Python decode примеры использования

Пример #1

Файл: __init__.py Проект: arizvisa/syringe

 def Test_d():
     code = '\xeb\xf0'
     n = ia32.promoteBranch_32( ia32.decode(code) )
     if ''.join(n) == '\xe9\xed\xff\xff\xff':
         raise Success
     print repr(decode(code)), repr(n)
     raise Failure

Пример #2

Файл: __init__.py Проект: mmg1/syringe-1

 def Test_d():
     code = '\xeb\xf0'
     n = ia32.promoteBranch_32(ia32.decode(code))
     if ''.join(n) == '\xe9\xed\xff\xff\xff':
         raise Success
     print repr(decode(code)), repr(n)
     raise Failure

Пример #3

Файл: instrument.py Проект: mmg1/syringe-1

        77350113 5b              pop     ebx
        77350114 59              pop     ecx
        77350115 6a00            push    0
        77350117 51              push    ecx
        77350118 e873fd0000      call    ntdll!ZwContinue (7735fe90)
        """
        """
        relocated
        ntdll!KiUserExceptionDispatcher+0xf:
        7735010f e9fafe4e89      jmp     0084000e
        77350114 59              pop     ecx
        77350115 6a00            push    0
        77350117 51              push    ecx
        77350118 e873fd0000      call    ntdll!ZwContinue (7735fe90)
        """
        """
        hook
        00840000 0ac0            or      al,al
        *00840002 0f841b01b176    je      ntdll!KiUserExceptionDispatcher+0x23 (77350123)
        00840008 5b              pop     ebx
        00840009 e90601b176      jmp     ntdll!KiUserExceptionDispatcher+0x14 (77350114)
        0084000e 90              nop
        0084000f e9ecffffff      jmp     00840000
    """
    if True:
        currentaddress = 0x840002
        sourceinstruction = ia32.decode('\x74\x0c')
        operand = 0x7735011f
        n = ia32.setRelativeAddress(currentaddress, sourceinstruction, operand)
        promoted = ia32.promoteBranch(n, 4)

Пример #4

Файл: instrument.py Проект: arizvisa/syringe

        77350115 6a00            push    0
        77350117 51              push    ecx
        77350118 e873fd0000      call    ntdll!ZwContinue (7735fe90)
        """

        """
        relocated
        ntdll!KiUserExceptionDispatcher+0xf:
        7735010f e9fafe4e89      jmp     0084000e
        77350114 59              pop     ecx
        77350115 6a00            push    0
        77350117 51              push    ecx
        77350118 e873fd0000      call    ntdll!ZwContinue (7735fe90)
        """

        """
        hook
        00840000 0ac0            or      al,al
        *00840002 0f841b01b176    je      ntdll!KiUserExceptionDispatcher+0x23 (77350123)
        00840008 5b              pop     ebx
        00840009 e90601b176      jmp     ntdll!KiUserExceptionDispatcher+0x14 (77350114)
        0084000e 90              nop
        0084000f e9ecffffff      jmp     00840000
    """
    if True:
        currentaddress = 0x840002
        sourceinstruction = ia32.decode('\x74\x0c')
        operand = 0x7735011f
        n = ia32.setRelativeAddress(currentaddress, sourceinstruction, operand)
        promoted = ia32.promoteBranch(n, 4)