From 7c64eff59e0b8d3bb918d1d327417f304f3079e3 Mon Sep 17 00:00:00 2001
From: "SND\\kernelnet_cp"
 <SND\kernelnet_cp@9b283d60-5439-405e-af05-b73fd8c4d996>
Date: Thu, 29 Jul 2010 17:49:35 +0000
Subject: [PATCH] [+] added: proclist.py sample

git-svn-id: https://pykd.svn.codeplex.com/svn@53271 9b283d60-5439-405e-af05-b73fd8c4d996
---
 samples/proclist.py | 32 ++++++++++++++++++++++++++++++++
 1 file changed, 32 insertions(+)
 create mode 100644 samples/proclist.py

diff --git a/samples/proclist.py b/samples/proclist.py
new file mode 100644
index 0000000..d4308d2
--- /dev/null
+++ b/samples/proclist.py
@@ -0,0 +1,32 @@
+
+import sys
+from pykd import *
+
+
+def loadSymbols():
+
+   global nt
+   nt = loadModule( "nt" )
+   nt.PsActiveProcessHead = getOffset( "nt", "PsActiveProcessHead" )
+
+
+def printStacks():
+
+    processList = typedVarList( nt.PsActiveProcessHead, "nt", "_EPROCESS", "ActiveProcessLinks"  )
+
+    for process in processList:
+	dprintln( "".join( [ chr(i) for k, i in process.ImageFileName.items() ] ) )
+
+    return
+
+
+if __name__ == "__main__":
+
+    if not isSessionStart():
+        createSession()
+        loadDump( sys.argv[1] )
+        dprintln( sys.argv[1] + " - loaded OK" )
+
+    loadSymbols()
+
+    printStacks()