Exemplo n.º 1
0
    def get_value_from_address(self,
                               process_handle,
                               address,
                               is_float=False,
                               is_64bit=False,
                               is_string=False):
        """
        """
        t_size = None
        if is_string:
            t_size = 16
        elif is_64bit:
            t_size = SIZE_OF(ULONGLONG)
        else:
            t_size = SIZE_OF(ULONG)

        try:
            data = kernel32.read_process_memory(process_handle, address,
                                                t_size)
            if is_string:
                try:
                    return data.decode('utf-8')
                except UnicodeError:
                    sys.stdout.write(
                        "ERROR: Couldn't decode string from memory")
                    return 'ERROR'
            elif is_float:
                return struct.unpack('<f', data)[0]
            else:
                return int.from_bytes(data, byteorder='little')
        except Exception:
            sys.stdout.write('Read process memory. Error: Code {}'.format(
                kernel32.get_last_error()))
            self.reacquire_everything()
            raise
Exemplo n.º 2
0
 def __get_pointer_value(process_handle, address):
     try:
         address = kernel32.read_process_memory(process_handle, address,
                                                SIZE_OF(ULONGLONG))
         return struct.unpack('<Q', address)[0]
     except (OSError, struct.error):
         return None
Exemplo n.º 3
0
 def _read_address(self, process_handle, address):
     try:
         memory_value = kernel32.read_process_memory(
             process_handle, address, type_limits.get_size(self.value))
         return struct.unpack(type_limits.get_struct_format(self.value),
                              memory_value)[0]
     except (OSError, struct.error):
         kernel32.close_handle(process_handle)
         raise
Exemplo n.º 4
0
 def get_pointer_value(self, process_handle, address):
     """
     """
     try:
         address = kernel32.read_process_memory(process_handle, address,
                                                SIZE_OF(ULONGLONG))
         return int.from_bytes(address, byteorder='little')
     except OSError:
         return None
Exemplo n.º 5
0
 def get_block_data(self, process_handle, address, size_of_block):
     """
     """
     try:
         data = kernel32.read_process_memory(process_handle, address,
                                             size_of_block)
     except OSError:
         sys.stdout.write('Getting Block of Data Error: Code {}'.format(
             kernel32.get_last_error()))
     return data