编写immunity debugger插件
来源:互联网 发布:用qq空间做淘宝客 编辑:程序博客网 时间:2024/05/21 11:05
=============================================================
如何执行以下代码,将xx.py放入
C:\Program Files\Immunity Inc\Immunity Debugger\PyCommands 以下目录
然后在命令栏
!xx
来执行
=============================================================
__VERSION__ = '2.0'
__REV__ = filter(str.isdigit, '$Revision: 557 $')__IMM__ = '1.8'
__DEBUGGERAPP__ = ''
arch = 32
win7mode = False
# try:
# import debugger
# except:
# pass
try:
import immlib as dbglib
from immlib import LogBpHook
__DEBUGGERAPP__ = "Immunity Debugger"
except:
try:
from pykd import *
import windbglib as dbglib
from windbglib import LogBpHook
dbglib.checkVersion()
arch = dbglib.getArchitecture()
__DEBUGGERAPP__ = "WinDBG"
except SystemExit, e:
print "-Exit."
import sys
sys.exit(e)
except Exception:
#import traceback
print "Do not run this script outside of a debugger !"
#print traceback.format_exc()
import sys
exit(1)
import getopt
try:
#import debugtypes
#import libdatatype
from immutils import *
except:
pass
import os
import re
import sys
import types
import random
import shutil
import struct
import string
import types
import urllib
import inspect
import datetime
import binascii
import itertools
import traceback
from operator import itemgetter
from collections import defaultdict, namedtuple
import cProfile
import pstats
import copy
imm = dbglib.Debugger()
'''
def main(args):
if not args:
imm.log( "no args")
else:
#create table
table=imm.createTable('Argument table',['Number','Argument'])
imm.log("Number of arguments : %d " % len(args))
cnt=0
while (cnt < len(args)):
table.add(0,["%d"%(cnt+1),"%s"%(args[cnt])])
cnt=cnt+1
'''
def usage():
imm.log(" ** No arguments specified ** ")
imm.log(" Usage : ")
imm.log(" blah blah")
def tohex(intAddress):
return "%08X" % intAddress
'''
def main(args):
if (args[0]=="readmem"):
if (len(args) > 1):
imm.log("Reading 8 bytes of memory at %s " % args[1])
cnt=0
memloc=int(args[1],16)
while (cnt < 8):
memchar = imm.readMemory(memloc+cnt,1)
memchar2 = hex(ord(memchar)).replace('0x','')
imm.log("Byte %d : %s" % (cnt+1,memchar2))
cnt=cnt+1
def main(args):
regs = imm.getRegs()
for reg in regs:
if reg=="EAX":
imm.log("Register %s : 0x%08X " % (reg,regs[reg]))
def main(args):
results=imm.searchCommandsOnModule(0x7c920000,"ret")
for result in results:
opc = imm.disasm(result[0])
opstring=opc.getDisasm()
imm.log("opstring %s " % (opstring))
#imm.log("results: %x" % result[0])
'''
def main(args):
regs = imm.getRegs()
for reg in regs:
if reg=="ECX":
ECX=regs[reg]
imm.log("Register %s : 0x%08X " % (reg,regs[reg]))
for EAX in range(1,500):
try:
ESI= imm.readLong(ECX+4*EAX)
EDX= imm.readLong(ESI)
opc = imm.disasm(EDX+0x34)
opstring=opc.getDisasm()
imm.log("EAX:%x ESI:%x EDX+0x34:%x opstring %s " % (EAX,ESI,EDX+0x34,opstring))
except Exception as e:
imm.log("EAX:%x Exception occuss" % EAX)
0 0
- 编写immunity debugger插件
- 编写Immunity Debugger插件的教程
- Immunity Debugger 1.3
- Immunity Debugger v1.4
- Immunity Debugger软件介绍
- Immunity Debugger PyCommands
- Python笔记---Immunity Debugger
- Immunity debugger安装
- Python笔记---Immunity Debugger
- 开始写Immunity Debugger PyCommand
- exploit - Immunity Debugger - PyCommands List
- 【转】immunity debugger Pycmmands添加模块--Python灰帽子
- 另一种 WinDbg 插件编写方法 - Debugger Engine Extension
- 另一种WinDbg插件编写方法-Debugger Engine Extension
- Plug-ins Phantom 1.20 and OllyDump 3.00 for Immunity Debugger by RSI
- Python灰帽子学习笔记(二)——Immunity Debugger部署硬钩子
- Debugger
- debugger
- 学习android之 Handler详细使用
- 运维神器-分分钟定位500错误!
- 2014年最新前端开发面试题集锦(题目列表+答案 完整版)
- XCode 模拟器路径
- 逆波兰式 HDU1237 简单计算器
- 编写immunity debugger插件
- 用深度优先搜索解迷宫问题
- fragment(7)fragment在v4包和app包中的区别以及getFragmentManager和getSupportFragmentManager
- Lombok推荐,消除冗长的java代码
- 第九周上机实践项目2-Time类中的运算符重载(续)
- CSS3圆角详解:border-radius
- jQuery.extend 函数各种用法
- 关于在树莓派上使用多个串口设备的问题
- 用广度优先搜索解迷宫问题