Menu

#1 cant run sample programs (KernelFileMon.py and RegMon.py)

open
nobody
None
5
2015-03-23
2010-04-23
Anonymous
No

<in regmon.py>
1. from comtypes.gen import DBGEVENTPROXYLib fails and i can't see the import name in comtypes.gen
2. i tried commenting the import out and it resulted to: (RegMon.py -l c:\windows\regedit.exe)
...
>>> Adding hooks <<<
>>> Adding hooks <<<
>>> Adding hooks <<<
... <lots and lost of these>
Breakpoint 0 hit
Callback failed with 80004005
Breakpoint 0 hit
Callback failed with 80004005
Breakpoint 0 hit
Callback failed with 80004005
Breakpoint 1 hit
Callback failed with 80004005
Breakpoint 0 hit
Callback failed with 80004005
Breakpoint 1 hit
Callback failed with 80004005

<in KernelFileMon.py>
Opened \\.\pipe\com_1
Waiting to reconnect...
Connected to Windows XP 2600 x86
Kernel Debugger connection established. (Initial Breakpoint requested)
Symbol search path is: SRV*http://msdl.microsoft.com/download/symbols
Executable search path is:
Windows XP Kernel Version 2600 (Service Pack 3) MP (2 procs) Free x86 compatible

etc. etc etc.
... and lots and lots of this again....
Breakpoint 0 hit
Callback failed with 80004005
Breakpoint 0 hit
Callback failed with 80004005
Breakpoint 0 hit
Callback failed with 80004005
Breakpoint 0 hit
Callback failed with 80004005
Breakpoint 0 hit
Callback failed with 80004005
Breakpoint 0 hit

i think same goes with the CreateThreadCallStack.py and FaultInjector.py

note:
Windows Debugger Version 6.11.0001.404 X86
tried both on python2.5 and 2.6
both tried installing pydbgeng and comttypes and checking out the source from svn
both local windbg and windbg remote with vmware7

Discussion

  • iamraprap

    iamraprap - 2010-04-23

    just to add, tracing the error leads to the following (using xpsp3):

    <pydbgeng.PyDbgEng.py.PyDbgEng>
    def get_arg(self, index):
    esp_value = self.get_register_value("esp")
    -> return self.read_dword(esp_value + index * 4)

    def read_dword(self, pdword):
    -> buffer = self.read_virtual_memory(pdword, 4)
    return struct.unpack("<I", buffer)[0]

    def read_virtual_memory(self, address, length):
    read_buf = create_string_buffer(length)
    bytes_read = c_ulong(0)

    -> self.idebug_data_spaces.ReadVirtual( address, read_buf, length, byref(bytes_read) )

    <comtypes.__init__.py>
    else:
    -> v = atyp.from_param(v)
    assert not isinstance(v, BYREFTYPE)

     

  • sc07kvm

    sc07kvm - 2013-12-01

    any problems with type conversion to comtypes or wrong types of passed parameters in pydbgeng

    Simple bugfix PyDbgEng.read_virtual_memory...

    def read_virtual_memory(self, address, length):
    offset=c_ulonglong(address)
    cp_read_buf=create_string_buffer(length)
    read_buf = cast(cp_read_buf,c_void_p)
    bytes_read = c_ulong(0)
    buffer_size=c_ulong(length)
    self.idebug_data_spaces.ReadVirtual(offset, read_buf, buffer_size, pointer(bytes_read))
    if (bytes_read.value != length):
    raise DebuggerException("read_virtual_memory(): ReadVirtual() failed")
    return cp_read_buf.raw

    P.S. comtypes (0.6.3),PyDbgEng (0.14),Python 2.7.5(x86)

     

    Last edit: sc07kvm 2013-12-01

Log in to post a comment.

Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.