OpenRCE

📚 OpenRCE is preserved as a read-only archive. Launched at RECon Montreal in 2005. Registration and posting are disabled.

About Articles Book Store Distributed RCE Downloads Event Calendar Forums Live Discussion Reference Library RSS Feeds Search Users What's New

Customize Theme

Flag: Tornado! Hurricane!

Created: Thursday, August 16 2007 11:31.41 CDT

Printer Friendly ...

Small PyDBG Enhancements Incoming

Author: jms

# Views: 2122

Just waiting for Pedram to update SVN, but I thought I would post quickly. Some additions to PyDBG:

1) pydbg.pid_to_port(pid)

This function returns a list of tuples with the protocol, bound address and port number that a given process owns. So the following (originally from Pedram) for the [System] process:



import pydbg



dbg = pydbg.pydbg()

   

for proto, addr, port in dbg.pid_to_port(4):

   print proto, addr, port



OUTPUT:



TCP 0.0.0.0 445

TCP 192.168.216.1 139

TCP 192.168.202.1 139

TCP 10.77.0.6 139

TCP 192.168.7.98 139

UDP 0.0.0.0 445

Then its trivial to enumerate all processes and retrieve each process's listening ports.

2) utils.hooking.inject()

This is a migration of my PyFault code to allow for dll injection and ejection. Again pretty straightforward:



import utils

import time



injector = utils.hooking.inject()



injector.inject_dll("C:\\testdll.dll",pid)

time.sleep(10)

injector.eject_dll("testdll.dll",pid)

So nothing earth shattering but some quick and dirty utility functions. Now I will get on Pedram's case about committing the changes :)

Blog Comments

jms	Posted: Thursday, August 16 2007 18:55.52 CDT
Its up on http://paimei.openrce.org/ now.

There are 31,328 total registered users.

Recently Created Topics
[help] Unpacking VMP...	Mar/12
Reverse Engineering ...	Jul/06
let 'IDAPython' impo...	Sep/24
set 'IDAPython' as t...	Sep/24
GuessType return une...	Sep/20
About retrieving the...	Sep/07
How to find specific...	Aug/15
How to get data depe...	Jul/07
Identify RVA data in...	May/06
Question about memor...	Dec/12

Recent Forum Posts
Finding the procedur...	rolEYder
Question about debbu...	rolEYder
Identify RVA data in...	sohlow
let 'IDAPython' impo...	sohlow
How to find specific...	hackgreti
Problem with ollydbg	sh3dow
How can I write olly...	sh3dow
New LoadMAP plugin v...	mefisto...
Intel pin in loaded ...	djnemo
OOP_RE tool available?	Bl4ckm4n

Recent Blog Entries
	halsten	Mar/14
Breaking IonCUBE VM
	oleavr	Oct/24
Anatomy of a code tracer
	hasherezade	Sep/24
IAT Patcher - new tool for ...
	oleavr	Aug/27
CryptoShark: code tracer ba...
	oleavr	Jun/25
Build a debugger in 5 minutes
More ...

Recent Blog Comments
	nieo on:	Mar/22
IAT Patcher - new tool for ...
	djnemo on:	Nov/17
Kernel debugger vs user mod...
	acel on:	Nov/14
Kernel debugger vs user mod...
	pedram on:	Dec/21
frida.github.io: scriptable...
	capadleman on:	Jun/19
Using NtCreateThreadEx for ...
More ...

Imagery

SoySauce Blueprint
Jun 6, 2008

[+] expand

View Gallery (11) / Submit