zjgcjy/pykd
1
0
Fork 0
mirror of https://github.com/ivellioscolin/pykd.git synced 2025-04-19 19:13:22 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

[0.2.x] fixed : UM samples

Browse Source 
git-svn-id: https://pykd.svn.codeplex.com/svn@81320 9b283d60-5439-405e-af05-b73fd8c4d996
This commit is contained in:
SND\kernelnet_cp 2012-11-22 09:19:16 +00:00 committed by Mikhail I. Izmestev
parent f9276a7dd7
commit bc1f4ce464
1 changed files with 11 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
samples/um/ldr.py
View File

@ -15,15 +15,20 @@ def listModuleFromLdr64():
name = typedVar( "ntdll!_UNICODE_STRING", mod.BaseDllName )
dprintln(loadWChars(name.Buffer, name.Length/2))
dprintln( "\n<u>32 bit modules:</u>", True)
try:
peb32 = typedVar( "ntdll32!_PEB", getCurrentProcess() - pageSize() )
peb32 = typedVar( "ntdll32!_PEB", getCurrentProcess() - pageSize() )
dprintln( "\n<u>32 bit modules:</u>", True)
moduleLst = typedVarList( peb32.Ldr.deref().InLoadOrderModuleList, "ntdll32!_LDR_DATA_TABLE_ENTRY", "InMemoryOrderLinks" )
moduleLst = typedVarList( peb32.Ldr.deref().InLoadOrderModuleList, "ntdll32!_LDR_DATA_TABLE_ENTRY", "InMemoryOrderLinks" )
for mod in moduleLst:
name = typedVar( "ntdll32!_UNICODE_STRING", mod.BaseDllName )
dprintln(loadWChars(name.Buffer, name.Length/2))
for mod in moduleLst:
name = typedVar( "ntdll32!_UNICODE_STRING", mod.BaseDllName )
dprintln(loadWChars(name.Buffer, name.Length/2))
except BaseException:
pass
def listModuleFromLdr():