miasm
Reverse engineering framework
Classes | Namespaces | Functions | Variables
win_api_x86_32_seh.py File Reference

Classes

class  miasm.os_dep.win_api_x86_32_seh.LoadedModules
 

Namespaces

 miasm.os_dep.win_api_x86_32_seh
 

Functions

def miasm.os_dep.win_api_x86_32_seh.build_teb (jitter, teb_address)
 
def miasm.os_dep.win_api_x86_32_seh.build_peb (jitter, peb_address)
 
def miasm.os_dep.win_api_x86_32_seh.build_ldr_data (jitter, modules_info)
 
def miasm.os_dep.win_api_x86_32_seh.create_modules_chain (jitter, name2module)
 
def miasm.os_dep.win_api_x86_32_seh.set_link_list_entry (jitter, loaded_modules, modules_info, offset)
 
def miasm.os_dep.win_api_x86_32_seh.fix_InLoadOrderModuleList (jitter, modules_info)
 
def miasm.os_dep.win_api_x86_32_seh.fix_InMemoryOrderModuleList (jitter, modules_info)
 
def miasm.os_dep.win_api_x86_32_seh.fix_InInitializationOrderModuleList (jitter, modules_info)
 
def miasm.os_dep.win_api_x86_32_seh.add_process_env (jitter)
 
def miasm.os_dep.win_api_x86_32_seh.add_process_parameters (jitter)
 
def miasm.os_dep.win_api_x86_32_seh.init_seh (jitter)
 
def miasm.os_dep.win_api_x86_32_seh.regs2ctxt (jitter, context_address)
 
def miasm.os_dep.win_api_x86_32_seh.ctxt2regs (jitter, ctxt_ptr)
 
def miasm.os_dep.win_api_x86_32_seh.fake_seh_handler (jitter, except_code, previous_seh=None)
 
def miasm.os_dep.win_api_x86_32_seh.dump_seh (jitter)
 
def miasm.os_dep.win_api_x86_32_seh.set_win_fs_0 (jitter, fs=4)
 
def miasm.os_dep.win_api_x86_32_seh.return_from_seh (jitter)
 

Variables

int miasm.os_dep.win_api_x86_32_seh.EXCEPTION_BREAKPOINT = 0x80000003
 
int miasm.os_dep.win_api_x86_32_seh.EXCEPTION_SINGLE_STEP = 0x80000004
 
int miasm.os_dep.win_api_x86_32_seh.EXCEPTION_ACCESS_VIOLATION = 0xc0000005
 
int miasm.os_dep.win_api_x86_32_seh.EXCEPTION_INT_DIVIDE_BY_ZERO = 0xc0000094
 
int miasm.os_dep.win_api_x86_32_seh.EXCEPTION_PRIV_INSTRUCTION = 0xc0000096
 
int miasm.os_dep.win_api_x86_32_seh.EXCEPTION_ILLEGAL_INSTRUCTION = 0xc000001d
 
 miasm.os_dep.win_api_x86_32_seh.log = logging.getLogger("seh_helper")
 
 miasm.os_dep.win_api_x86_32_seh.console_handler = logging.StreamHandler()
 
int miasm.os_dep.win_api_x86_32_seh.tib_address = 0x7ff70000
 
int miasm.os_dep.win_api_x86_32_seh.PEB_AD = 0x7ffdf000
 
int miasm.os_dep.win_api_x86_32_seh.LDR_AD = 0x340000
 
int miasm.os_dep.win_api_x86_32_seh.DEFAULT_SEH = 0x7ffff000
 
int miasm.os_dep.win_api_x86_32_seh.MAX_MODULES = 0x40
 
int miasm.os_dep.win_api_x86_32_seh.peb_address = PEB_AD
 
int miasm.os_dep.win_api_x86_32_seh.peb_ldr_data_offset = 0x1ea0
 
int miasm.os_dep.win_api_x86_32_seh.peb_ldr_data_address = LDR_AD + peb_ldr_data_offset
 
int miasm.os_dep.win_api_x86_32_seh.modules_list_offset = 0x1f00
 
int miasm.os_dep.win_api_x86_32_seh.InInitializationOrderModuleList_offset = 0x1ee0
 
int miasm.os_dep.win_api_x86_32_seh.InInitializationOrderModuleList_address = LDR_AD + \
 
int miasm.os_dep.win_api_x86_32_seh.InLoadOrderModuleList_offset = 0x1ee0 + \
 
int miasm.os_dep.win_api_x86_32_seh.InLoadOrderModuleList_address = LDR_AD + \
 
int miasm.os_dep.win_api_x86_32_seh.process_environment_address = 0x10000
 
int miasm.os_dep.win_api_x86_32_seh.process_parameters_address = 0x200000
 
int miasm.os_dep.win_api_x86_32_seh.return_from_exception = 0x6eadbeef
 
list miasm.os_dep.win_api_x86_32_seh.name2module = []
 
 miasm.os_dep.win_api_x86_32_seh.main_pe = None
 
string miasm.os_dep.win_api_x86_32_seh.main_pe_name = "c:\\xxx\\toto.exe"
 
int miasm.os_dep.win_api_x86_32_seh.MAX_SEH = 5
 
int miasm.os_dep.win_api_x86_32_seh.seh_count = 0