 |
miasm
Reverse engineering framework
|
|
miasm
Reverse engineering framework
|
Variables | |
| minidump = Minidump(open(sys.argv[1], 'rb').read()) | |
| pe = PE() | |
| name = str(memory.name) | |
| protect = memory.pretty_protect | |
| int | protect_mask = 0x20 |
| addr | |
| address | |
| rawsize | |
| data | |
| content | |
| flags | |
| entry_point = minidump.threads.Threads[0].ThreadContext.Eip[0] | |
| AddressOfEntryPoint | |
Minidump to PE example
| minidump_to_pe.addr |
| minidump_to_pe.address |
| minidump_to_pe.AddressOfEntryPoint |
| minidump_to_pe.content |
| minidump_to_pe.data |
| minidump_to_pe.entry_point = minidump.threads.Threads[0].ThreadContext.Eip[0] |
| minidump_to_pe.flags |
| minidump_to_pe.minidump = Minidump(open(sys.argv[1], 'rb').read()) |
| string minidump_to_pe.name = str(memory.name) |
| minidump_to_pe.pe = PE() |
| minidump_to_pe.protect = memory.pretty_protect |
| int minidump_to_pe.protect_mask = 0x20 |
| minidump_to_pe.rawsize |
1.8.20