編寫immunity debugger插件

=============================================================

如何執行以下代碼，將xx.py放入

C:\Program Files\Immunity Inc\Immunity Debugger\PyCommands  以下目錄

然後在命令欄

!xx

來執行

=============================================================

__VERSION__ = '2.0'

__REV__ = filter(str.isdigit, '$Revision: 557 $')
__IMM__ = '1.8'
__DEBUGGERAPP__ = ''
arch = 32
win7mode = False

# try:
#     import debugger
# except:
#     pass
try:
    import immlib as dbglib
    from immlib import LogBpHook
    __DEBUGGERAPP__ = "Immunity Debugger"
except:        
    try:
        from pykd import *
        import windbglib as dbglib
        from windbglib import LogBpHook
        dbglib.checkVersion()
        arch = dbglib.getArchitecture()
        __DEBUGGERAPP__ = "WinDBG"
    except SystemExit, e:
        print "-Exit."
        import sys
        sys.exit(e)
    except Exception:
        #import traceback
        print "Do not run this script outside of a debugger !"
        #print traceback.format_exc()
        import sys
        exit(1)

import getopt

try:
    #import debugtypes
    #import libdatatype
    from immutils import *
except:
    pass

        
import os
import re
import sys
import types
import random
import shutil
import struct
import string
import types
import urllib
import inspect
import datetime
import binascii
import itertools
import traceback

from operator import itemgetter
from collections import defaultdict, namedtuple

import cProfile
import pstats

import copy

imm = dbglib.Debugger()


'''
def main(args):
    if not args:
        imm.log( "no args")
    else:
        #create table
        table=imm.createTable('Argument table',['Number','Argument'])
        imm.log("Number of arguments : %d " % len(args))
        cnt=0
        while (cnt < len(args)):
            table.add(0,["%d"%(cnt+1),"%s"%(args[cnt])])
            cnt=cnt+1
'''
def usage():
   imm.log("  ** No arguments specified ** ")
   imm.log("  Usage : ")
   imm.log("       blah blah")

def tohex(intAddress):
   return "%08X" % intAddress
    
'''
def main(args):
    if (args[0]=="readmem"):
        if (len(args) > 1):
            imm.log("Reading 8 bytes of memory at %s " % args[1])
            cnt=0
            memloc=int(args[1],16)
            while (cnt < 8):
                memchar = imm.readMemory(memloc+cnt,1)
                memchar2 = hex(ord(memchar)).replace('0x','')
                imm.log("Byte %d : %s" % (cnt+1,memchar2))
                cnt=cnt+1

def main(args):
    regs = imm.getRegs()
    for reg in regs:
        if reg=="EAX":
            imm.log("Register %s : 0x%08X " % (reg,regs[reg]))

def main(args):
    results=imm.searchCommandsOnModule(0x7c920000,"ret")
    for result in results:
        opc = imm.disasm(result[0])
        opstring=opc.getDisasm()
        imm.log("opstring %s " % (opstring))
        #imm.log("results: %x" % result[0])
'''
def main(args):
    regs = imm.getRegs()
    for reg in regs:
        if reg=="ECX":
            ECX=regs[reg]
            imm.log("Register %s : 0x%08X " % (reg,regs[reg]))
    for EAX in range(1,500):
        try:
            ESI= imm.readLong(ECX+4*EAX)
            EDX= imm.readLong(ESI)
            opc = imm.disasm(EDX+0x34)
            opstring=opc.getDisasm()
            imm.log("EAX:%x ESI:%x EDX+0x34:%x opstring %s " % (EAX,ESI,EDX+0x34,opstring))
        except Exception as e:
            imm.log("EAX:%x Exception occuss" % EAX)