[samples] updated: refactored samples

git-svn-id: https://pykd.svn.codeplex.com/svn@63978 9b283d60-5439-405e-af05-b73fd8c4d996
2025-04-20 03:23:23 +08:00 · 2011-04-14 16:01:29 +00:00 · 2011-04-14 16:01:29 +00:00 · de82f9d737
commit de82f9d737
parent e6af39ec59
20 changed files with 117 additions and 42 deletions
--- a/samples/break.py
+++ b/samples/break.py
@ -0,0 +1,42 @@
+#
+#
+#
+
+from pykd import *
+
+
+def bpCallback():
+
+    if is64bitSystem():
+        objAttr = typedVar( "ntdll", "_OBJECT_ATTRIBUTES", reg("r8") ) 
+    else:
+        objAttr = typedVar( "ntdll", "_OBJECT_ATTRIBUTES", ptrPtr(reg("esp") + 0xC) )  
+
+    name = loadUnicodeString( objAttr.ObjectName )
+
+    dprintln( "NtCreateFile: " + name )
+
+    return DEBUG_STATUS_NO_CHANGE
+
+
+
+
+if not isWindbgExt():
+    startProcess("notepad.exe")
+
+
+if not isDumpAnalyzing() and not isKernelDebugging():
+    	
+    nt = loadModule("ntdll")
+
+    b1 = bp( nt.NtCreateFile, bpCallback )
+
+    while go(): pass
+
+    dprintln( "exit process" )
+
+else:
+
+    dprintln( "The debugger must be connected to live usermode process" )    
+   
+        
--- a/samples/drvobj.py
+++ b/samples/drvobj.py
@ -80,14 +80,14 @@ def printDrvMajorTable( drvName ):

 if __name__ == "__main__":

-   if not isSessionStart():
-      createSession()
+   if not isWindbgExt():
      loadDump( sys.argv[1] )

-   loadSymbols();
-
-
-   printDrvMajorTable( "afd" )
+   if isKernelDebugging():
+       loadSymbols();
+       printDrvMajorTable( "afd" )
+   else:
+       dprintln( "not a kernel debugging" )

   
    
--- a/samples/idt.py
+++ b/samples/idt.py
@ -52,11 +52,14 @@ def checkInterrupt():

 if __name__ == "__main__":

-   if not isSessionStart():
-      createSession()
-      loadDump( sys.argv[1] )
+   if not isWindbgExt():
+      loadDump( sys.argv[1] ) 
+
+   if isKernelDebugging():
+       checkInterrupt()
+   else:
+       dprintln( "not a kernel debugging" )

-   checkInterrupt()



--- a/samples/proclist.py
+++ b/samples/proclist.py
@ -3,14 +3,10 @@ import sys
 from pykd import *


-def loadSymbols():
-
-   global nt
-   nt = loadModule( "nt" )
-
-
 def processInfo():

+    nt = loadModule( "nt" )
+
    processList = typedVarList( nt.PsActiveProcessHead, "nt", "_EPROCESS", "ActiveProcessLinks"  )

    for process in processList:
@ -20,11 +16,18 @@ def processInfo():

 if __name__ == "__main__":

-    if not isSessionStart():
-        createSession()
-        loadDump( sys.argv[1] )
-        dprintln( sys.argv[1] + " - loaded OK" )

-    loadSymbols()
+    while True:
+
+        if not isWindbgExt():
+            if not loadDump( sys.argv[1] ):
+                dprintln( sys.argv[1] + " - load failed" )
+                break
+
+        if not isKernelDebugging():
+            dprintln( "not a kernel debugging" )
+            break 
+                 
+        processInfo()
+        break      

-    processInfo()
--- a/samples/ssdt.py
+++ b/samples/ssdt.py
@ -52,9 +52,19 @@ def checkSSDT():

 if __name__ == "__main__":

-   if not isSessionStart():
-      createSession()
-      loadDump( sys.argv[1] )

-   checkSSDT()
+    while True:
+
+        if not isWindbgExt():
+            if not loadDump( sys.argv[1] ):
+                dprintln( sys.argv[1] + " - load failed" )
+                break
+
+        if not isKernelDebugging():
+            dprintln( "not a kernel debugging" )
+            break 
+                 
+        checkSSDT()
+        break      
+
 	
--- a/samples/stacks.py
+++ b/samples/stacks.py
@ -56,10 +56,14 @@ def printStack():

 if __name__ == "__main__":

-    if not isSessionStart():
-        createSession()
-        loadDump( sys.argv[1] )
-        dprintln( sys.argv[1] + " - loaded OK" )
+    while True:
+
+        if not isWindbgExt():
+            if not loadDump( sys.argv[1] ):
+                dprintln( sys.argv[1] + " - load failed" )
+                break
+                
+        printStack()
+        break      

-    printStack()

--- a/snippets/accessmask.py
+++ b/snippets/accessmask.py
@ -91,7 +91,7 @@ argc = len(sys.argv)
 if argc == 1 :
 	dprintln("Syntax: [object type] <;hex mask>;")
 	dprintln("Supported object types: process, thread, file, generic")
-	quit( "" )
+	quit( 0 )

 type = (argc > 2 and sys.argv[1]) or "generic"
 if argc > 2 :
--- a/snippets/alpc_conn.py
+++ b/snippets/alpc_conn.py
@ -41,7 +41,7 @@ def main():
    dprintln(main.__doc__)

 if __name__ == "__main__":
-  if not isSessionStart():
+  if not isWindbgExt():
    dprintln("Script is launch out of windbg")
    quit(0)

--- a/snippets/avl.py
+++ b/snippets/avl.py
@ -43,6 +43,7 @@ if __name__ == "__main__":

    if len( sys.argv ) < 2:
        printUsage()
+        quit(0)

    if len( sys.argv ) == 2:
        items = getAVLTable( addr64( expr( sys.argv[1] ) ) )
--- a/snippets/cr0.py
+++ b/snippets/cr0.py
@ -22,7 +22,7 @@ def cr0( value = 0 ):
   
 if __name__ == "__main__":

-   if not isSessionStart():
+   if not isWindbgExt():
       print "script is launch out of windbg"
       quit( 0 )

--- a/snippets/cr4.py
+++ b/snippets/cr4.py
@ -22,7 +22,7 @@ def cr4( value = 0 ):
   
 if __name__ == "__main__":

-   if not isSessionStart():
+   if not isWindbgExt():
       print "script is launch out of windbg"
       quit( 0 )

--- a/snippets/export.py
+++ b/snippets/export.py
@ -47,7 +47,7 @@ def export( moduleName, mask = "*" ):

 if __name__ == "__main__":

-    if not isSessionStart():
+    if not isWindbgExt():
        print "script is launch out of windbg"
        quit( 0 )

--- a/snippets/gdt.py
+++ b/snippets/gdt.py
@ -42,7 +42,7 @@ def printGdtHelp():

 if __name__ == "__main__":

-   if not isSessionStart():
+   if not isWindbgExt():
       print "script is launch out of windbg"
       quit( 0 )

--- a/snippets/help.py
+++ b/snippets/help.py
@ -48,6 +48,8 @@ def printDetail( name ):
     
    if name in pykd.__dict__:
        help( "pykd.%s" % name )
+   
+    dprintln( "\n\n<link cmd=\"!py help\">View content</link>", True )
    


--- a/snippets/iat.py
+++ b/snippets/iat.py
@ -56,7 +56,7 @@ def iat( moduleName, mask = "*" ):

 if __name__ == "__main__":

-    if not isSessionStart():
+    if not isWindbgExt():
        print "script is launch out of windbg"
        quit( 0 )

--- a/snippets/ndis.py
+++ b/snippets/ndis.py
@ -81,6 +81,16 @@ def printNdisObj():
        printBreakLine()

 if __name__ == "__main__":
+
+    if not isWindbgExt():
+        dprintln( "script is launch out of windbg" )
+        quit(0)
+
+    if not isKernelDebugging:
+        dprintln( "script for kernel mode only" )
+        quit(0)
+
+
    printNdisObj()    


--- a/snippets/ntobj.py
+++ b/snippets/ntobj.py
@ -168,7 +168,7 @@ if __name__ == "__main__":
      dprintln("obj: 0x%X" % obj + " type: 0x%X" % getType(obj))


-  if not isSessionStart():
+  if not isWindbgExt():
    print "Script is launch out of WinDBG"
    quit(0)

--- a/snippets/phidecheck.py
+++ b/snippets/phidecheck.py
@ -8,7 +8,7 @@ import ntobj

 if __name__ == "__main__":

-  if not isSessionStart():
+  if not isWindbgExt():
    print "Script is launch out of WinDBG"
    quit(0)

--- a/snippets/stlp.py
+++ b/snippets/stlp.py
@ -87,7 +87,7 @@ def printUsage():
 if __name__ == "__main__":
    global runningAsWinDbgExtension

-    runningAsWinDbgExtension = not isSessionStart()
+    runningAsWinDbgExtension = isWindbgExt()
    mapAddr = 0

    argc = len(sys.argv)
--- a/snippets/vmcs.py
+++ b/snippets/vmcs.py
@ -184,7 +184,7 @@ def vmcsPrint( addr ):

 if __name__ == "__main__":

-   if not isSessionStart():
+   if not isWindbgExt():
       dprintln( "script is launch out of windbg" )
       quit( 0 )