Python MemoryInformation示例

编程语言: Python

命名空间/包名称: grr.lib.rdfvalues.rekall_types

方法/功能: MemoryInformation

hotexamples.com的示例: 4

Python MemoryInformation - 已找到4个示例。这些是从开源项目中提取的最受好评的grr.lib.rdfvalues.rekall_types.MemoryInformation现实Python示例。您可以评价示例，以帮助我们提高示例质量。

示例#1

显示文件

    def GetMemoryInformation(self, _):
        reply = rdf_rekall_types.MemoryInformation(device=rdf_paths.PathSpec(
            path=r"\\.\pmem", pathtype=rdf_paths.PathSpec.PathType.MEMORY))
        reply.runs.Append(offset=0x1000, length=0x10000)
        reply.runs.Append(offset=0x20000, length=0x10000)

        return [reply]

示例#2

显示文件

文件： memory_test.py 项目： ookumusoglu/grr

 def Start(self):
   self.SendReply(rdf_rekall_types.MemoryInformation(
       device=rdf_paths.PathSpec(
           path=os.path.join(config_lib.CONFIG["Test.data_dir"],
                             "searching/auth.log"),
           pathtype=rdf_paths.PathSpec.PathType.OS),
       runs=[rdf_client.BufferReference(length=638976, offset=5),
             rdf_client.BufferReference(length=145184, offset=643074)]))

示例#3

显示文件

文件： memory.py 项目： gitlabsyncint/grr

    def GetMemoryInformation(self):
        result = rdf_rekall_types.MemoryInformation(
            cr3=self.session.GetParameter("dtb", 0), device=self.pathspec)

        for run in self.address_space.get_address_ranges():
            result.runs.Append(offset=run.start, length=run.length)

        return result

示例#4

显示文件

            def GetMemoryInformation(self, _):
                """Mock out the driver loading code to pass the memory image."""
                reply = rdf_rekall_types.MemoryInformation(
                    device=rdf_paths.PathSpec(
                        path=image_path,
                        pathtype=rdf_paths.PathSpec.PathType.OS))

                reply.runs.Append(offset=0, length=1000000000)

                return [reply]