def create_driver_object(self, name=None, pe=None): """ Create a driver object for the driver that is going to be emulated """ drv = objman.Driver(emu=self) # If no PE was supplied, assign a dummy driver if not pe: # Get the path for the dummy driver default_path = self.get_native_module_path('default_sys') pe = w32common.DecoyModule(path=default_path) if name: bn = ntpath.basename(name) else: bn = 'none' pe.decoy_path = ('%sdrivers\\%s.sys' % (self.get_system_root(), os.path.basename(bn))) pe.decoy_base = pe.get_base() else: if not name: bn = pe.path path = '%sdrivers\\%s' % (self.get_system_root(), os.path.basename(bn)) pe.decoy_path = path pe.decoy_base = pe.base drv.init_driver_object(name, pe, is_decoy=False) self.add_object(drv) self.drivers.append(drv) return drv
def init_sys_modules(self, modules_config): """ Get the system modules (e.g. drivers) that are loaded in the emulator """ sys_mods = [] for modconf in modules_config: mod = w32common.DecoyModule() mod.name = modconf['name'] base = modconf.get('base_addr') if isinstance(base, str): base = int(base, 16) mod.decoy_base = base mod.decoy_path = modconf['path'] drv = modconf.get('driver') if drv: devs = drv.get('devices') for dev in devs: name = dev.get('name', '') do = self.new_object(objman.Device) do.name = name sys_mods.append(mod) return sys_mods
def create_driver_object(self, name=None, pe=None): """ Create a driver object for the driver that is going to be emulated """ drv = objman.Driver(emu=self) # If no PE was supplied, assign a dummy driver if not pe: # Get the path for the dummy driver default_path = self.get_native_module_path('default_sys') pe = w32common.DecoyModule(path=default_path) if name: bn = ntpath.basename(name) else: bn = 'none' pe.decoy_path = ('%sdrivers\\%s.sys' % (self.get_system_root(), os.path.basename(bn))) pe.decoy_base = pe.get_base() ep = pe.get_base() + pe.ep drv.object.MajorFunction[ddk.IRP_MJ_CREATE] = ep + 1 drv.object.MajorFunction[ddk.IRP_MJ_READ] = ep + 2 drv.object.MajorFunction[ddk.IRP_MJ_WRITE] = ep + 3 drv.object.MajorFunction[ddk.IRP_MJ_DEVICE_CONTROL] = ep + 4 drv.object.MajorFunction[ddk.IRP_MJ_PNP] = ep + 5 drv.object.MajorFunction[ ddk.IRP_MJ_INTERNAL_DEVICE_CONTROL] = ep + 6 else: if not name: bn = pe.path path = '%sdrivers\\%s' % (self.get_system_root(), os.path.basename(bn)) pe.decoy_path = path pe.decoy_base = pe.base drv.init_driver_object(name, pe) self.add_object(drv) self.drivers.append(drv) return drv