Пример #1
0
    def test__init_heap_type(self):
        libc_hf_64 = heapwalker.make_heap_finder(self.libc_mh_64)
        libc_64_ctypes = self.libc_mh_64.get_target_platform().get_target_ctypes()

        libc_hf_32 = heapwalker.make_heap_finder(self.libc_mh_32)
        libc_32_ctypes = self.libc_mh_32.get_target_platform().get_target_ctypes()

        # winxp_hf_32 = heapwalker.make_heap_finder(self.winxp_mh_32)
        # winxp_32_ctypes = self.winxp_mh_32.get_target_platform().get_target_ctypes()

        # winxp_hf_64 = heapwalker.make_heap_finder(self.winxp_mh_64)
        # winxp_64_ctypes = self.winxp_mh_64.get_target_platform().get_target_ctypes()

        win7_hf_32 = heapwalker.make_heap_finder(self.win7_mh_32)
        win7_32_ctypes = self.win7_mh_32.get_target_platform().get_target_ctypes()

        # win7_hf_64 = heapwalker.make_heap_finder(self.win7_mh_64)
        # win7_64_ctypes = self.win7_mh_64.get_target_platform().get_target_ctypes()

        # 32 bits
        self.assertEquals(libc_32_ctypes.sizeof(libc_hf_32._heap_type), 8)
        self.assertEquals(win7_32_ctypes.sizeof(win7_hf_32._heap_type), 312)# 0x138
        # FIXME dump a winxp?
        # self.assertEquals(winxp_32_ctypes.sizeof(winxp_hf_32._init_heap_type(), 1430))

        # 64 bits
        self.assertEquals(libc_64_ctypes.sizeof(libc_hf_64._heap_type), 16)
Пример #2
0
    def test_make_heap_finder(self):
        libc_hf_64 = heapwalker.make_heap_finder(self.libc_mh_64)
        self.assertIn('test/src/test-ctypes3.64.dump', libc_hf_64._memory_handler.get_name(), )
        target = libc_hf_64._memory_handler.get_target_platform()
        self.assertEqual(target.get_os_name(), 'linux')
        self.assertEqual(target.get_cpu_bits(), 64)

        libc_hf_32 = heapwalker.make_heap_finder(self.libc_mh_32)
        target = libc_hf_32._memory_handler.get_target_platform()
        self.assertEqual(target.get_os_name(), 'linux')
        self.assertEqual(target.get_cpu_bits(), 32)

        win7_hf_32 = heapwalker.make_heap_finder(self.win7_mh_32)
        target = win7_hf_32._memory_handler.get_target_platform()
        self.assertEqual(target.get_os_name(), 'win7')
        self.assertEqual(target.get_cpu_bits(), 32)

        pass
    def test__init_heap_type(self):
        libc_hf_64 = heapwalker.make_heap_finder(self.libc_mh_64)
        libc_64_ctypes = self.libc_mh_64.get_target_platform().get_target_ctypes()

        libc_hf_32 = heapwalker.make_heap_finder(self.libc_mh_32)
        libc_32_ctypes = self.libc_mh_32.get_target_platform().get_target_ctypes()

        winxp_hf_32 = heapwalker.make_heap_finder(self.winxp_mh_32)
        winxp_32_ctypes = self.winxp_mh_32.get_target_platform().get_target_ctypes()

        winxp_hf_64 = heapwalker.make_heap_finder(self.winxp_mh_64)
        winxp_64_ctypes = self.winxp_mh_64.get_target_platform().get_target_ctypes()

        win7_hf_32 = heapwalker.make_heap_finder(self.win7_mh_32)
        win7_32_ctypes = self.win7_mh_32.get_target_platform().get_target_ctypes()

        win7_hf_64 = heapwalker.make_heap_finder(self.win7_mh_64)
        win7_64_ctypes = self.win7_mh_64.get_target_platform().get_target_ctypes()

        # 32 bits
        self.assertEquals(libc_32_ctypes.sizeof(libc_hf_32._heap_module.malloc_chunk), 8)
        # winXP
        walker = winxp_hf_32.list_heap_walkers()[0]
        self.assertEquals(winxp_32_ctypes.sizeof(walker._heap_module.HEAP), 1416)
        # win7
        walker = win7_hf_32.list_heap_walkers()[0]
        self.assertEquals(win7_32_ctypes.sizeof(walker._heap_module.HEAP), 520)# 0x138

        # 64 bits
        self.assertEquals(libc_64_ctypes.sizeof(libc_hf_64._heap_module.malloc_chunk), 16)
        walker = win7_hf_64.list_heap_walkers()[0]
        self.assertEquals(win7_64_ctypes.sizeof(walker._heap_module.HEAP), 520)
        walker = winxp_hf_64.list_heap_walkers()[0]
        self.assertEquals(winxp_64_ctypes.sizeof(walker._heap_module.HEAP), 2792) #   0xae8
Пример #4
0
    def test__init_heap_type(self):
        libc_hf_64 = heapwalker.make_heap_finder(self.libc_mh_64)
        libc_64_ctypes = self.libc_mh_64.get_target_platform().get_target_ctypes()

        libc_hf_32 = heapwalker.make_heap_finder(self.libc_mh_32)
        libc_32_ctypes = self.libc_mh_32.get_target_platform().get_target_ctypes()

        winxp_hf_32 = heapwalker.make_heap_finder(self.winxp_mh_32)
        winxp_32_ctypes = self.winxp_mh_32.get_target_platform().get_target_ctypes()

        winxp_hf_64 = heapwalker.make_heap_finder(self.winxp_mh_64)
        winxp_64_ctypes = self.winxp_mh_64.get_target_platform().get_target_ctypes()

        win7_hf_32 = heapwalker.make_heap_finder(self.win7_mh_32)
        win7_32_ctypes = self.win7_mh_32.get_target_platform().get_target_ctypes()

        win7_hf_64 = heapwalker.make_heap_finder(self.win7_mh_64)
        win7_64_ctypes = self.win7_mh_64.get_target_platform().get_target_ctypes()

        # 32 bits
        self.assertEquals(libc_32_ctypes.sizeof(libc_hf_32._heap_module.malloc_chunk), 8)
        # winXP
        walker = winxp_hf_32.list_heap_walkers()[0]
        self.assertEquals(winxp_32_ctypes.sizeof(walker._heap_module.HEAP), 1416)
        # win7
        walker = win7_hf_32.list_heap_walkers()[0]
        self.assertEquals(win7_32_ctypes.sizeof(walker._heap_module.HEAP), 520)# 0x138

        # 64 bits
        self.assertEquals(libc_64_ctypes.sizeof(libc_hf_64._heap_module.malloc_chunk), 16)
        walker = win7_hf_64.list_heap_walkers()[0]
        self.assertEquals(win7_64_ctypes.sizeof(walker._heap_module.HEAP), 520)
        walker = winxp_hf_64.list_heap_walkers()[0]
        self.assertEquals(winxp_64_ctypes.sizeof(walker._heap_module.HEAP), 2792) #   0xae8
Пример #5
0
 def get_heap_finder(self):
     """Returns the IHeapFinder for that process memory."""
     if self._heap_finder is None:
         self._heap_finder = heapwalker.make_heap_finder(self)
     return self._heap_finder
Пример #6
0
 def get_heap_finder(self):
     """Returns the IHeapFinder for that process memory."""
     if self._heap_finder is None:
         self._heap_finder = heapwalker.make_heap_finder(self)
     return self._heap_finder