[0.2.x] fixed : ldr.py sample

git-svn-id: https://pykd.svn.codeplex.com/svn@81856 9b283d60-5439-405e-af05-b73fd8c4d996
2025-04-20 03:23:23 +08:00 · 2012-12-17 14:30:17 +00:00 · 2012-12-17 14:30:17 +00:00 · 2e54670f05
commit 2e54670f05
parent 5b245b9b97
1 changed files with 3 additions and 3 deletions
--- a/samples/um/ldr.py
+++ b/samples/um/ldr.py
@ -9,7 +9,7 @@ def listModuleFromLdr64():
 
    peb = typedVar( "ntdll!PEB", getCurrentProcess() )

-    moduleLst = typedVarList( peb.Ldr.deref().InLoadOrderModuleList, "ntdll!_LDR_DATA_TABLE_ENTRY", "InMemoryOrderLinks" )
+    moduleLst = typedVarList( peb.Ldr.deref().InMemoryOrderModuleList, "ntdll!_LDR_DATA_TABLE_ENTRY", "InMemoryOrderLinks" )

    for mod in moduleLst:
        name = typedVar( "ntdll!_UNICODE_STRING", mod.BaseDllName )  
@ -21,7 +21,7 @@ def listModuleFromLdr64():

        dprintln( "\n<u>32 bit modules:</u>", True)

-        moduleLst = typedVarList( peb32.Ldr.deref().InLoadOrderModuleList, "ntdll32!_LDR_DATA_TABLE_ENTRY", "InMemoryOrderLinks" )
+        moduleLst = typedVarList( peb32.Ldr.deref().InMemoryOrderModuleList, "ntdll32!_LDR_DATA_TABLE_ENTRY", "InMemoryOrderLinks" )

        for mod in moduleLst:
            name = typedVar( "ntdll32!_UNICODE_STRING", mod.BaseDllName )  
@ -34,7 +34,7 @@ def listModuleFromLdr():

    peb = typedVar( "ntdll!PEB", getCurrentProcess() )
    
-    moduleLst = typedVarList( peb.Ldr.deref().InLoadOrderModuleList, "ntdll!_LDR_DATA_TABLE_ENTRY", "InMemoryOrderLinks" )
+    moduleLst = typedVarList( peb.Ldr.deref().InMemoryOrderModuleList, "ntdll!_LDR_DATA_TABLE_ENTRY", "InMemoryOrderLinks" )

    for mod in moduleLst:
        dprintln(loadUnicodeString(mod.BaseDllName))