1
"""Public microsoft symbols tests"""
7
class PeFileAsDumpLoader:
8
"""Load/unload PE-file from System as crash dump file"""
9
def __init__(self, fileName):
10
self._fileName = fileName
13
pykd.loadDump(self._fileName)
15
def __exit__(self, exc_type, exc_value, exc_tb):
18
class MsPdbTest(unittest.TestCase):
19
"""Public Microsoft symbols tests"""
21
def testSymbolNameAddress(self):
22
"""Lookup symbol by name/address"""
23
with PeFileAsDumpLoader( os.path.join(os.environ["WINDIR"], r"System32\ole32.dll") ):
24
mod = pykd.module("ole32")
25
print( "\n" + str( mod ) )
27
targetSymAddr = mod.offset("CPackagerMoniker::Create")
28
self.assertNotEqual( 0, targetSymAddr )
29
self.assertEqual( "CPackagerMoniker::Create", mod.findSymbol(targetSymAddr) )
31
targetSymAddr = mod.offset("CoInitialize")
32
self.assertNotEqual( 0, targetSymAddr )
33
self.assertEqual( "CoInitialize", mod.findSymbol(targetSymAddr) )
35
with PeFileAsDumpLoader( os.path.join(os.environ["WINDIR"], r"System32\authz.dll") ):
36
mod = pykd.module("authz")
37
print("\n" + str( mod ))
39
targetSymAddr = mod.offset("AuthzpDefaultAccessCheck")
40
self.assertNotEqual( 0, targetSymAddr )
41
self.assertEqual( "AuthzpDefaultAccessCheck", mod.findSymbol(targetSymAddr) )
43
targetSymAddr = mod.offset("AuthzAccessCheck")
44
self.assertNotEqual( 0, targetSymAddr )
45
self.assertEqual( "AuthzAccessCheck", mod.findSymbol(targetSymAddr) )
47
with PeFileAsDumpLoader( os.path.join(os.environ["WINDIR"], r"System32\ntdll.dll") ):
48
mod = pykd.module("ntdll")
49
print( "\n" + str( mod ))
51
self.assertNotEqual( 0, len( mod.enumSymbols("Zw*") ) )