pebs_entries_buffer)
return pebs_entries_buffer
def dump_PEBS_records(self):
ds_addr, ds_content = self.get_DsManagementArea(proc_nb)
print("PEBSBufferBase = {0}".format(hex(ds_content.PEBSBufferBase)))
x = self.get_pebs_records(0)
for pebs_record in x:
print(" {0} = {1}".format("rip", hex(pebs_record.rip)))
# BTS
kdbg = LocalKernelDebugger()
check_feature(kdbg)
kdbg.reload()
kdbg.set_current_processor(0)
btsm = BTSManager(kdbg)
btsm.setup_DsManagementArea(0)
btsm.setup_BTS(0, buffer_size=0x100000)
btsm.start_BTS(enable=1)
import time
time.sleep(1)
btsm.stop_BTS()
btsm.dump_bts()
# # PEBS
# kdbg = LocalKernelDebugger()
# check_feature(kdbg)
# kdbg.set_current_processor(0)
# pebsm = PEBSManager(kdbg)
# pebsm.setup_DsManagementArea(0)
kdbg.read_virtual_memory_into(ds_content.PEBSBufferBase, pebs_entries_buffer)
return pebs_entries_buffer
def dump_PEBS_records(self):
ds_addr, ds_content = self.get_DsManagementArea(proc_nb)
print("PEBSBufferBase = {0}".format(hex(ds_content.PEBSBufferBase)))
x = self.get_pebs_records(0)
for pebs_record in x:
print(" {0} = {1}".format("rip", hex(pebs_record.rip)))
# BTS
kdbg = LocalKernelDebugger()
check_feature(kdbg)
kdbg.reload()
kdbg.set_current_processor(0)
btsm = BTSManager(kdbg)
btsm.setup_DsManagementArea(0)
btsm.setup_BTS(0, buffer_size=0x100000)
btsm.start_BTS(enable=1)
import time
time.sleep(1)
btsm.stop_BTS()
btsm.dump_bts()
# # PEBS
# kdbg = LocalKernelDebugger()
# check_feature(kdbg)
# kdbg.set_current_processor(0)
