5
from pykd import dprintln
8
scriptPath = sys.argv[0]
10
def printCommand(sampleDescription, sampleName):
11
dprintln( f'{sampleDescription} <link cmd="!pykd.py {scriptPath} run {sampleName}">Run</link> <link cmd="!pykd.py {scriptPath} source {sampleName}">Source</link>', True)
14
dprintln( "<b>User mode</b>", True)
15
printCommand ("Get critical sections list", "um.critlist")
16
printCommand ("Get module list from PEB", "um.ldr")
18
dprintln( "<b>Kernel mode</b>", True )
19
printCommand ("Get process list", "km.proclist")
20
printCommand ("Get kernel service", "km.ssdt")
21
printCommand ("Get driver object", "km.drvobj")
24
def runSample( sampleName ):
27
packageName, moduleName = sampleName.split(".")
29
module = __import__( name = sampleName, fromlist = moduleName )
31
module.__dict__[ "run" ]()
34
dprintln("import error")
38
dprintln( f'<link cmd="!pykd.py {scriptPath}">Sample list</link>', True )
41
def printSample( sampleName ):
44
packageName, moduleName = sampleName.split(".")
46
module = __import__( name = sampleName, fromlist = moduleName )
48
fileName = os.path.dirname( module.__dict__["__file__"] )
49
fileName = os.path.join( fileName, moduleName + ".py" )
51
with open( fileName ) as f:
56
dprintln("import error")
60
dprintln( f'<link cmd="!pykd.py {scriptPath}">Sample list</link>', True )
65
if len(sys.argv) <= 2:
66
return printAllSamples()
68
if sys.argv[1] == "run":
69
runSample( sys.argv[2] )
71
if sys.argv[1] == "source":
72
printSample( sys.argv[2] )
75
if __name__ == "__main__":