=============================================================
如何執行以下代碼,將xx.py放入
C:\Program Files\Immunity Inc\Immunity Debugger\PyCommands 以下目錄
然後在命令欄
!xx
來執行
=============================================================
__VERSION__ = '2.0'
__REV__ = filter(str.isdigit, '$Revision: 557 $')__IMM__ = '1.8'
__DEBUGGERAPP__ = ''
arch = 32
win7mode = False
# try:
# import debugger
# except:
# pass
try:
import immlib as dbglib
from immlib import LogBpHook
__DEBUGGERAPP__ = "Immunity Debugger"
except:
try:
from pykd import *
import windbglib as dbglib
from windbglib import LogBpHook
dbglib.checkVersion()
arch = dbglib.getArchitecture()
__DEBUGGERAPP__ = "WinDBG"
except SystemExit, e:
print "-Exit."
import sys
sys.exit(e)
except Exception:
#import traceback
print "Do not run this script outside of a debugger !"
#print traceback.format_exc()
import sys
exit(1)
import getopt
try:
#import debugtypes
#import libdatatype
from immutils import *
except:
pass
import os
import re
import sys
import types
import random
import shutil
import struct
import string
import types
import urllib
import inspect
import datetime
import binascii
import itertools
import traceback
from operator import itemgetter
from collections import defaultdict, namedtuple
import cProfile
import pstats
import copy
imm = dbglib.Debugger()
'''
def main(args):
if not args:
imm.log( "no args")
else:
#create table
table=imm.createTable('Argument table',['Number','Argument'])
imm.log("Number of arguments : %d " % len(args))
cnt=0
while (cnt < len(args)):
table.add(0,["%d"%(cnt+1),"%s"%(args[cnt])])
cnt=cnt+1
'''
def usage():
imm.log(" ** No arguments specified ** ")
imm.log(" Usage : ")
imm.log(" blah blah")
def tohex(intAddress):
return "%08X" % intAddress
'''
def main(args):
if (args[0]=="readmem"):
if (len(args) > 1):
imm.log("Reading 8 bytes of memory at %s " % args[1])
cnt=0
memloc=int(args[1],16)
while (cnt < 8):
memchar = imm.readMemory(memloc+cnt,1)
memchar2 = hex(ord(memchar)).replace('0x','')
imm.log("Byte %d : %s" % (cnt+1,memchar2))
cnt=cnt+1
def main(args):
regs = imm.getRegs()
for reg in regs:
if reg=="EAX":
imm.log("Register %s : 0x%08X " % (reg,regs[reg]))
def main(args):
results=imm.searchCommandsOnModule(0x7c920000,"ret")
for result in results:
opc = imm.disasm(result[0])
opstring=opc.getDisasm()
imm.log("opstring %s " % (opstring))
#imm.log("results: %x" % result[0])
'''
def main(args):
regs = imm.getRegs()
for reg in regs:
if reg=="ECX":
ECX=regs[reg]
imm.log("Register %s : 0x%08X " % (reg,regs[reg]))
for EAX in range(1,500):
try:
ESI= imm.readLong(ECX+4*EAX)
EDX= imm.readLong(ESI)
opc = imm.disasm(EDX+0x34)
opstring=opc.getDisasm()
imm.log("EAX:%x ESI:%x EDX+0x34:%x opstring %s " % (EAX,ESI,EDX+0x34,opstring))
except Exception as e:
imm.log("EAX:%x Exception occuss" % EAX)