def show_command_line(pid):
# Instance a Process object.
process = Process(pid)
# Print the process command line.
print process.get_command_line()
def show_command_line(pid):
# Instance a Process object.
process = Process(pid)
# Print the process command line.
print process.get_command_line()
def print_threads_and_modules(pid):
process = Process(pid)
print "process %d" % process.get_pid()
print process.get_command_line()
print "Threads"
for thread in process.iter_threads():
print "\t%d" % thread.get_tid()
print "Modules"
bits = process.get_bits()
for module in process.iter_modules():
print "\t%s\t%s" % (HexDump.address(module.get_base(),
bits), module.get_filename())
def main():
pid = int(sys.argv[1])
proc = Process(pid)
#= info
print "pid;", proc.get_pid()
print "is_alive;", proc.is_alive()
print "is_debugged;", proc.is_debugged()
print "is_wow;", proc.is_wow64()
print "arch;", proc.get_arch()
print "bits;", proc.get_bits()
print "filename:", proc.get_filename()
print "exit_time;", proc.get_exit_time()
print "running_time;", proc.get_running_time()
print "service;", proc.get_services()
print "policy;", proc.get_dep_policy()
print "peb;", proc.get_peb()
print "main_module;", proc.get_main_module()
print "peb_address", proc.get_peb_address()
print "entry_point;", proc.get_entry_point()
print "image_base;", proc.get_image_base()
print "image_name;", proc.get_image_name()
print "command_line;", proc.get_command_line()
print "environment;", proc.get_environment()
print "handle;", proc.get_handle()
print "resume;",proc.resume()
def proces_info(pid, addr=""):
x = int(addr, 16)
process = Process(pid)
print "get_arch:", process.get_arch()
print "get_bits:", process.get_bits()
# print "get_main_module:", process.get_main_module()
print "get_command_line:", process.get_command_line()
print "get_image_name:", (process.get_image_name())
print "get_image_base:", hex(process.get_image_base())
print "get_peb:", hex(process.get_peb().ImageBaseAddress)
print "get_peb_address:", hex(process.get_peb_address())
print "get_entry_point:", hex(process.get_entry_point())
def show_command_line(pid):
process = Process(pid)
print process.get_command_line()
def show_command_line(pid):
process = Process(pid)
print process.get_command_line()
pprint.pprint(process.get_environment())
def process_kill(pid):
process = Process(pid)
print process.get_command_line()
process.kill()
