vm.all_pages[p.paddr].append((a, p))
for addr, pages in vm.all_pages.iteritems():
if len(pages) > 1:
log("fsm", "match for 0x%x" % addr)
for ads, pg in pages:
log("fsm", "ads 0x%x: %s" % (ads, pg))
return True
##
## Main
##
peer = "172.16.131.128:1337"
vm = VM(CPUFamily.Intel, peer)
vm.nr_cr3 = 5
vm.ads = {}
log.setup(info=True,
fail=True,
gdb=False,
vm=True,
brk=True,
evt=False,
fsm=(True, log.blue))
vm.attach()
vm.stop()
# Target process
process_name = sys.argv[1]
# Some offsets for debian 2.6.32-5-486 kernel
settings = {
"thread_size": 8192,
"comm": 540,
"next": 240,
"mm": 268,
"pgd": 36
}
os = OSFactory(OSAffinity.Linux26, settings)
hook = os.find_process_filter(process_name)
##
## Main
##
vm = VM(CPUFamily.AMD, "192.168.254.254:1234")
vm.attach()
vm.stop()
vm.cpu.breakpoints.add_data_w(vm.cpu.sr.tr_base + 4, 4, hook)
while not vm.resume():
continue
vm.cpu.breakpoints.remove(1)
log("info", "success: %#x" % os.get_process_cr3())
vm.detach()
