Home | Trees | Indices | Help |
|
---|
|
Encapsulates the capabilities to manipulate the memory of a process.
|
|||
str, unicode |
|
||
dict( int → str ) |
|
||
list( win32.MemoryBasicInformation ) |
|
||
|
|||
|
|||
Inherited from |
|||
Memory mapping | |||
---|---|---|---|
int |
|
||
int |
|
||
win32.MemoryBasicInformation |
|
||
bool |
|
||
bool |
|
||
bool |
|
||
bool |
|
||
bool |
|
||
bool |
|
||
bool |
|
||
bool |
|
||
bool |
|
||
bool |
|
||
bool |
|
||
bool |
|
||
list( win32.MemoryBasicInformation ) |
|
||
Memory read | |||
str |
|
||
int |
|
||
int |
|
||
int |
|
||
int |
|
||
str |
|
||
int |
|
||
int |
|
||
int |
|
||
str, unicode |
|
||
Memory write | |||
|
|||
|
|||
|
|||
|
|||
int |
|
||
int |
|
||
int |
|
||
int |
|
|
|||
Inherited from |
|
Reads from the memory of the process.
See Also: peek |
Writes to the memory of the process.
See Also: poke |
Reads a single unsigned integer from the memory of the process.
See Also: peek |
Writes a single unsigned integer to the memory of the process.
See Also: poke_uint |
Reads a single pointer value from the memory of the process.
See Also: peek_pointer |
Writes a single pointer value to the memory of the process.
See Also: poke_pointer |
Reads a single character to the memory of the process.
See Also: write_char |
Writes a single character to the memory of the process.
See Also: write_char |
Reads a ctypes structure from the memory of the process.
See Also: read |
Reads an ASCII or Unicode string from the address space of the process.
See Also: read |
Reads the memory of the process.
See Also: read |
Writes to the memory of the process.
See Also: write |
Reads a single unsigned integer from the memory of the process.
See Also: read_uint |
Writes a single unsigned integer to the memory of the process.
See Also: write_uint |
Reads a single pointer value from the memory of the process.
See Also: read_pointer |
Writes a single pointer value to the memory of the process.
See Also: write_pointer |
Reads a single character from the memory of the process.
See Also: read_char |
Writes a single character to the memory of the process.
See Also: write_char |
Tries to read an ASCII or Unicode string from the address space of the process.
See Also: peek |
Allocates memory into the address space of the process.
See Also: free |
Set memory protection in the address space of the process.
|
Query memory information from the address space of the process. Returns a win32.MemoryBasicInformation object.
|
Frees memory from the address space of the process.
See Also: malloc |
Determines if an address is a valid code or data pointer. That is, the address must be valid and must point to code or data in the target process.
|
Determines if an address is a valid user mode address.
|
Determines if an address belongs to a free page.
Note:
Returns always |
Determines if an address belongs to a reserved page.
Note:
Returns always |
Determines if an address belongs to a commited page.
Note:
Returns always |
Determines if an address belongs to a guard page.
Note:
Returns always |
Determines if an address belongs to a commited and readable page. The page may or may not have additional permissions.
Note:
Returns always |
Determines if an address belongs to a commited and writeable page. The page may or may not have additional permissions.
Note:
Returns always |
Determines if an address belongs to a commited, copy-on-write page. The page may or may not have additional permissions.
Note:
Returns always |
Determines if an address belongs to a commited and executable page. The page may or may not have additional permissions.
Note:
Returns always |
Determines if an address belongs to a commited, writeable and executable page. The page may or may not have additional permissions. Looking for writeable and executable pages is important when exploiting a software vulnerability.
Note:
Returns always |
Produces a memory map to the process address space. Optionally restrict the map to the given address range.
See Also: mquery |
Retrieves the filenames for memory mapped files in the debugee.
|
Takes a snapshot of the memory contents of the process.
|
Attempts to restore the memory state as it was when the given snapshot was taken.
Warning: Currently only the memory contents, state and protect bits are restored. Under some circumstances this method may fail (for example if memory was freed and then reused by a mapped file). |
Home | Trees | Indices | Help |
|
---|
Generated by Epydoc 3.0.1 on Fri Feb 12 19:46:22 2010 | http://epydoc.sourceforge.net |