current_table_number = None # Name part before .tps self.name = os.path.basename(filename) self.name = text_type(os.path.splitext(self.name)[0]).lower() if date_fieldname is not None: self.date_fieldname = date_fieldname else: self.date_fieldname = [] if time_fieldname is not None: self.time_fieldname = time_fieldname else: self.time_fieldname = [] self.cache_pages = {} if not os.path.isfile(self.filename): raise FileNotFoundError(self.filename) self.file_size = os.path.getsize(self.filename) # Check file size if check: if self.file_size & 0x3F != 0: # TODO check translate warn('File size is not a multiple of 64 bytes.', RuntimeWarning) with open(self.filename, mode='r+b') as tpsfile: self.tps_file = mmap.mmap(tpsfile.fileno(), 0) self.decryptor = decryptor_class(self.tps_file, self.password) try: # TPS file header header = Struct('header', ULInt32('offset'), ULInt16('size'), ULInt32('file_size'), ULInt32('allocated_file_size'), Const(Bytes('top_speed_mark', 6), b'tOpS\x00\x00'), UBInt32('last_issued_row'), ULInt32('change_count'), ULInt32('page_root_ref'), Array(lambda ctx: (ctx['size'] - 0x20) / 2 / 4, ULInt32('block_start_ref')), Array(lambda ctx: (ctx['size'] - 0x20) / 2 / 4, ULInt32('block_end_ref')), ) self.header = header.parse(self.read(0x200)) self.pages = TpsPagesList(self, self.header.page_root_ref, check=self.check) self.tables = TpsTablesList(self, encoding=self.encoding, check=self.check) self.set_current_table(current_tablename) except adapters.ConstError: print('Bad cryptographic keys.')
def test(self): pstring = Struct("pstring", UBInt8("length"), Struct("inner", UBInt8("inner_length"), Bytes("data", foo), ) ) obj = pstring.parse(six.b("\x03\x02helloXXX")) print(repr(obj)) self.assertEqual(obj, Container(length = 3, inner = Container(inner_length = 2, data = six.b("hello")))) size = pstring._sizeof(Container(inner_length = 2, _ = Container(length = 3))) self.assertEqual(size, 7)
def parse_header(data): """ split up header information (using construct) """ mavlink_header = Struct('header', Const(Byte('magic'), MAVLINK_MAGIC), Byte('plength'), Byte('sequence'), Byte('sysid'), Byte('compid'), Byte('msgid'), ) return mavlink_header.parse(data[0:6])
def _parse(self, stream, context): data = Struct._parse(self, stream, context) size = data._end - data._start aligned_length = aligned4(size) if aligned_length > size: # ignore the input stream.read(aligned_length - size) return data
def setUp(self): self.cons = Struct('foo', Enum(Byte("a_enum"), ALFA=1, BETA=2 ), Switch('switch', lambda ctx: ctx.a_enum, { 'ALFA': Embed(Struct('struct_alfa', Byte('byte_alfa'))), 'BETA': Embed(Struct('struct_beta', Byte('byte_beta'))), }) )
def test_overwrite(self): s = Struct("s", Byte("a"), Byte("a"), allow_overwrite = True ) self.assertEqual(s.parse(six.b("\x01\x02")).a, 2) s = Struct("s", Byte("a"), Embedded(Struct("b", Byte("a"), allow_overwrite = True )), ) self.assertEqual(s.parse(six.b("\x01\x02")).a, 2) s = Struct("s", Embedded(Struct("b", Byte("a"), )), Byte("a"), allow_overwrite = True ) self.assertEqual(s.parse(six.b("\x01\x02")).a, 2)
def get_data(binary_data): """Get data from binary string.""" raw_header, raw_body = binary_data[:HEADER_LENTH], binary_data[HEADER_LENTH+1:] # TODO !!! Uncomment when will take valid data !!! #header = HEADER_FORMAT.parse(raw_header) # if binascii.crc_hqx(raw_body, 0xffff) != header.checksum: # logger.exception('Checksums is not match') # raise InputError(binascii.crc_hqx(raw_body, 0xffff), 'Checksums is not match') result = {} while True: current_type = raw_body[:1] if not current_type: return result type_of_struct = "0x{}".format(binascii.hexlify(current_type)) data = STRUCT_TYPES.get(type_of_struct, None) if not data: logger.exception('Data type is not exist') raise AttributeError data_size = data[1] if not isinstance(data[1], int) else Byte[data[1]] body_format = Struct( "type" / Int8ul, "data" / data_size, ) # TODO !!! Remove that exception when will take valid data try: current = body_format.parse(raw_body[:data_size.sizeof()+1]) except : return result result[data[0]] = current.data raw_body = raw_body[body_format.sizeof():]
def dispatch(stream, protodef): opcode = ULInt16("opcode").parse_stream(stream) if opcode in protodef: func, macro = protodef[opcode] data = macro.parse_stream(stream) func(data) else: data = '' pktlen = packet_lengths.get(opcode, -1) if pktlen > 0: data = stream.read(pktlen - 2) elif pktlen == -1: datadef = Struct("data", ULInt16("length"), MetaField("ignore", lambda ctx: ctx["length"] - 4)) data = datadef.parse_stream(stream) netlog.warning('UNIMPLEMENTED opcode={:04x} data={}'.format( opcode, data))
class TestMetaFieldStruct(unittest.TestCase): def setUp(self): self.mf = MetaField("data", lambda context: context["length"]) self.s = Struct("foo", Byte("length"), self.mf) def test_trivial(self): pass def test_parse(self): c = self.s.parse(b"\x03ABC") self.assertEqual(c.length, 3) self.assertEqual(c.data, b"ABC") c = self.s.parse(b"\x04ABCD") self.assertEqual(c.length, 4) self.assertEqual(c.data, b"ABCD") def test_sizeof_default(self): self.assertRaises(SizeofError, self.mf.sizeof) def test_sizeof(self): context = Container(length=4) self.assertEqual(self.mf.sizeof(context), 4)
def __init__(self): # 接收数据的数据格式定义 self.rfidFrame = Struct("frame", OptionalGreedyRange( Struct("packets", UBInt16("header"), Enum(UBInt8("cmdcode"), F1=0xF1, F2=0xF2, F3=0xF3, F4=0xF4, ), Switch("datas", lambda ctx: ctx.cmdcode, { "F1": Struct("sub", UBInt8("readerID"), UBInt8("packet_len"), UBInt8("status"), Array(lambda ctx: ( ctx.packet_len - 2 - 1 - 1 - 1 - 1 - 2) / 6, Struct("blocks", # UBInt8('elec'), Array(3, UBInt8('cardID')), UBInt8('triggerID'), UBInt16('relativeTime') ) ) ), "F2": Struct("sub", UBInt8("packet_len"), UBInt8("readerID")), "F3": Struct("sub", UBInt8("packet_len"), UBInt8("result")), "F4": Struct("sub", UBInt8("packet_len"), UBInt8("rssl")), } ), UBInt16("crc"), ) ), OptionalGreedyRange( UBInt8("leftovers"), ), ) self.readerID = None self.rssl = 1 self.triggerID = None
class TestEmbedingBranch(TestCase): def setUp(self): self.cons = Struct('foo', Enum(Byte("a_enum"), ALFA=1, BETA=2 ), Switch('switch', lambda ctx: ctx.a_enum, { 'ALFA': Embed(Struct('struct_alfa', Byte('byte_alfa'))), 'BETA': Embed(Struct('struct_beta', Byte('byte_beta'))), }) ) def test_construct(self): contents = self.cons.parse('\x01\x03\xee\x33') self.assertIn('a_enum', contents) self.assertEqual(contents['a_enum'], 'ALFA') self.assertIn('byte_alfa', contents)
class RfidFrame(object): def __init__(self): # 接收数据的数据格式定义 self.rfidFrame = Struct("frame", OptionalGreedyRange( Struct("packets", UBInt16("header"), Enum(UBInt8("cmdcode"), F1=0xF1, F2=0xF2, F3=0xF3, F4=0xF4, ), Switch("datas", lambda ctx: ctx.cmdcode, { "F1": Struct("sub", UBInt8("readerID"), UBInt8("packet_len"), UBInt8("status"), Array(lambda ctx: ( ctx.packet_len - 2 - 1 - 1 - 1 - 1 - 2) / 6, Struct("blocks", # UBInt8('elec'), Array(3, UBInt8('cardID')), UBInt8('triggerID'), UBInt16('relativeTime') ) ) ), "F2": Struct("sub", UBInt8("packet_len"), UBInt8("readerID")), "F3": Struct("sub", UBInt8("packet_len"), UBInt8("result")), "F4": Struct("sub", UBInt8("packet_len"), UBInt8("rssl")), } ), UBInt16("crc"), ) ), OptionalGreedyRange( UBInt8("leftovers"), ), ) self.readerID = None self.rssl = 1 self.triggerID = None def rfidFrameParse(self, bytestream): return self.rfidFrame.parse(bytestream) def handle_data(self, pkgs): cmdcode = pkgs[0].cmdcode # datas = pkgs.packets.datas[0] # 对指令码判断工作模式 if cmdcode == "F1": # 存储温度,湿度,以及其他数据 print self.data_p(pkgs) # #rfidDb.saveID( self.cardID,self.triggerID,) #存储触发器id和卡号到数据库 # # print 'the trigger ID is :', self.triggerID # print 'the card ID is :', self.cardID elif cmdcode == "F2": # 得到阅读器id self.readerID = self.getReaderID(pkgs) print self.readerID elif cmdcode == 'F3': # 此处还不能写小写的f3,是字符串匹配,要和系统返回的一样.否则无法进入循环 # 获得设置门限值的结果 result = self.getResult(pkgs) result = hex(result) # 此处result的值是2进制数要转换成16进制数来进行门限值的设置结果判断 if result == '0xaa': print 'setted success' else: print 'setted falure' elif cmdcode == "F4": # 得到门限值 self.rssl = self.getRSSI(pkgs) print self.rssl def getReaderID(self, pkgs): return pkgs[0].datas.readerID def getCardID(self, pkgs): return pkgs[0].datas.blocks[0].cardID def getTriggerID(self, pkgs): return pkgs[0].datas.blocks[0].triggerID def getResult(self, pkgs): return pkgs[0].datas.result def getRSSI(self, pkgs): return pkgs[0].datas.rssl def data_p(self, pkgs): data = "" # 处理卡号和触发器id important_data = "" for pkg in pkgs[0].datas.blocks: cardID = pkg.cardID if cardID[0] == 1: print cardID print dec_to_hex(cardID[1]) + dec_to_hex(cardID[2]), "电量异常" data += dec_to_hex(cardID[1]) data += dec_to_hex(cardID[2]) triggerID = pkg.triggerID if triggerID != 0: important_data += hex_to_dec(data) + ":" + str(triggerID) + "," data = "" important_data = important_data[0:-1] + "\n" return important_data
class Microsoft_Windows_NFC_ClassExtension_104_1(Etw): pattern = Struct( "FileObject" / Int64ul )
def setUp(self): self.mf = MetaField("data", lambda context: context["length"]) self.s = Struct("foo", Byte("length"), self.mf)
def __init__(self, name, *subcons, **kw): subcons = (Anchor("_start"),) + subcons + (Anchor("_end"),) Struct.__init__(self, name, *subcons, **kw)
def __setup_constructors(self): '''Set endianness and create transport-specific constructors.''' # Set endianness of constructors before using them. self._set_endian('little') self.__Length = Int32ul self.__Type = Enum( Int16ul, default=Pass, Undefined=0x0000, Command=0x0001, Data=0x0002, Response=0x0003, Event=0x0004, ) # This is just a convenience constructor to get the size of a header. self.__Code = Int16ul self.__Header = Struct( 'Length' / self.__Length, 'Type' / self.__Type, 'Code' / self.__Code, 'TransactionID' / self._TransactionID, ) # These are the actual constructors for parsing and building. self.__CommandHeader = Struct( 'Length' / self.__Length, 'Type' / self.__Type, 'OperationCode' / self._OperationCode, 'TransactionID' / self._TransactionID, ) self.__ResponseHeader = Struct( 'Length' / self.__Length, 'Type' / self.__Type, 'ResponseCode' / self._ResponseCode, 'TransactionID' / self._TransactionID, ) self.__EventHeader = Struct( 'Length' / self.__Length, 'Type' / self.__Type, 'EventCode' / self._EventCode, 'TransactionID' / self._TransactionID, ) # Apparently nobody uses the SessionID field. Even though it is # specified in ISO15740:2013(E), no device respects it and the session # number is implicit over USB. self.__Param = Range(0, 5, self._Parameter) self.__CommandTransactionBase = Struct( Embedded(self.__CommandHeader), 'Payload' / Bytes( lambda ctx, h=self.__Header: ctx.Length - h.sizeof() ) ) self.__CommandTransaction = ExprAdapter( self.__CommandTransactionBase, encoder=lambda obj, ctx, h=self.__Header: Container( Length=len(obj.Payload) + h.sizeof(), **obj ), decoder=lambda obj, ctx: obj, ) self.__ResponseTransactionBase = Struct( Embedded(self.__ResponseHeader), 'Payload' / Bytes( lambda ctx, h=self.__Header: ctx.Length - h.sizeof()) ) self.__ResponseTransaction = ExprAdapter( self.__ResponseTransactionBase, encoder=lambda obj, ctx, h=self.__Header: Container( Length=len(obj.Payload) + h.sizeof(), **obj ), decoder=lambda obj, ctx: obj, )
class Microsoft_Windows_Websocket_Protocol_Component_2_0(Etw): pattern = Struct("Id" / Int32ul, "OperationType" / Int32ul)
class Microsoft_Windows_Websocket_Protocol_Component_1_0(Etw): pattern = Struct("TraceMessage" / WString, "Error" / Int32ul)
class Microsoft_Windows_Subsys_Csr_4_1(Etw): pattern = Struct("Status" / Int32ul, "ProcessId" / Int32ul)
class Microsoft_Windows_Subsys_Csr_4_0(Etw): pattern = Struct("Status" / Int32ul)
class Microsoft_Windows_Subsys_Csr_3_0(Etw): pattern = Struct("ProcessId" / Int32ul, "Level" / Int32ul, "Flags" / Int32ul)
LOAD_SEGMENT_CHUNK_HEADER_LENGTH = 3 MIN_PADDING_LENGTH = 1 SCP_MAC_LENGTH = 0xE LEDGER_HSM_URL = "https://hsmprod.hardwarewallet.com/hsm/process" LEDGER_HSM_KEY = "perso_11" ApduListAppsResponse = Struct( Const(b"\x01"), # Version apps=GreedyRange( Struct( # Application # Prefixed by the size of the structure, size included. _size=Rebuild(Int8ub, 1 + 4 + 32 + 32 + len_(this.name)), flags=Hex(Int32ub), code_data_hash=Bytes(32), full_hash=Bytes(32), name=PascalString(Int8ub, "utf-8"), ) ), ) VersionInfo = Struct( target_id=Hex(Int32ub), se_version=PascalString(Int8ub, "utf-8"), _flags_len=Const(b"\x04"), flags=FlagsEnum( Int32ul, recovery_mode=1, signed_mcu=2,
@classmethod def decode(cls, data: str, encoding: str): data_bytes = decode_byte_string(data, encoding) parsed = DECODE_VALIDATOR_LIST_LAYOUT.parse(data_bytes) print(parsed) return ValidatorList( max_validators=parsed['max_validators'], validators=[ ValidatorStakeInfo.decode_container(container) for container in parsed['validators'] ], ) FEE_LAYOUT = Struct( "denominator" / Int64ul, "numerator" / Int64ul, ) STAKE_POOL_LAYOUT = Struct( "account_type" / Int8ul, "manager" / PUBLIC_KEY_LAYOUT, "staker" / PUBLIC_KEY_LAYOUT, "stake_deposit_authority" / PUBLIC_KEY_LAYOUT, "stake_withdraw_bump_seed" / Int8ul, "validator_list" / PUBLIC_KEY_LAYOUT, "reserve_stake" / PUBLIC_KEY_LAYOUT, "pool_mint" / PUBLIC_KEY_LAYOUT, "manager_fee_account" / PUBLIC_KEY_LAYOUT, "token_program_id" / PUBLIC_KEY_LAYOUT, "total_lamports" / Int64ul, "pool_token_supply" / Int64ul,
def __setup_constructors(self): '''Set endianness and create transport-specific constructors.''' # Set endianness of constructors before using them. self._set_endian('little') self.__Length = Int32ul self.__Type = Enum( Int32ul, Undefined=0x00000000, InitCommand=0x00000001, InitCommandAck=0x00000002, InitEvent=0x00000003, InitEventAck=0x00000004, InitFail=0x00000005, Command=0x00000006, Response=0x00000007, Event=0x00000008, StartData=0x00000009, Data=0x0000000A, Cancel=0x0000000B, EndData=0x0000000C, Ping=0x0000000D, Pong=0x0000000E, ) self.__Header = Struct( 'Length' / self.__Length, 'Type' / self.__Type, ) self.__Param = Range(0, 5, self._Parameter) self.__EventParam = Range(0, 3, self._Parameter) self.__PacketBase = Struct( Embedded(self.__Header), 'Payload' / Bytes( lambda ctx, h=self.__Header: ctx.Length - h.sizeof()), ) self.__Packet = ExprAdapter( self.__PacketBase, encoder=lambda obj, ctx, h=self.__Header: Container( Length=len(obj.Payload) + h.sizeof(), **obj ), decoder=lambda obj, ctx: obj, ) # Yet another arbitrary string type. Max-length CString utf8-encoded self.__PTPIPString = ExprAdapter( RepeatUntil( lambda obj, ctx, lst: six.unichr(obj) in '\x00' or len(lst) == 40, Int16ul ), encoder=lambda obj, ctx: [] if len(obj) == 0 else[ord(c) for c in six.text_type(obj)]+[0], decoder=lambda obj, ctx: u''.join( [six.unichr(o) for o in obj] ).split('\x00')[0], ) # PTP/IP packets # Command self.__ProtocolVersion = Struct( 'Major' / Int16ul, 'Minor' / Int16ul, ) self.__InitCommand = Embedded(Struct( 'InitiatorGUID' / Array(16, Int8ul), 'InitiatorFriendlyName' / self.__PTPIPString, 'InitiatorProtocolVersion' / self.__ProtocolVersion, )) self.__InitCommandACK = Embedded(Struct( 'ConnectionNumber' / Int32ul, 'ResponderGUID' / Array(16, Int8ul), 'ResponderFriendlyName' / self.__PTPIPString, 'ResponderProtocolVersion' / self.__ProtocolVersion, )) # Event self.__InitEvent = Embedded(Struct( 'ConnectionNumber' / Int32ul, )) # Common to Events and Command requests self.__Reason = Enum( # TODO: Verify these codes... Int32ul, Undefined=0x0000, RejectedInitiator=0x0001, Busy=0x0002, Unspecified=0x0003, ) self.__InitFail = Embedded(Struct( 'Reason' / self.__Reason, )) self.__DataphaseInfo = Enum( Int32ul, Undefined=0x00000000, In=0x00000001, Out=0x00000002, ) self.__Command = Embedded(Struct( 'DataphaseInfo' / self.__DataphaseInfo, 'OperationCode' / self._OperationCode, 'TransactionID' / self._TransactionID, 'Parameter' / self.__Param, )) self.__Response = Embedded(Struct( 'ResponseCode' / self._ResponseCode, 'TransactionID' / self._TransactionID, 'Parameter' / self.__Param, )) self.__Event = Embedded(Struct( 'EventCode' / self._EventCode, 'TransactionID' / self._TransactionID, 'Parameter' / self.__EventParam, )) self.__StartData = Embedded(Struct( 'TransactionID' / self._TransactionID, 'TotalDataLength' / Int64ul, )) # TODO: Fix packing and unpacking dataphase data self.__Data = Embedded(Struct( 'TransactionID' / self._TransactionID, 'Data' / Bytes( lambda ctx: ctx._.Length - self.__Header.sizeof() - self._TransactionID.sizeof() ), )) self.__EndData = Embedded(Struct( 'TransactionID' / self._TransactionID, 'Data' / Bytes( lambda ctx: ctx._.Length - self.__Header.sizeof() - self._TransactionID.sizeof() ), )) self.__Cancel = Embedded(Struct( 'TransactionID' / self._TransactionID, )) # Convenience construct for parsing packets self.__PacketPayload = Debugger(Struct( 'Header' / Embedded(self.__Header), 'Payload' / Embedded(Switch( lambda ctx: ctx.Type, { 'InitCommand': self.__InitCommand, 'InitCommandAck': self.__InitCommandACK, 'InitEvent': self.__InitEvent, 'InitFail': self.__InitFail, 'Command': self.__Command, 'Response': self.__Response, 'Event': self.__Event, 'StartData': self.__StartData, 'Data': self.__Data, 'EndData': self.__EndData, }, default=Pass, )) ))
class Microsoft_Windows_Websocket_Protocol_Component_4_0(Etw): pattern = Struct("Id" / Int32ul)
return play_method(command, *command_args) class ProntoPulseAdapter(Adapter): def _decode(self, obj, context, path): return int(obj * context._.modulation_period) def _encode(self, obj, context, path): raise RuntimeError('Not implemented') ChuangmiIrSignal = Struct( Const(0xa567, Int16ul), 'edge_count' / Rebuild(Int16ul, len_(this.edge_pairs) * 2 - 1), 'times_index' / Array(16, Int32ul), 'edge_pairs' / Array( (this.edge_count + 1) // 2, BitStruct( 'gap' / BitsInteger(4), 'pulse' / BitsInteger(4), ))) ProntoBurstPair = Struct( 'pulse' / ProntoPulseAdapter(Int16ub), 'gap' / ProntoPulseAdapter(Int16ub), ) Pronto = Struct( Const(0, Int16ub), '_ticks' / Int16ub, 'modulation_period' / Computed(this._ticks * 0.241246), 'frequency' / Computed(1000000 / this.modulation_period),
class Microsoft_Windows_AssignedAccess_10004_0(Etw): pattern = Struct("AppID" / WString)
Who : jesse @ housejunkie . ca """ from construct import ( Byte, Enum, Struct, UBInt16, UBInt32, ) from construct.protocols.layer3.ipv4 import IpAddress igmp_type = Enum(Byte("igmp_type"), MEMBERSHIP_QUERY = 0x11, MEMBERSHIP_REPORT_V1 = 0x12, MEMBERSHIP_REPORT_V2 = 0x16, LEAVE_GROUP = 0x17, ) igmpv2_header = Struct("igmpv2_header", igmp_type, Byte("max_resp_time"), UBInt16("checksum"), IpAddress("group_address"), ) if __name__ == '__main__': capture = "1600FA01EFFFFFFD".decode("hex") print igmpv2_header.parse(capture)
class Microsoft_Windows_AssignedAccess_20000_0(Etw): pattern = Struct("SID" / WString, "UserName" / WString, "AppID" / WString, "AppName" / WString)
class Microsoft_AppV_ServiceLog_3_0(Etw): pattern = Struct( "Message" / WString, "Function" / WString, "Line" / Int32ul )
class Microsoft_Windows_AssignedAccess_30000_0(Etw): pattern = Struct("File" / CString, "LineNumber" / Int32ul, "ErrorCode" / Int32ul, "ErrorCodeExpanded" / Int32sl)
if(sysstr =="Windows"): print ("Call Windows tasks") elif(sysstr == "Linux"): print ("Call Linux tasks") else: print ("Other System tasks") # UsePlatform() from construct import Struct, OptionalGreedyRange, Embed, Enum, Switch,String from construct import UBInt8, UBInt16, UBInt32, UBInt64, Byte from construct.macros import Array rfid = Struct("frame", UBInt8("flagID"), String("f",1), Array(4, String("nodeID",1)), ) mm = rfid.parse("F1070E0100138E0000F21D65" | hexStr_to_hex) print mm print [binascii.b2a_hex(x) for x in mm.nodeID] # print binascii.b2a_hex(mm.f) # print mm.flagID # print '01' | hex_to_dec # print [binascii.b2a_hex(x) for x in mm.nodeID ] a = {'or':2} # print a[::-1] if not a.get('order'): print 12
class Microsoft_Windows_AssignedAccess_31001_0(Etw): pattern = Struct("ErrorCode" / Int32sl)
class Microsoft_Windows_AssignedAccess_32000_0(Etw): pattern = Struct("Custom" / WString, "ErrorCode" / Int32ul)
class Microsoft_Windows_NFC_ClassExtension_201_1(Etw): pattern = Struct( "RadioIsOn" / Int8ul )
SERVER_INVITE_OPTION = 0x12 ), Switch("OptionData", lambda ctx: ctx["OptionID"], { "CLIENT_NICK_OPTION" : CString('Nickname'), "CLIENT_MEMBERSHIP_OPTION" : ClientMemberShipOption, "SERVER_OPTION" : Struct("ServerOption", ULInt16('Port')), "SERVER_CHANNELS_OPTION" : PrefixedArray(CString('Channels'), ULInt8("NumChannels")), "SERVER_INVITE_OPTION" : ServerInviteOption } ) ) peerPDU = Struct( 'peerPDU', CString('ClientID'), OptionalGreedyRepeater(Option) ) if __name__ == '__main__': data = peerPDU.build(Container(ClientID="Bob", Option=[ Container(OptionID="SERVER_INVITE_OPTION", OptionData=Container(ChannelID="TM2011", ClientID=["Alice", "Billy"])), Container(OptionID="CLIENT_NICK_OPTION", OptionData="Susan")] ) ) print repr(data) packet = peerPDU.parse(data) print packet
class Microsoft_Windows_NFC_ClassExtension_303_1(Etw): pattern = Struct( "Version" / Int32ul )
from construct import Struct, Int64ul, Int32ul, Int16ul, Int8ul from ctypes import CFUNCTYPE, c_void_p, c_uint32, c_uint64, c_uint8, c_uint16, c_ssize_t import ctypes import chip.native import threading import chip.tlv import chip.exceptions import typing from dataclasses import dataclass # The type should match CommandStatus in interaction_model/Delegate.h # CommandStatus should not contain padding IMCommandStatus = Struct( "Status" / Int8ul, "ClusterStatus" / Int8ul, "EndpointId" / Int16ul, "ClusterId" / Int32ul, "CommandId" / Int32ul, "CommandIndex" / Int8ul, ) # The type should match WriteStatus in interaction_model/Delegate.h IMWriteStatus = Struct( "NodeId" / Int64ul, "AppIdentifier" / Int64ul, "Status" / Int8ul, "EndpointId" / Int16ul, "ClusterId" / Int32ul, "AttributeId" / Int32ul, ) # AttributePath should not contain padding
class Microsoft_Windows_NFC_ClassExtension_304_1(Etw): pattern = Struct( "FirmwareFile" / WString, "Force" / Int8ul )
''' Siemens/Bruker Diffrac-AT Raw Format * https://github.com/wojdyr/xylib/blob/master/xylib/brucker_raw.cpp ''' from __future__ import absolute_import import numpy as np from construct import (Padding, Struct, Switch, String, Array, Const, OnDemand, Embedded, Computed, Int32ul, Int16ul, Float64l, Float32l, this, Check) from .construct_utils import FixedSizeCString Block_v2 = Struct('header_len' / Int16ul, 'num_steps' / Int16ul, Padding(4), 'time_per_step' / Float32l, 'x_step' / Float64l, 'x_start' / Float64l, Padding(26), 'temperature' / Int16ul, Padding(this.header_len - 48), 'y' / OnDemand(Array(this.num_steps, Float32l))) RAW_v2 = Struct('num_steps' / Int32ul, Padding(162), 'date_time_measure' / FixedSizeCString(20), 'anode_material' / FixedSizeCString(2), 'lambda1' / Float32l, 'lambda2' / Float32l, 'intensity_ratio' / Float32l, Padding(8), 'sample_runtime' / Float32l, Padding(42), 'blocks' / Array(this.num_steps, Block_v2)) Block_v101 = Struct( 'header_len' / Int32ul, Check(this.header_len == 304), 'num_steps' / Int32ul, 'start_theta' / Float64l, 'start_2theta' / Float64l, Padding(76), 'high_voltage' / Float32l, 'amplifier_gain' / Float32l, 'discriminator_1_lower_level' / Float32l, Padding(64), 'step_size' / Float64l, Padding(8), 'time_per_step' / Float32l, Padding(12), 'rpm' / Float32l,
class Microsoft_Windows_NFC_ClassExtension_306_1(Etw): pattern = Struct( "RfArrivalDepartureEvent" / Int32ul )
class IPTransport(object): '''Implement IP transport.''' def __init__(self, device=None): '''Instantiate the first available PTP device over IP''' self.__setup_constructors() logger.debug('Init IP') self.__dev = device if device is None: raise NotImplementedError( 'IP discovery not implemented. Please provide a device.' ) self.__device = device # Signal usable implicit session self.__implicit_session_open = Event() # Signal implicit session is shutting down self.__implicit_session_shutdown = Event() self.__check_session_lock = Lock() self.__transaction_lock = Lock() self.__event_queue = Queue() atexit.register(self._shutdown) def _shutdown(self): try: self.__close_implicit_session() except Exception as e: logger.error(e) @contextmanager def __implicit_session(self): '''Manage implicit sessions with responder''' # There is now an implicit session self.__check_session_lock.acquire() if not self.__implicit_session_open.is_set(): try: self.__open_implicit_session() self.__check_session_lock.release() yield except Exception as e: logger.error(e) raise PTPError('Failed to open PTP/IP implicit session') finally: if self.__implicit_session_open.is_set(): self.__close_implicit_session() if self.__check_session_lock.locked(): self.__check_session_lock.release() else: self.__check_session_lock.release() yield def __open_implicit_session(self): '''Establish implicit session with responder''' self.__implicit_session_shutdown.clear() # Establish Command and Event connections if type(self.__device) is tuple: host, port = self.__device self.__setup_connection(host, port) else: self.__setup_connection(self.__device) self.__implicit_session_open.set() # Prepare Event and Probe threads self.__event_proc = Thread( name='EvtPolling', target=self.__poll_events ) self.__event_proc.daemon = False self.__ping_pong_proc = Thread( name='PingPong', target=self.__ping_pong ) self.__ping_pong_proc.daemon = False # Launch Event and Probe threads self.__event_proc.start() self.__ping_pong_proc.start() def __close_implicit_session(self): '''Terminate implicit session with responder''' self.__implicit_session_shutdown.set() if not self.__implicit_session_open.is_set(): return # Only join running threads. if self.__event_proc.is_alive(): self.__event_proc.join(2) if self.__ping_pong_proc.is_alive(): self.__ping_pong_proc.join(2) logger.debug('Close connections for {}'.format(repr(self.__dev))) try: self.__evtcon.shutdown(socket.SHUT_RDWR) except socket.error as e: if e.errno == 107: pass else: raise e try: self.__cmdcon.shutdown(socket.SHUT_RDWR) except socket.error as e: if e.errno == 107: pass else: raise e self.__evtcon.close() self.__cmdcon.close() self.__implicit_session_open.clear() def __setup_connection(self, host=None, port=15740): '''Establish a PTP/IP session for a given host''' logger.debug( 'Establishing PTP/IP connection with {}:{}' .format(host, port) ) socket.setdefaulttimeout(5) hdrlen = self.__Header.sizeof() # Command Connection Establishment self.__cmdcon = create_connection((host, port)) # Send InitCommand # TODO: Allow users to identify as an arbitrary initiator. init_cmd_req_payload = self.__InitCommand.build( Container( InitiatorGUID=16*[0xFF], InitiatorFriendlyName='PTPy', InitiatorProtocolVersion=Container( Major=100, Minor=000, ), )) init_cmd_req = self.__Packet.build( Container( Type='InitCommand', Payload=init_cmd_req_payload, ) ) actual_socket(self.__cmdcon).sendall(init_cmd_req) # Get ACK/NACK init_cmd_req_rsp = actual_socket(self.__cmdcon).recv(72) init_cmd_rsp_hdr = self.__Header.parse( init_cmd_req_rsp[0:hdrlen] ) if init_cmd_rsp_hdr.Type == 'InitCommandAck': cmd_ack = self.__InitCommandACK.parse(init_cmd_req_rsp[hdrlen:]) logger.debug( 'Command connection ({}) established' .format(cmd_ack.ConnectionNumber) ) elif init_cmd_rsp_hdr.Type == 'InitFail': cmd_nack = self.__InitFail.parse(init_cmd_req_rsp[hdrlen:]) msg = 'InitCommand failed, Reason: {}'.format( cmd_nack ) logger.error(msg) raise PTPError(msg) else: msg = 'Unexpected response Type to InitCommand : {}'.format( init_cmd_rsp_hdr.Type ) logger.error(msg) raise PTPError(msg) # Event Connection Establishment self.__evtcon = create_connection((host, port)) self.__evtcon.setsockopt(socket.IPPROTO_TCP, socket.TCP_NODELAY, 1) self.__evtcon.setsockopt(socket.IPPROTO_TCP, socket.SO_KEEPALIVE, 1) # Send InitEvent payload = self.__InitEvent.build(Container( ConnectionNumber=cmd_ack.ConnectionNumber, )) evt_req = self.__Packet.build( Container( Type='InitEvent', Payload=payload, ) ) actual_socket(self.__evtcon).sendall(evt_req) # Get ACK/NACK init_evt_req_rsp = actual_socket(self.__evtcon).recv( hdrlen + self.__InitFail.sizeof() ) init_evt_rsp_hdr = self.__Header.parse( init_evt_req_rsp[0:hdrlen] ) if init_evt_rsp_hdr.Type == 'InitEventAck': logger.debug( 'Event connection ({}) established' .format(cmd_ack.ConnectionNumber) ) elif init_evt_rsp_hdr.Type == 'InitFail': evt_nack = self.__InitFail.parse(init_evt_req_rsp[hdrlen:]) msg = 'InitEvent failed, Reason: {}'.format( evt_nack ) logger.error(msg) raise PTPError(msg) else: msg = 'Unexpected response Type to InitEvent : {}'.format( init_evt_rsp_hdr.Type ) logger.error(msg) raise PTPError(msg) # Helper methods. # --------------------- def __setup_constructors(self): '''Set endianness and create transport-specific constructors.''' # Set endianness of constructors before using them. self._set_endian('little') self.__Length = Int32ul self.__Type = Enum( Int32ul, Undefined=0x00000000, InitCommand=0x00000001, InitCommandAck=0x00000002, InitEvent=0x00000003, InitEventAck=0x00000004, InitFail=0x00000005, Command=0x00000006, Response=0x00000007, Event=0x00000008, StartData=0x00000009, Data=0x0000000A, Cancel=0x0000000B, EndData=0x0000000C, Ping=0x0000000D, Pong=0x0000000E, ) self.__Header = Struct( 'Length' / self.__Length, 'Type' / self.__Type, ) self.__Param = Range(0, 5, self._Parameter) self.__EventParam = Range(0, 3, self._Parameter) self.__PacketBase = Struct( Embedded(self.__Header), 'Payload' / Bytes( lambda ctx, h=self.__Header: ctx.Length - h.sizeof()), ) self.__Packet = ExprAdapter( self.__PacketBase, encoder=lambda obj, ctx, h=self.__Header: Container( Length=len(obj.Payload) + h.sizeof(), **obj ), decoder=lambda obj, ctx: obj, ) # Yet another arbitrary string type. Max-length CString utf8-encoded self.__PTPIPString = ExprAdapter( RepeatUntil( lambda obj, ctx, lst: six.unichr(obj) in '\x00' or len(lst) == 40, Int16ul ), encoder=lambda obj, ctx: [] if len(obj) == 0 else[ord(c) for c in six.text_type(obj)]+[0], decoder=lambda obj, ctx: u''.join( [six.unichr(o) for o in obj] ).split('\x00')[0], ) # PTP/IP packets # Command self.__ProtocolVersion = Struct( 'Major' / Int16ul, 'Minor' / Int16ul, ) self.__InitCommand = Embedded(Struct( 'InitiatorGUID' / Array(16, Int8ul), 'InitiatorFriendlyName' / self.__PTPIPString, 'InitiatorProtocolVersion' / self.__ProtocolVersion, )) self.__InitCommandACK = Embedded(Struct( 'ConnectionNumber' / Int32ul, 'ResponderGUID' / Array(16, Int8ul), 'ResponderFriendlyName' / self.__PTPIPString, 'ResponderProtocolVersion' / self.__ProtocolVersion, )) # Event self.__InitEvent = Embedded(Struct( 'ConnectionNumber' / Int32ul, )) # Common to Events and Command requests self.__Reason = Enum( # TODO: Verify these codes... Int32ul, Undefined=0x0000, RejectedInitiator=0x0001, Busy=0x0002, Unspecified=0x0003, ) self.__InitFail = Embedded(Struct( 'Reason' / self.__Reason, )) self.__DataphaseInfo = Enum( Int32ul, Undefined=0x00000000, In=0x00000001, Out=0x00000002, ) self.__Command = Embedded(Struct( 'DataphaseInfo' / self.__DataphaseInfo, 'OperationCode' / self._OperationCode, 'TransactionID' / self._TransactionID, 'Parameter' / self.__Param, )) self.__Response = Embedded(Struct( 'ResponseCode' / self._ResponseCode, 'TransactionID' / self._TransactionID, 'Parameter' / self.__Param, )) self.__Event = Embedded(Struct( 'EventCode' / self._EventCode, 'TransactionID' / self._TransactionID, 'Parameter' / self.__EventParam, )) self.__StartData = Embedded(Struct( 'TransactionID' / self._TransactionID, 'TotalDataLength' / Int64ul, )) # TODO: Fix packing and unpacking dataphase data self.__Data = Embedded(Struct( 'TransactionID' / self._TransactionID, 'Data' / Bytes( lambda ctx: ctx._.Length - self.__Header.sizeof() - self._TransactionID.sizeof() ), )) self.__EndData = Embedded(Struct( 'TransactionID' / self._TransactionID, 'Data' / Bytes( lambda ctx: ctx._.Length - self.__Header.sizeof() - self._TransactionID.sizeof() ), )) self.__Cancel = Embedded(Struct( 'TransactionID' / self._TransactionID, )) # Convenience construct for parsing packets self.__PacketPayload = Debugger(Struct( 'Header' / Embedded(self.__Header), 'Payload' / Embedded(Switch( lambda ctx: ctx.Type, { 'InitCommand': self.__InitCommand, 'InitCommandAck': self.__InitCommandACK, 'InitEvent': self.__InitEvent, 'InitFail': self.__InitFail, 'Command': self.__Command, 'Response': self.__Response, 'Event': self.__Event, 'StartData': self.__StartData, 'Data': self.__Data, 'EndData': self.__EndData, }, default=Pass, )) )) def __parse_response(self, ipdata): '''Helper method for parsing data.''' # Build up container with all PTP info. response = self.__PacketPayload.parse(ipdata) # Sneak in an implicit Session ID response['SessionID'] = self.session_id return response def __recv(self, event=False, wait=False, raw=False): '''Helper method for receiving packets.''' hdrlen = self.__Header.sizeof() with self.__implicit_session(): ip = ( actual_socket(self.__evtcon) if event else actual_socket(self.__cmdcon) ) data = bytes() while True: try: ipdata = ip.recv(hdrlen) except socket.timeout: if event: return None else: ipdata = ip.recv(hdrlen) if len(ipdata) == 0 and not event: raise PTPError('Command connection dropped') elif event: return None # Read a single entire header while len(ipdata) < hdrlen: ipdata += ip.recv(hdrlen - len(ipdata)) header = self.__Header.parse( ipdata[0:hdrlen] ) # Read a single entire packet while len(ipdata) < header.Length: ipdata += ip.recv(header.Length - len(ipdata)) # Run sanity checks. if header.Type not in [ 'Cancel', 'Data', 'Event', 'Response', 'StartData', 'EndData', ]: raise PTPError( 'Unexpected PTP/IP packet type {}' .format(header.Type) ) if header.Type not in ['StartData', 'Data', 'EndData']: break else: response = self.__parse_response(ipdata) if header.Type == 'StartData': expected = response.TotalDataLength current_transaction = response.TransactionID elif ( header.Type == 'Data' and response.TransactionID == current_transaction ): data += response.Data elif ( header.Type == 'EndData' and response.TransactionID == current_transaction ): data += response.Data datalen = len(data) if datalen != expected: logger.warning( '{} data than expected {}/{}' .format( 'More' if datalen > expected else 'Less', datalen, expected ) ) response['Data'] = data response['Type'] = 'Data' return response if raw: # TODO: Deal with raw Data packets?? return ipdata else: return self.__parse_response(ipdata) def __send(self, ptp_container, event=False): '''Helper method for sending packets.''' packet = self.__Packet.build(ptp_container) ip = ( actual_socket(self.__evtcon) if event else actual_socket(self.__cmdcon) ) while ip.sendall(packet) is not None: logger.debug('Failed to send {} packet'.format(ptp_container.Type)) def __send_request(self, ptp_container): '''Send PTP request without checking answer.''' # Don't modify original container to keep abstraction barrier. ptp = Container(**ptp_container) # Send unused parameters always ptp['Parameter'] += [0] * (5 - len(ptp.Parameter)) # Send request ptp['Type'] = 'Command' ptp['DataphaseInfo'] = 'In' ptp['Payload'] = self.__Command.build(ptp) self.__send(ptp) def __send_data(self, ptp_container, data): '''Send data without checking answer.''' # Don't modify original container to keep abstraction barrier. ptp = Container(**ptp_container) # Send data ptp['Type'] = 'Data' ptp['DataphaseInfo'] = 'Out' ptp['Payload'] = data self.__send(ptp) # Actual implementation # --------------------- def send(self, ptp_container, data): '''Transfer operation with dataphase from initiator to responder''' logger.debug('SEND {}{}'.format( ptp_container.OperationCode, ' ' + str(list(map(hex, ptp_container.Parameter))) if ptp_container.Parameter else '', )) with self.__implicit_session(): with self.__transaction_lock: self.__send_request(ptp_container) self.__send_data(ptp_container, data) # Get response and sneak in implicit SessionID and missing # parameters. return self.__recv() def recv(self, ptp_container): '''Transfer operation with dataphase from responder to initiator.''' logger.debug('RECV {}{}'.format( ptp_container.OperationCode, ' ' + str(list(map(hex, ptp_container.Parameter))) if ptp_container.Parameter else '', )) with self.__implicit_session(): with self.__transaction_lock: self.__send_request(ptp_container) dataphase = self.__recv() if hasattr(dataphase, 'Data'): response = self.__recv() if ( (ptp_container.TransactionID != dataphase.TransactionID) or (ptp_container.SessionID != dataphase.SessionID) or (dataphase.TransactionID != response.TransactionID) or (dataphase.SessionID != response.SessionID) ): raise PTPError( 'Dataphase does not match with requested operation' ) response['Data'] = dataphase.Data return response else: return dataphase def mesg(self, ptp_container): '''Transfer operation without dataphase.''' op = ptp_container['OperationCode'] if op == 'OpenSession': self.__open_implicit_session() with self.__implicit_session(): with self.__transaction_lock: self.__send_request(ptp_container) # Get response and sneak in implicit SessionID and missing # parameters for FullResponse. response = self.__recv() rc = response['ResponseCode'] if op == 'OpenSession': if rc != 'OK': self.__close_implicit_session() elif op == 'CloseSession': if rc == 'OK': self.__close_implicit_session() return response def event(self, wait=False): '''Check event. If `wait` this function is blocking. Otherwise it may return None. ''' evt = None ipdata = None timeout = None if wait else 0.001 if not self.__event_queue.empty(): ipdata = self.__event_queue.get(block=not wait, timeout=timeout) if ipdata is not None: evt = self.__parse_response(ipdata) return evt def __poll_events(self): '''Poll events, adding them to a queue.''' logger.debug('Start') while ( not self.__implicit_session_shutdown.is_set() and self.__implicit_session_open.is_set() and _main_thread_alive() ): try: evt = self.__recv(event=True, wait=False, raw=True) except OSError as e: if e.errno == 9 and not self.__implicit_session_open.is_set(): break else: raise e if evt is not None: logger.debug('Event queued') self.__event_queue.put(evt) sleep(5e-3) logger.debug('Stop') def __ping_pong(self): '''Poll events, adding them to a queue.''' logger.debug('Start') last = time() while ( not self.__implicit_session_shutdown.is_set() and self.__implicit_session_open.is_set() and _main_thread_alive() ): if time() - last > 10: logger.debug('PING') # TODO: implement Ping Pong last = time() sleep(0.10) logger.debug('Stop')
class Microsoft_AppV_ServiceLog_1_0(Etw): pattern = Struct( "stringValue1" / WString )
class USBTransport(object): '''Implement USB transport.''' def __init__(self, *args, **kwargs): device = kwargs.get('device', None) '''Instantiate the first available PTP device over USB''' logger.debug('Init USB') self.__setup_constructors() # If no device is specified, find all devices claiming to be Cameras # and get the USB endpoints for the first one that works. if device is None: logger.debug('No device provided, probing all USB devices.') if isinstance(device, six.string_types): name = device logger.debug( 'Device name provided, probing all USB devices for {}.' .format(name) ) device = None else: name = None devs = ( [device] if (device is not None) else find_usb_cameras(name=name) ) self.__claimed = False self.__acquire_camera(devs) self.__event_queue = Queue() self.__event_shutdown = Event() # Locks for different end points. self.__inep_lock = RLock() self.__intep_lock = RLock() self.__outep_lock = RLock() # Slightly redundant transaction lock to avoid catching other request's # response self.__transaction_lock = RLock() self.__event_proc = Thread( name='EvtPolling', target=self.__poll_events ) self.__event_proc.daemon = False atexit.register(self._shutdown) self.__event_proc.start() def __available_cameras(self, devs): for dev in devs: if self.__setup_device(dev): logger.debug('Found USB PTP device {}'.format(dev)) yield else: message = 'No USB PTP device found.' logger.error(message) raise PTPError(message) def __acquire_camera(self, devs): '''From the cameras given, get the first one that does not fail''' for _ in self.__available_cameras(devs): # Stop system drivers try: if self.__dev.is_kernel_driver_active( self.__intf.bInterfaceNumber): try: self.__dev.detach_kernel_driver( self.__intf.bInterfaceNumber) except usb.core.USBError: message = ( 'Could not detach kernel driver. ' 'Maybe the camera is mounted?' ) logger.error(message) except NotImplementedError as e: logger.debug('Ignoring unimplemented function: {}'.format(e)) # Claim camera try: logger.debug('Claiming {}'.format(repr(self.__dev))) usb.util.claim_interface(self.__dev, self.__intf) self.__claimed = True except Exception as e: logger.warn('Failed to claim PTP device: {}'.format(e)) continue self.__dev.reset() break else: message = ( 'Could not acquire any camera.' ) logger.error(message) raise PTPError(message) def _shutdown(self): logger.debug('Shutdown request') self.__event_shutdown.set() # Free USB resource on shutdown. # Only join a running thread. if self.__event_proc.is_alive(): self.__event_proc.join(2) try: if self.__claimed: logger.debug('Release {}'.format(repr(self.__dev))) usb.util.release_interface(self.__dev, self.__intf) except Exception as e: logger.warn(e) # Helper methods. # --------------------- def __setup_device(self, dev): '''Get endpoints for a device. True on success.''' self.__inep = None self.__outep = None self.__intep = None self.__cfg = None self.__dev = None self.__intf = None # Attempt to find the USB in, out and interrupt endpoints for a PTP # interface. for cfg in dev: for intf in cfg: if intf.bInterfaceClass == PTP_USB_CLASS: for ep in intf: ep_type = endpoint_type(ep.bmAttributes) ep_dir = endpoint_direction(ep.bEndpointAddress) if ep_type == ENDPOINT_TYPE_BULK: if ep_dir == ENDPOINT_IN: self.__inep = ep elif ep_dir == ENDPOINT_OUT: self.__outep = ep elif ((ep_type == ENDPOINT_TYPE_INTR) and (ep_dir == ENDPOINT_IN)): self.__intep = ep if not (self.__inep and self.__outep and self.__intep): self.__inep = None self.__outep = None self.__intep = None else: logger.debug('Found {}'.format(repr(self.__inep))) logger.debug('Found {}'.format(repr(self.__outep))) logger.debug('Found {}'.format(repr(self.__intep))) self.__cfg = cfg self.__dev = dev self.__intf = intf return True return False def __setup_constructors(self): '''Set endianness and create transport-specific constructors.''' # Set endianness of constructors before using them. self._set_endian('little') self.__Length = Int32ul self.__Type = Enum( Int16ul, default=Pass, Undefined=0x0000, Command=0x0001, Data=0x0002, Response=0x0003, Event=0x0004, ) # This is just a convenience constructor to get the size of a header. self.__Code = Int16ul self.__Header = Struct( 'Length' / self.__Length, 'Type' / self.__Type, 'Code' / self.__Code, 'TransactionID' / self._TransactionID, ) # These are the actual constructors for parsing and building. self.__CommandHeader = Struct( 'Length' / self.__Length, 'Type' / self.__Type, 'OperationCode' / self._OperationCode, 'TransactionID' / self._TransactionID, ) self.__ResponseHeader = Struct( 'Length' / self.__Length, 'Type' / self.__Type, 'ResponseCode' / self._ResponseCode, 'TransactionID' / self._TransactionID, ) self.__EventHeader = Struct( 'Length' / self.__Length, 'Type' / self.__Type, 'EventCode' / self._EventCode, 'TransactionID' / self._TransactionID, ) # Apparently nobody uses the SessionID field. Even though it is # specified in ISO15740:2013(E), no device respects it and the session # number is implicit over USB. self.__Param = Range(0, 5, self._Parameter) self.__CommandTransactionBase = Struct( Embedded(self.__CommandHeader), 'Payload' / Bytes( lambda ctx, h=self.__Header: ctx.Length - h.sizeof() ) ) self.__CommandTransaction = ExprAdapter( self.__CommandTransactionBase, encoder=lambda obj, ctx, h=self.__Header: Container( Length=len(obj.Payload) + h.sizeof(), **obj ), decoder=lambda obj, ctx: obj, ) self.__ResponseTransactionBase = Struct( Embedded(self.__ResponseHeader), 'Payload' / Bytes( lambda ctx, h=self.__Header: ctx.Length - h.sizeof()) ) self.__ResponseTransaction = ExprAdapter( self.__ResponseTransactionBase, encoder=lambda obj, ctx, h=self.__Header: Container( Length=len(obj.Payload) + h.sizeof(), **obj ), decoder=lambda obj, ctx: obj, ) def __parse_response(self, usbdata): '''Helper method for parsing USB data.''' # Build up container with all PTP info. logger.debug('Transaction:') usbdata = bytearray(usbdata) if logger.isEnabledFor(logging.DEBUG): for l in hexdump( six.binary_type(usbdata[:512]), result='generator' ): logger.debug(l) transaction = self.__ResponseTransaction.parse(usbdata) response = Container( SessionID=self.session_id, TransactionID=transaction.TransactionID, ) logger.debug('Interpreting {} transaction'.format(transaction.Type)) if transaction.Type == 'Response': response['ResponseCode'] = transaction.ResponseCode response['Parameter'] = self.__Param.parse(transaction.Payload) elif transaction.Type == 'Event': event = self.__EventHeader.parse( usbdata[0:self.__Header.sizeof()] ) response['EventCode'] = event.EventCode response['Parameter'] = self.__Param.parse(transaction.Payload) else: command = self.__CommandHeader.parse( usbdata[0:self.__Header.sizeof()] ) response['OperationCode'] = command.OperationCode response['Data'] = transaction.Payload return response def __recv(self, event=False, wait=False, raw=False): '''Helper method for receiving data.''' # TODO: clear stalls automatically ep = self.__intep if event else self.__inep lock = self.__intep_lock if event else self.__inep_lock usbdata = array.array('B', []) with lock: tries = 0 # Attempt to read a header while len(usbdata) < self.__Header.sizeof() and tries < 5: if tries > 0: logger.debug('Data smaller than a header') logger.debug( 'Requesting {} bytes of data' .format(ep.wMaxPacketSize) ) try: usbdata += ep.read( ep.wMaxPacketSize ) except usb.core.USBError as e: # Return None on timeout or busy for events if ( (e.errno is None and ('timeout' in e.strerror.decode() or 'busy' in e.strerror.decode())) or (e.errno == 110 or e.errno == 16 or e.errno == 5) ): if event: return None else: logger.warning('Ignored exception: {}'.format(e)) else: logger.error(e) raise e tries += 1 logger.debug('Read {} bytes of data'.format(len(usbdata))) if len(usbdata) == 0: if event: return None else: raise PTPError('Empty USB read') if ( logger.isEnabledFor(logging.DEBUG) and len(usbdata) < self.__Header.sizeof() ): logger.debug('Incomplete header') for l in hexdump( six.binary_type(bytearray(usbdata)), result='generator' ): logger.debug(l) header = self.__ResponseHeader.parse( bytearray(usbdata[0:self.__Header.sizeof()]) ) if header.Type not in ['Response', 'Data', 'Event']: raise PTPError( 'Unexpected USB transfer type. ' 'Expected Response, Event or Data but received {}' .format(header.Type) ) while len(usbdata) < header.Length: usbdata += ep.read( min( header.Length - len(usbdata), # Up to 64kB 64 * 2**10 ) ) if raw: return usbdata else: return self.__parse_response(usbdata) def __send(self, ptp_container, event=False): '''Helper method for sending data.''' ep = self.__intep if event else self.__outep lock = self.__intep_lock if event else self.__outep_lock transaction = self.__CommandTransaction.build(ptp_container) with lock: try: sent = 0 while sent < len(transaction): sent = ep.write( # Up to 64kB transaction[sent:(sent + 64*2**10)] ) except usb.core.USBError as e: # Ignore timeout or busy device once. if ( (e.errno is None and ('timeout' in e.strerror.decode() or 'busy' in e.strerror.decode())) or (e.errno == 110 or e.errno == 16 or e.errno == 5) ): logger.warning('Ignored USBError {}'.format(e.errno)) ep.write(transaction) def __send_request(self, ptp_container): '''Send PTP request without checking answer.''' # Don't modify original container to keep abstraction barrier. ptp = Container(**ptp_container) # Don't send unused parameters try: while not ptp.Parameter[-1]: ptp.Parameter.pop() if len(ptp.Parameter) == 0: break except IndexError: # The Parameter list is already empty. pass # Send request ptp['Type'] = 'Command' ptp['Payload'] = self.__Param.build(ptp.Parameter) self.__send(ptp) def __send_data(self, ptp_container, data): '''Send data without checking answer.''' # Don't modify original container to keep abstraction barrier. ptp = Container(**ptp_container) # Send data ptp['Type'] = 'Data' ptp['Payload'] = data self.__send(ptp) @property def _dev(self): return None if self.__event_shutdown.is_set() else self.__dev @_dev.setter def _dev(self, value): raise ValueError('Read-only property') # Actual implementation # --------------------- def send(self, ptp_container, data): '''Transfer operation with dataphase from initiator to responder''' datalen = len(data) logger.debug('SEND {} {} bytes{}'.format( ptp_container.OperationCode, datalen, ' ' + str(list(map(hex, ptp_container.Parameter))) if ptp_container.Parameter else '', )) with self.__transaction_lock: self.__send_request(ptp_container) self.__send_data(ptp_container, data) # Get response and sneak in implicit SessionID and missing # parameters. response = self.__recv() logger.debug('SEND {} {} bytes {}{}'.format( ptp_container.OperationCode, datalen, response.ResponseCode, ' ' + str(list(map(hex, response.Parameter))) if ptp_container.Parameter else '', )) return response def recv(self, ptp_container): '''Transfer operation with dataphase from responder to initiator.''' logger.debug('RECV {}{}'.format( ptp_container.OperationCode, ' ' + str(list(map(hex, ptp_container.Parameter))) if ptp_container.Parameter else '', )) with self.__transaction_lock: self.__send_request(ptp_container) dataphase = self.__recv() if hasattr(dataphase, 'Data'): response = self.__recv() if not (ptp_container.SessionID == dataphase.SessionID == response.SessionID): self.__dev.reset() raise PTPError( 'Dataphase session ID missmatch: {}, {}, {}.' .format( ptp_container.SessionID, dataphase.SessionID, response.SessionID ) ) if not (ptp_container.TransactionID == dataphase.TransactionID == response.TransactionID): self.__dev.reset() raise PTPError( 'Dataphase transaction ID missmatch: {}, {}, {}.' .format( ptp_container.TransactionID, dataphase.TransactionID, response.TransactionID ) ) if not (ptp_container.OperationCode == dataphase.OperationCode): self.__dev.reset() raise PTPError( 'Dataphase operation code missmatch: {}, {}.'. format( ptp_container.OperationCode, dataphase.OperationCode ) ) response['Data'] = dataphase.Data else: response = dataphase logger.debug('RECV {} {}{}{}'.format( ptp_container.OperationCode, response.ResponseCode, ' {} bytes'.format(len(response.Data)) if hasattr(response, 'Data') else '', ' ' + str(list(map(hex, response.Parameter))) if response.Parameter else '', )) return response def mesg(self, ptp_container): '''Transfer operation without dataphase.''' logger.debug('MESG {}{}'.format( ptp_container.OperationCode, ' ' + str(list(map(hex, ptp_container.Parameter))) if ptp_container.Parameter else '', )) with self.__transaction_lock: self.__send_request(ptp_container) # Get response and sneak in implicit SessionID and missing # parameters for FullResponse. response = self.__recv() logger.debug('MESG {} {}{}'.format( ptp_container.OperationCode, response.ResponseCode, ' ' + str(list(map(hex, response.Parameter))) if response.Parameter else '', )) return response def event(self, wait=False): '''Check event. If `wait` this function is blocking. Otherwise it may return None. ''' evt = None usbdata = None if wait: usbdata = self.__event_queue.get(block=True) elif not self.__event_queue.empty(): usbdata = self.__event_queue.get(block=False) if usbdata is not None: evt = self.__parse_response(usbdata) return evt def __poll_events(self): '''Poll events, adding them to a queue.''' while not self.__event_shutdown.is_set() and _main_thread_alive(): try: evt = self.__recv(event=True, wait=False, raw=True) if evt is not None: logger.debug('Event queued') self.__event_queue.put(evt) except usb.core.USBError as e: logger.error( '{} polling exception: {}'.format(repr(self.__dev), e) ) # check if disconnected if e.errno == 19: break except Exception as e: logger.error( '{} polling exception: {}'.format(repr(self.__dev), e) )
class IpAddressAdapter(Adapter): def _encode(self,obj,context): return "".join(chr(int(b)) for b in obj.split()) def _decode(self,obj,context): return ".".join(str(ord(b)) for b in obj) #IpAddressAdapter(Bytes("foo",4)).parse("\x01\x02\x03\x04") class PrintContext(Construct): def _parse(self, stream, context): print context print "hello" foo = Struct("foo", Byte("a"), Byte("b"), PrintContext("c"), Struct("bar", Byte("a"), Byte("b"), PrintContext("c"), ), PrintContext("d"), ) foo.parse("\x01\x02\x03\x04")
""" What : Internet Group Management Protocol, Version 2 How : http://www.ietf.org/rfc/rfc2236.txt Who : jesse @ housejunkie . ca """ from construct import Byte, Enum,Struct, UBInt16 from construct.protocols.layer3.ipv4 import IpAddress from binascii import unhexlify import six igmp_type = Enum(Byte("igmp_type"), MEMBERSHIP_QUERY = 0x11, MEMBERSHIP_REPORT_V1 = 0x12, MEMBERSHIP_REPORT_V2 = 0x16, LEAVE_GROUP = 0x17, ) igmpv2_header = Struct("igmpv2_header", igmp_type, Byte("max_resp_time"), UBInt16("checksum"), IpAddress("group_address"), ) if __name__ == '__main__': capture = unhexlify(six.b("1600FA01EFFFFFFD")) print (igmpv2_header.parse(capture))
class Microsoft_Windows_NFC_ClassExtension_310_1(Etw): pattern = Struct( "Status" / Int32ul )
from pox.ethanol.ssl_message.msg_core import field_intf_name, field_station from pox.ethanol.ssl_message.msg_core import field_mac_addr from pox.ethanol.ssl_message.msg_common import MSG_TYPE, VERSION from pox.ethanol.ssl_message.msg_common import send_and_receive_msg, len_of_string from pox.ethanol.events import Events events_snr_threshold_reached = Events() """to handle a receiving snr_threshold_reached message, just add your function to events_snr_threshold_reached your function must use 'def my_funct(**kwargs)' signature for compatibility @change: we send to parameters: msg, fromaddr, sta_mac, intf_name, mac_ap """ field_mac_ap = Struct( 'mac_ap', SLInt32('mac_ap_size'), If(lambda ctx: ctx["mac_ap_size"] > 0, CString("mac_ap")), ) """ handles a mac address field for the new ap (a C char * field) """ msg_snr_threshold_reached = Struct( 'msg_snr_threshold_reached', Embed(msg_default), # default fields Embed(field_station), Embed(field_mac_addr), # sta_mac Embed(field_intf_name), # intf_name Embed(field_mac_ap), # mac_ap SLInt64('snr'), # Probe() )
class Microsoft_Windows_NFC_ClassExtension_4_1(Etw): pattern = Struct( "MessageType" / Int8ul, "PacketBoundaryFlag" / Int8ul, "PacketSize" / Int16ul )
""" from __future__ import division, print_function import sys from construct import Array, Bytes, ULInt32, Struct import yaml _BOOTIMGHDR = Struct("boot_img_hdr", Bytes("magic", 8), ULInt32("kernel_size"), ULInt32("kernel_addr"), ULInt32("ramdisk_size"), ULInt32("ramdisk_addr"), ULInt32("second_size"), ULInt32("second_addr"), ULInt32("tags_addr"), ULInt32("page_size"), Array(2, ULInt32("unused")), Bytes("name", 16), Bytes("cmdline", 512), Array(8, ULInt32("id")), Bytes("extra_cmdline", 1024)) _HEADERLEN = _BOOTIMGHDR.sizeof() _OUT = "{filename}_{start:08x}-{end:08x}.{name}" def header_to_yaml(filename): with open(filename, 'rb') as f:
class Microsoft_Windows_NFC_ClassExtension_103_1(Etw): pattern = Struct( "FileObject" / Int64ul, "PayloadSize" / Int64ul )
class Microsoft_Windows_NFC_ClassExtension_308_1(Etw): pattern = Struct( "Status" / Int32ul, "Length" / Int16ul )
class Microsoft_AppV_ServiceLog_2_0(Etw): pattern = Struct( "WString1" / WString )
def ssexy_linux(fname, *eips): import elf32 from construct import Struct, ULInt32, ULInt16, ULInt8, Array, CString from construct import OptionalGreedyRange # assume low-endian binary elf32_rel = Struct('elf32_rel', ULInt32('r_offset'), ULInt32('r_info')) ELF32_R_SYM = lambda x: x.r_info >> 8 ELF32_R_TYPE = lambda x: x.r_info & 0xff R_386_PC32 = 2 elf32_sym = Struct('elf32_sym', ULInt32('st_name'), ULInt32('st_value'), ULInt32('st_size'), ULInt8('st_info'), ULInt8('st_other'), ULInt16('st_shndx')) elf = elf32.elf32_file.parse_stream(file(fname, 'rb')) # retrieve section by name elf32_section = lambda elf, name: [x for x in elf.sections if x.name == name][0] # for now we assume that all code is in the .text section code_section = [x for x in elf.sections if x.name == '.text'] if not len(code_section): raise Exception('your binary doesn\'t have a .text section..') relocs = [x.data.value for x in elf.sections if x.name == '.rel.dyn'] if not len(relocs): raise Exception('no relocs available, compile with -pie') # read all relocations relocs = Array(len(relocs[0]) / elf32_rel.sizeof(), elf32_rel).parse(relocs[0]) # now get the offsets of the relocations relocs = set([x.r_offset for x in relocs]) imports = {} # a list of addresses that were used. addresses = [] # a list of all m128 values we use m128s = [] # a list of all dword values we use m32s = [] instructions = pyasm2.block() # get string at offset dynstr = lambda x: CString(None).parse( elf32_section(elf, '.dynstr').data.value[x:]) # read the symbol table imports = OptionalGreedyRange(elf32_sym).parse(elf32_section(elf, '.dynsym').data.value) # resolve relocations section = elf32_section(elf, '.rel.dyn') relocates = {} for x in xrange(0, section.size, elf32_rel.sizeof()): x = elf32_rel.parse(section.data.value[x:x+elf32_rel.sizeof()]) # relocation to fixup addresses to imports if ELF32_R_TYPE(x) == R_386_PC32: relocates[x.r_offset] = dynstr(imports[ELF32_R_SYM(x)].st_name) # walk each section, find those that are executable and disassemble those section = elf32_section(elf, '.text') g = distorm3.DecomposeGenerator(section.addr, section.data.value, distorm3.Decode32Bits) for instr in g: # useless instruction? if str(instr) in ('NOP', 'ADD [EAX], AL', 'LEA ESI, [ESI]', 'INT 3') or str(instr)[:2] == 'DB': continue # a jump to one of the imports? #if instr.mnemonic == 'JMP' and instr.operands[0].type == \ # distorm3.OPERAND_ABSOLUTE_ADDRESS and \ # instr.operands[0].disp in imports: # iat_label[instr.address] = imports[instr.operands[0].disp] # continue # quite hackery, but when the jumps with thunk address have been # processed, we can be fairly sure that there will be no (legit) # code anymore. #if len(iat_label): # break #print str(instr) #print str(instr) # convert the instruction from distorm3 format to pyasm2 format. instr = distorm3_to_pyasm2(instr) # we create the block already here, otherwise our `labelnr' is # not defined. #block = pyasm2.block(pyasm2.Label('%08x' % instr.address), instr) offset_flat = None addr = instr.address # now we check if this instruction has a relocation inside it # not a very efficient way, but oke. reloc = instr.length > 4 and relocs.intersection(range( instr.address, instr.address + instr.length - 3)) if reloc: # make an immediate with `addr' set to True enable_addr = lambda x: Immediate(int(x), addr=True) # TODO support for two relocations in one instruction # (displacement *and* immediate) reloc = reloc.pop() if not hasattr(instr, 'op1'): instr.op1, instr.op2 = None, None # there is only one operand, that's easy if not instr.op2: #sys.stderr.write('reloc in op1 %s??\n' % instr.op1) if isinstance(instr.op1, pyasm2.MemoryAddress): # special occassion, this memory addres is an import if instr.op1.reg1 is None and \ instr.op1.reg2 is None and \ int(instr.op1.disp) in imports: instr.op1 = imports[int(instr.op1.disp)] else: addresses.append(int(instr.op1.disp)) # change the displacement to a label #instr.op1 = str(instr.op1).replace('0x', # '__lbl_00') instr.op1 = enable_addr(instr.op1) elif isinstance(instr.op1, pyasm2.Immediate): addresses.append(int(instr.op1)) offset_flat = int(instr.op1) #instr.op1 = str(instr.op1).replace('0x', # 'offset flat:__lbl_00') # if the second operand is an immediate and the relocation is # in the last four bytes of the instruction, then this # immediate is the reloc. Otherwise, if the second operand is # a memory address, then it's the displacement. elif isinstance(instr.op2, pyasm2.Immediate) and reloc == \ instr.address + instr.length - 4: # keep this address addresses.append(int(instr.op2)) # make a label from this address # TODO: fix this horrible hack offset_flat = int(instr.op2) #instr.op2 = pyasm2.Label('offset flat:__lbl_%08x' % # int(instr.op2), prepend=False) elif isinstance(instr.op2, pyasm2.MemoryAddress) and \ reloc == instr.address + instr.length - 4: addresses.append(int(instr.op2.disp)) # change the displacement to a label instr.op2 = enable_addr(instr.op2) #instr.op2 = str(instr.op2).replace('0x', '__lbl_00') #sys.stderr.write('reloc in op2 memaddr %s\n' % # str(instr.op2)) # the relocation is not inside the second operand, it must be # inside the first operand after all. elif isinstance(instr.op1, pyasm2.MemoryAddress): addresses.append(int(instr.op1.disp)) instr.op1 = enable_addr(instr.op1) #instr.op1 = str(instr.op1).replace('0x', '__lbl_00') #sys.stderr.write('reloc in op1 memaddr %s\n' % # str(instr.op1)) elif isinstance(instr.op1, pyasm2.Immediate): addresses.append(int(instr.op1)) instr.op1 = enable_addr(instr.op1) #instr.op1 = '__lbl_%08x' % int(instr.op1) #sys.stderr.write('reloc in op1 imm %s\n' % instr.op1) else: sys.stderr.write('Invalid Relocation!\n') #print instr m32len = len(m32s) instr = translate.Translater(instr, m128s, m32s).translate() if offset_flat: encode_offset_flat = lambda x: str(x).replace('0x', 'offset flat:__lbl_') if isinstance(x, (int, long, pyasm2.imm)) and int(x) == offset_flat or isinstance(x, pyasm2.mem) and x.disp == offset_flat else x if isinstance(instr, pyasm2.block): for x in instr.instructions: x.op1 = encode_offset_flat(x.op1) x.op2 = encode_offset_flat(x.op2) else: x.op1 = encode_offset_flat(x.op1) x.op2 = encode_offset_flat(x.op2) # update stuff m32s = m32s[:m32len] + [x.replace('0x%08x' % offset_flat, 'offset flat:__lbl_%08x' % offset_flat) for x in m32s[m32len:]] instructions += pyasm2.block(pyasm2.Label('%08x' % addr), instr) # remove any addresses that are from within the current section newlist = addresses[:] for i in xrange(len(addresses)): if addresses[i] >= code_section[0].addr and addresses[i] < \ code_section[0].addr + code_section[0].size: newlist[i] = None addresses = filter(lambda x: x is not None, newlist) # walk over each instruction, if it has references, we update them for instr in instructions.instructions: # we can skip labels if isinstance(instr, pyasm2.Label): continue # check for references to imports if isinstance(instr, pyasm2.RelativeJump): # not very good, but for now (instead of checking relocs) we check # if the index is in the iat tabel.. #if int(instr.lbl.index, 16) in iat_label: #instr.lbl.index = iat_label[int(instr.lbl.index, 16)] #instr.lbl.prepend = False continue program = ['.file "ssexy.c"', '.intel_syntax noprefix'] # we walk over each section, if a reference to this section has been found # then we will dump the entire section as bytecode.. with matching labels for section in elf.sections: base = section.addr data = section.data.value addr = set(range(base, base + section.size)).intersection(addresses) if addr: # create a header for this section program.append('.section %s' % section.name) # for now we do it the easy way.. one line and label per byte, lol for addr in xrange(section.size): program.append('__lbl_%08x: .byte 0x%02x' % (base + addr, ord(data[addr]))) # empty line.. program.append('') # now we define all xmm's etc we gathered program.append('.align 4') program += m32s program.append('.align 16') program += m128s # time to define 'main' program.append('.text') program.append('.globl Main') program.append('.type Main, @function') OEP = elf.entry # f****d up shit relocates = dict(('jmp __lbl_%08x' % k, 'jmp ' + v) for k, v in relocates.items()) eips = ['__lbl_%08x' % x for x in eips] # append each instruction for instr in instructions.instructions: # if this is an label, we want a colon as postfix if isinstance(instr, pyasm2.Label): program.append(str(instr) + ':') # if OEP is at this address, we will also add the `_main' label if str(instr) == '__lbl_%08x' % OEP: program.append('Main:') # we have to initialize the stack register, so.. # for now we assume esp gpr is stored as first gpr in xmm7 program.append('movd xmm7, esp') # if the label is in the list of addresses to which we have to add # an "movd xmm7, esp" instruction, then add it (e.g. callback # function for pthread_create) if str(instr) in eips: program.append('movd xmm7, esp') else: # TODO: fix this terrible hack as well program.append(str(instr).replace('byte', 'byte ptr').replace( 'word', 'word ptr').replace('retn', 'ret').replace( '__lbl_00400000', '0x400000').replace('oword ptr', '')) if program[-1] in relocates: program[-1] = relocates[program[-1]] print '\n'.join(program)
class Microsoft_Windows_NFC_ClassExtension_309_1(Etw): pattern = Struct( "Length" / Int32ul )