zjgcjy/pykd
1
0
Fork 0
mirror of https://github.com/ivellioscolin/pykd.git synced 2025-04-19 02:53:22 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

[0.1.x] updated: samples

Browse Source 
git-svn-id: https://pykd.svn.codeplex.com/svn@76406 9b283d60-5439-405e-af05-b73fd8c4d996
This commit is contained in:
SND\kernelnet_cp 2012-05-17 16:06:25 +00:00 committed by Mikhail I. Izmestev
parent 4231325aab
commit f1e249c61b
5 changed files with 80 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

0
samples/km/__init__.py Normal file
View File

10
samples/km/drvobj.py
View File

@ -67,13 +67,15 @@ def printDrvMajorTable( drvName ):
for i in range( len(drvObj.MajorFunction) ):
dprintln( "MajorFunction[%d] = %s" % ( i, findSymbol( drvObj.MajorFunction[i] ) ) )
def run():
loadSymbols();
printDrvMajorTable( "afd" )
if __name__ == "__main__":
if not isWindbgExt():
loadDump( sys.argv[1] )
if not isWindbgExt():
loadDump( sys.argv[1] )
loadSymbols();
run()
printDrvMajorTable( "afd" )

3
samples/km/proclist.py
View File

@ -2,7 +2,6 @@
import sys
from pykd import *
def processInfo():
nt = module( "nt" )
@ -12,6 +11,8 @@ def processInfo():
for process in processList:
print "".join( [chr(i) for i in process.ImageFileName if i != 0] )
def run():
processInfo()
def main():

10
samples/km/ssdt.py
View File

@ -43,11 +43,12 @@ def checkSSDT():
for i in range( 0, serviceCount ):
dprintln( "[%u] " % i + findSymbol( serviceTable[i] ) )
def run():
checkSSDT()
if __name__ == "__main__":
while True:
if not isWindbgExt():
@ -58,8 +59,7 @@ if __name__ == "__main__":
if not isKernelDebugging():
dprintln( "not a kernel debugging" )
break
checkSSDT()
break
run()
break

74
samples/samples.py
View File

@ -1,11 +1,71 @@
import sys
import os.path
from pykd import dprintln
from pykd import dprint
def printAllSamples():
dprintln( "<b>Kernel mode</b>", True )
dprintln( "Get process list <link cmd=\"!py samples run km.proclist\">Run</link> <link cmd=\"!py samples source km.proclist\">Source</link>", True)
dprintln( "Get kernel service list <link cmd=\"!py samples run km.ssdt\">Run</link> <link cmd=\"!py samples source km.ssdt\">Source</link>", True)
dprintln( "Get driver object <link cmd=\"!py samples run km.drvobj\">Run</link> <link cmd=\"!py samples source km.drvobj\">Source</link>", True)
dprintln( "" )
def runSample( sampleName ):
try:
packageName, moduleName = sampleName.split(".")
module = __import__( name = sampleName, fromlist = moduleName )
module.__dict__[ "run" ]()
except ImportError:
dprintln("import error")
pass
dprintln( "" )
dprintln( "<link cmd=\"!py samples\">Sample list</link>", True )
dprintln( "" )
def printSample( sampleName ):
try:
packageName, moduleName = sampleName.split(".")
module = __import__( name = sampleName, fromlist = moduleName )
fileName = os.path.dirname( module.__dict__["__file__"] )
fileName = os.path.join( fileName, moduleName + ".py" )
with open( fileName ) as f:
for line in f:
dprint( line )
except ImportError:
dprintln("import error")
pass
dprintln( "" )
dprintln( "<link cmd=\"!py samples\">Sample list</link>", True )
dprintln( "" )
def main():
if len(sys.argv) <= 2:
return printAllSamples()
if sys.argv[1] == "run":
runSample( sys.argv[2] )
if sys.argv[1] == "source":
printSample( sys.argv[2] )
if __name__ == "__main__":
main()
dprintln( "<b>Kernel mode</b>", True )
dprintln( "<link cmd=\"!py proclist\">Get process list</link>", True )
dprintln( "<link cmd=\"!py ssdt\">Get kernel service list (SDT)</link>", True )
dprintln( "<link cmd=\"!py drvobj\">Get driver object</link>", True )
dprintln("")
dprintln( "<b>User mode</b>", True )
dprintln("")