ich arbeite mich gerade in immunity debugger ein.
Ein tolles script soll mir helfen Adressen auszulesen.
Ich weis, es passiert auf Python 2.5
Ja, es ist alt.
Ich teste es auf einer Win 7 SP1 (ohne Updates) Maschine.
Code: Alles auswählen
from immlib import *
def main(args):
imm = Debugger()
search_code = " ".join(args)
search_bytes = imm.Assemble( search_code )
search_results = imm.Search( search_bytes )
for hit in search_results:
# Retrieve the memory page where this hit exists
# and make sure it's executable
code_page = imm.getMemoryPagebyAddress( hit )
access = code_page.getAccess( human = True )
if "execute" in access.lower():
imm.log("[*] Found: %s (0x%08x)" % ( search_code, hit ), address = hit )
return "[*] Finished searching for instructions, check the Log window."
Idee?TraceBack(most recent camm last):
File C:\....py lin8, in main
search_bytes = imm.Assemble( search_code)
AttributeError: Debugger object has no attribute Assemble