Home       Trees       Indices       Help   
WinAppDbg - Programming Reference
Package winappdbg
[hide private]
[frames] | no frames]

Package winappdbg

source code

Windows application debugging engine for Python.

by Mario Vilas (mvilas at gmail.com)

Project: http://sourceforge.net/projects/winappdbg/

Web: http://winappdbg.sourceforge.net/

Blog: http://breakingcode.wordpress.com

Submodules [hide private]
    Win32 API wrappers

Classes [hide private]
    Debugging
  Debug
The main debugger class.
  EventHandler
Base class for debug event handlers.
  DebugLog
Static functions for debug logging.
    Instrumentation
  System
Interface to a batch of processes, plus some system wide settings.
  Thread
Interface to a thread in another process.
  Process
Interface to a process.
  Window
Interface to an open window in the current desktop.
  Module
Interface to a DLL library loaded in the context of another process.
    Crash reporting
  DummyCrashContainer
Fakes a database of volatile Crash objects, trying to mimic part of it's interface, but doesn't actually store anything.
  CrashTableMSSQL
Manages a database of persistent Crash objects, trying to avoid duplicates only when requested.
  VolatileCrashContainer
Manages a database of volatile Crash objects, trying to avoid duplicates if requested.
  Crash
Represents a crash, bug, or another interesting event in the debugee.
  CrashContainer
Manages a database of persistent Crash objects, trying to avoid duplicates.
  CrashTable
Manages a database of persistent Crash objects, trying to avoid duplicates only when requested.
  CrashDump
Static functions for crash dumps.
    Debug events
  UnloadDLLEvent
Module unload event.
  ExitThreadEvent
Thread termination event.
  RIPEvent
RIP event.
  ExitProcessEvent
Process termination event.
  CreateProcessEvent
Process creation event.
  OutputDebugStringEvent
Debug string output event.
  LoadDLLEvent
Module load event.
  Event
Event object.
  ExceptionEvent
Exception event.
  CreateThreadEvent
Thread creation event.
    Win32 API wrappers
  Handle
Encapsulates Win32 handles to avoid leaking them.
  ProcessHandle
Win32 process handle.
  ThreadHandle
Win32 thread handle.
  FileHandle
Win32 file handle.
    Miscellaneous
  HexDump
Static functions for hexadecimal dumps.
  HexOutput
Static functions for user output parsing.
  Table
Text based table.
  HexInput
Static functions for user input parsing.
  Logger
Logs text to standard output and/or a text file.
  MemoryAddresses
Class to manipulate memory addresses.
  DebugRegister
Class to manipulate debug registers.
  PathOperations
Static methods for filename and pathname manipulation.
Functions [hide private]
    Miscellaneous
generator of win32.MemoryBasicInformation
WriteableAddressIterator(memory_map)
Generator function that iterates through a memory map, returning only those memory blocks that are writeable.		 source code
generator of win32.MemoryBasicInformation
CustomAddressIterator(memory_map, condition)
Generator function that iterates through a memory map, filtering memory region blocks by any given condition.		 source code
generator of win32.MemoryBasicInformation
MappedAddressIterator(memory_map)
Generator function that iterates through a memory map, returning only those memory blocks that belong to memory mapped files.		 source code
generator of win32.MemoryBasicInformation
ReadableAddressIterator(memory_map)
Generator function that iterates through a memory map, returning only those memory blocks that are readable.		 source code
generator of win32.MemoryBasicInformation
DataAddressIterator(memory_map)
Generator function that iterates through a memory map, returning only those memory blocks that contain data.		 source code
generator of win32.MemoryBasicInformation
ExecutableAndWriteableAddressIterator(memory_map)
Generator function that iterates through a memory map, returning only those memory blocks that are executable and writeable.		 source code
generator of win32.MemoryBasicInformation
ExecutableAddressIterator(memory_map)
Generator function that iterates through a memory map, returning only those memory blocks that are executable.		 source code
generator of win32.MemoryBasicInformation
ImageAddressIterator(memory_map)
Generator function that iterates through a memory map, returning only those memory blocks that belong to executable images.		 source code
Variables [hide private]
  __revision__ = '$Id: __init__.py 764 2010-07-20 10:59:45Z qvas...
str version = 'Version 1.4'
This WinAppDbg release version.
  __package__ = 'winappdbg'
Function Details [hide private]

WriteableAddressIterator(memory_map)

source code 

Generator function that iterates through a memory map, returning only those memory blocks that are writeable.

Parameters:
Returns: generator of win32.MemoryBasicInformation
Generator object to iterate memory blocks.

Note: Writeable memory is always readable too.

CustomAddressIterator(memory_map, condition)

source code 

Generator function that iterates through a memory map, filtering memory region blocks by any given condition.

Parameters:
  • memory_map (list( win32.MemoryBasicInformation )) - List of memory region information objects. Returned by Process.get_memory_map.
  • condition (function) - Callback function that returns True if the memory block should be returned, or False if it should be filtered.
Returns: generator of win32.MemoryBasicInformation
Generator object to iterate memory blocks.

MappedAddressIterator(memory_map)

source code 

Generator function that iterates through a memory map, returning only those memory blocks that belong to memory mapped files.

Parameters:
Returns: generator of win32.MemoryBasicInformation
Generator object to iterate memory blocks.

ReadableAddressIterator(memory_map)

source code 

Generator function that iterates through a memory map, returning only those memory blocks that are readable.

Parameters:
Returns: generator of win32.MemoryBasicInformation
Generator object to iterate memory blocks.

DataAddressIterator(memory_map)

source code 

Generator function that iterates through a memory map, returning only those memory blocks that contain data.

Parameters:
Returns: generator of win32.MemoryBasicInformation
Generator object to iterate memory blocks.

ExecutableAndWriteableAddressIterator(memory_map)

source code 

Generator function that iterates through a memory map, returning only those memory blocks that are executable and writeable.

Parameters:
Returns: generator of win32.MemoryBasicInformation
Generator object to iterate memory blocks.

Note: The presence of such pages make memory corruption vulnerabilities much easier to exploit.

ExecutableAddressIterator(memory_map)

source code 

Generator function that iterates through a memory map, returning only those memory blocks that are executable.

Parameters:
Returns: generator of win32.MemoryBasicInformation
Generator object to iterate memory blocks.

Note: Executable memory is always readable too.

ImageAddressIterator(memory_map)

source code 

Generator function that iterates through a memory map, returning only those memory blocks that belong to executable images.

Parameters:
Returns: generator of win32.MemoryBasicInformation
Generator object to iterate memory blocks.

Variables Details [hide private]

__revision__

Value:
'$Id: __init__.py 764 2010-07-20 10:59:45Z qvasimodo $'

   Home       Trees       Indices       Help   
WinAppDbg - Programming Reference
Generated by Epydoc 3.0.1 on Tue Jul 20 14:32:13 2010 http://epydoc.sourceforge.net