git-svn-id: https://pykd.svn.codeplex.com/svn@57436 9b283d60-5439-405e-af05-b73fd8c4d996

2025-05-25 08:13:22 +08:00 · 2010-11-12 16:10:46 +00:00 · 2010-11-12 16:10:46 +00:00 · 54d2081257
commit 54d2081257
parent 39a14ab66b
4 changed files with 26 additions and 11 deletions
--- a/7
+++ b/7
@ -1,3 +1,10 @@
+version 0.0.10 12/11/2010
+[!] updated: loadUnicodeStr routine returns unicode string ( instead of ansi string )
+[!] bug fixed: issue #7623 ( memory routines failed to work at wow64 application )
+[+] added: windbg snippet displaying list of export for module
+[+] added: loadCStr, loadWStr routine added ( loading c-style string )
+[!] typedVar routine fixed: loading array of complex type 
+
 version 0.0.9 03/11/2010
 [+] added: windbg snippet displaying GDT entries
 [+] added: windbg snippet displaying VMCS structure ( Intel-VT virtualization context )
--- a/pykd/pykd.rc
+++ b/pykd/pykd.rc
@ -53,8 +53,8 @@ END
 //

 VS_VERSION_INFO VERSIONINFO
- FILEVERSION 0,0,9,0
- PRODUCTVERSION 0,0,9,0
+ FILEVERSION 0,0,10,0
+ PRODUCTVERSION 0,0,10,0
 FILEFLAGSMASK 0x17L
 #ifdef _DEBUG
 FILEFLAGS 0x1L
@ -70,11 +70,11 @@ BEGIN
        BLOCK "041904b0"
        BEGIN
            VALUE "FileDescription", "pykd - python extension for windbg"
-            VALUE "FileVersion", "0, 0, 9, 0"
+            VALUE "FileVersion", "0, 0, 10, 0"
            VALUE "InternalName", "pykd"
            VALUE "OriginalFilename", "pykd.dll"
            VALUE "ProductName", "pykd  - python extension for windbg"
-            VALUE "ProductVersion", "0, 0, 9, 0"
+            VALUE "ProductVersion", "0, 0, 10, 0"
        END
    END
    BLOCK "VarFileInfo"
--- a/snippets/export.py
+++ b/snippets/export.py
@ -12,12 +12,20 @@ def export( moduleName, mask = "*" ):
    module = loadModule( moduleName )
    dprintln( "Module: " + moduleName + " base: %x" % module.begin() + " end: %x" % module.end() )

-    dosHeader = typedVar( "nt", "_IMAGE_DOS_HEADER", module.begin() )
+
+    systemModule = loadModule( "nt" )
+
+    if systemModule==None:
+        systemModule = loadModule( "ntdll" ) 	
+
+
+#    dosHeader = typedVar( systemModule.name(), "_IMAGE_DOS_HEADER", module.begin() )
+

    if is64bitSystem():
-        ntHeader = typedVar( "nt", "_IMAGE_NT_HEADERS64", module.begin() + dosHeader.e_lfanew )
+        ntHeader = typedVar( systemModule.name(), "_IMAGE_NT_HEADERS64", module.begin() + ptrDWord( module.begin() + 0x3c ) )
    else:
-        ntHeader = typedVar( "nt", "_IMAGE_NT_HEADERS", module.begin() + dosHeader.e_lfanew )
+        ntHeader = typedVar( systemModule.name(), "_IMAGE_NT_HEADERS", module.begin() + ptrDWord( module.begin() + 0x3c ) )


    dprintln( "Export RVA: %x  Size: %x" % ( ntHeader.OptionalHeader.DataDirectory[0].VirtualAddress, ntHeader.OptionalHeader.DataDirectory[0].Size  ) )