zjgcjy/pykd
1
0
Fork 0
mirror of https://github.com/ivellioscolin/pykd.git synced 2025-04-20 03:23:23 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

[~] skip unresolved imports

Browse Source 
[~] optimized for new functional of pykd

git-svn-id: https://pykd.svn.codeplex.com/svn@61770 9b283d60-5439-405e-af05-b73fd8c4d996
This commit is contained in:
SND\EreTIk_cp 2011-02-21 10:07:11 +00:00
parent d3a22fc0a8
commit f2471ac5a0
1 changed files with 8 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
samples/synimp.py
View File

@ -16,29 +16,24 @@ def addSymSymbolsByImports(dbgModule):
if ntHeader.OptionalHeader.Magic == 0x10b: if ntHeader.OptionalHeader.Magic == 0x10b:
systemModule = loadModule( "ntdll32" ) systemModule = loadModule( "ntdll32" )
ntHeader = typedVar( systemModule.name(), "_IMAGE_NT_HEADERS", dbgModule.begin() + ptrDWord( dbgModule.begin() + 0x3c ) ) ntHeader = typedVar( systemModule.name(), "_IMAGE_NT_HEADERS", dbgModule.begin() + ptrDWord( dbgModule.begin() + 0x3c ) )
pSize = 4
else:
pSize = 8
else: else:
ntHeader = typedVar( systemModule.name(), "_IMAGE_NT_HEADERS", dbgModule.begin() + ptrDWord( dbgModule.begin() + 0x3c ) ) ntHeader = typedVar( systemModule.name(), "_IMAGE_NT_HEADERS", dbgModule.begin() + ptrDWord( dbgModule.begin() + 0x3c ) )
pSize = 4
if ntHeader.OptionalHeader.DataDirectory[12].Size == 0: if ntHeader.OptionalHeader.DataDirectory[12].Size == 0:
return return
iatAddr = dbgModule.begin() + ntHeader.OptionalHeader.DataDirectory[12].VirtualAddress; iatAddr = dbgModule.begin() + ntHeader.OptionalHeader.DataDirectory[12].VirtualAddress;
for i in range( 0, ntHeader.OptionalHeader.DataDirectory[12].Size / pSize ): for i in range( 0, ntHeader.OptionalHeader.DataDirectory[12].Size / ptrSize() ):
pIatEtry = iatAddr + i*pSize; pIatEtry = iatAddr + i*ptrSize();
iatEntry = ptrPtr( pIatEtry )
if ( pSize == 4 ):
iatEntry = ptrDWord( pIatEtry )
else:
iatEntry = ptrQWord( pIatEtry )
if iatEntry != 0: if iatEntry != 0:
symbolName = findSymbol( iatEntry ) try:
addSynSymbol(pIatEtry, pSize, "_imp_" + symbolName) symbolName = findSymbol( iatEntry )
addSynSymbol(pIatEtry, ptrSize(), "_imp_" + symbolName)
except TypeError:
dprintln( "Symbol for 0x%x" % iatEntry + " not found" )
if __name__ == "__main__": if __name__ == "__main__":