def _kill_all_processes(self):
'''
kill all processes with the same name
:return: True if all matching processes were killed properly, False otherwise
'''
if self._process:
try:
status = self._get_exe_status()
self.logger.debug("Current status is %s start kill process" %
status)
if status == 'Break':
self.logger.info(
"Process is in break status, kill process now")
pykd.killAllProcesses()
self._pid = None
self._process = None
else:
self.logger.info("Break in process, kill process now")
pykd.breakin()
self._wait_break()
# TODO: need find a way to replace time.sleep
time.sleep(0.05)
pykd.killAllProcesses()
self._pid = None
self._process = None
except:
self.logger.error('failed to kill process [%s]' %
traceback.format_exc())
return False
return True
def _kill_all_processes(self):
'''
kill all processes with the same name
:return: True if all matching processes were killed properly, False otherwise
'''
if self._process:
try:
status = self._get_exe_status()
self.logger.debug("Current status is %s start kill process" % status)
if status == 'Break':
self.logger.info("Process is in break status, kill process now")
pykd.killAllProcesses()
self._pid = None
self._process = None
else:
self.logger.info("Break in process, kill process now")
pykd.breakin()
self._wait_break()
# TODO: need find a way to replace time.sleep
time.sleep(0.05)
pykd.killAllProcesses()
self._pid = None
self._process = None
except:
self.logger.error('failed to kill process [%s]' % traceback.format_exc())
return False
return True
def main():
pykd.initialize()
pykd.handler = ExceptionHandler()
pykd.startProcess("hello.exe")
targetModule = pykd.module("hello")
targetModule.reload()
breakCount = callCounter()
b1 = pykd.setBp(targetModule.offset('add'), breakCount) # The b1 cannot be commented
print "There is %d breakpoint" % pykd.getNumberBreakpoints()
pykd.go()
print breakCount.count
targetModule = None
pykd.killAllProcesses()
def main():
pykd.initialize()
pykd.handler = ExceptionHandler()
pykd.startProcess("hello.exe")
targetModule = pykd.module("hello")
targetModule.reload()
breakCount = callCounter()
b1 = pykd.setBp(targetModule.offset('add'),
breakCount) # The b1 cannot be commented
print "There is %d breakpoint" % pykd.getNumberBreakpoints()
pykd.go()
print breakCount.count
targetModule = None
pykd.killAllProcesses()
def Monitor(self):
Generator = TestcaseGenerator()
Generator.CheckDir()
pykd.initialize()
Handler = ExceptionHandler()
testcase = os.listdir("Queue")[0]
try:
print "[*] Starting Scan64.exe"
pykd.startProcess("C:\\Program Files (x86)\\McAfee\\VirusScan Enterprise\\x64\\Scan64.Exe " + testcase)
pykd.dbgCommand(".childdbg 1")
except:
print "[!] Error starting process"
sys.exit(1)
try:
while Handler.keep_running:
self.GetProcess() # Get PID
print "[*] Attaching Debugger"
print "[*] Success!"
pykd.go()
print "[*] Killing pykd..."
pykd.killAllProcesses()
finally:
return
def kill_process(self):
pykd.killAllProcesses()
def kill_process(self):
pykd.killAllProcesses()
def run(self):
self.do_stop = False
try:
self.id = self.start_process()
self.pid = self.get_pid()
except:
log("Error launching process! %s" % str(sys.exc_info()[1]))
return None
if self.handler is None:
self.handler = ExceptionHandler()
if self.timeout is not None:
if str(self.timeout).lower() == "auto":
self.thread = Thread(target=self.check_cpu)
self.thread.start()
else:
self.timer = Timer(self.timeout, self.timeout_func)
self.timer.start()
while not self.handler.exception_occurred and not self.do_stop:
try:
pykd.go()
except:
break
if self.do_stop:
try:
pykd.dbgCommand(".kill")
except:
log("Exception killing target: %s" % str(sys.exc_info()[1]))
return None
if self.timer is not None:
self.timer.cancel()
ret = None
if self.handler.exception_occurred:
try:
pykd.breakin()
pykd.breakin()
except:
pass
tmp = pykd.dbgCommand("k 1")
if tmp.find("Wow64NotifyDebugger") > -1:
pykd.dbgCommand(".effmach x86")
registers = pykd.dbgCommand("r")
stack_trace = pykd.dbgCommand("k")
exploitable = None
msec_path = None
if self.exploitable_path is None:
if self.mode == 32:
msec_path = os.path.join(self.windbg_path, r"Debuggers\x86\winext")
elif self.mode == 64:
msec_path = os.path.join(self.windbg_path, r"Debuggers\x64\winext")
elif self.mode == "arm":
msec_path = os.path.join(self.windbg_path, r"Debuggers\arm\winext")
else:
raise Exception("Unknown mode %s, known ones are 32, 64 or 'arm'." % self.mode)
else:
msec_path = self.exploitable_path
if msec_path is not None:
full_msec_path = os.path.join(msec_path, r"msec.dll")
if os.path.exists(full_msec_path):
try:
msec_handle = pykd.loadExt(full_msec_path)
commandOutput = pykd.callExt(msec_handle, "exploitable", "")
exploitable = commandOutput
except:
log("Error loading extension: " + str(sys.exc_info()[1]))
try:
if self.minidump_path is not None:
pykd.dbgCommand(r".dump /m /u %s\\" % self.minidump_path)
log("*** Minidump written at %s" % self.minidump_path)
except:
log("!!! Error saving minidump:" + str(sys.exc_info()[1]))
ret = self.create_crash_data(registers, stack_trace, exploitable)
print pykd.dbgCommand("k 10")
print pykd.dbgCommand("r")
print exploitable
try:
pykd.killAllProcesses()
except:
log("Error killing processes: " + str(sys.exc_info()[1]))
crash_data_buf = self.crash_data.dump_json()
ret = self.crash_data.dump_dict()
print
print "Yep, we got a crash! \o/"
print
return ret
def tearDown(self):
self.taregtModule = None
pykd.killAllProcesses()
def tearDown(self):
pykd.killAllProcesses()
sumFile.write("\n")
# Need to use the full path
loadRet = pykd.dbgCommand("!load E:/Security/msec.dll")
expRet = pykd.dbgCommand("!exploitable")
#print loadRet
print expRet
sumFile.write(expRet)
sumFile.write("\n")
eip = pykd.reg("eip")
sumFile.write("eip: " + str(hex(eip)))
sumFile.write("\n")
sumFile.write("\n")
pykd.killAllProcesses()
#break
time.sleep(2)
sumFile.close()
#stackList = pykd.getStack()
#error = pykd.dbgCommand("!gle")
#print error
#lastDebugEvt = pykd.getLastEvent()
