Menu
▾
▴
Re: [Pypeelf-users] Featuers for v1.0
|
From: +NCR/CRC! [ReVeRsEr] <nah...@gm...> - 2009-10-09 18:17:55
|
Finally!,
after a long figth with python packages i'm currently running pypeelf under
x64, all with native x64 packages.
There is a small issue in the Task List viewver when it tries to get the
image base of a module, winappdbg raise an error like this:
C:\pypeelf\trunk>python PyPeElfMain.py
Traceback (most recent call last):
File "C:\pypeelf\trunk\pypeelf_maindlg.py", line 166, in OnTaskMenuItem
taskDlg = tasks.create(self)
File "C:\pypeelf\trunk\tasks.py", line 42, in create
return task_viewer(parent)
File "C:\pypeelf\trunk\tasks.py", line 170, in __init__
self.loadProcesses()
File "C:\pypeelf\trunk\tasks.py", line 199, in loadProcesses
image_base = hex_up_8(p.get_image_base())
File "C:\pypeelf\trunk\app\process.py", line 88, in get_image_base
return self.process.get_image_base()
File "C:\Python26\lib\site-packages\winappdbg\system.py", line 3575, in
get_im
age_base
return self.get_peb().ImageBaseAddress
File "C:\Python26\lib\site-packages\winappdbg\system.py", line 3549, in
get_pe
b
return self.read_structure(self.get_peb_address(), win32.PEB)
File "C:\Python26\lib\site-packages\winappdbg\system.py", line 3560, in
get_pe
b_address
win32.ProcessBasicInformation)
File "C:\Python26\lib\site-packages\winappdbg\win32\ntdll.py", line 1285,
in N
tQueryInformationProcess
raise ctypes.WinError( RtlNtStatusToDosError(ntstatus) )
WindowsError: [Error 24] The program issued a command but the command length
is
incorrect.
On Thu, Oct 8, 2009 at 3:19 PM, +NCR/CRC! [ReVeRsEr]
<nah...@gm...>wrote:
> nop, i'm working with v1.2, i will try it with v1.3b and i will let you
> know!.
>
>
> On Thu, Oct 8, 2009 at 3:16 PM, Matias Bordese <mbo...@gm...> wrote:
>
>> I'm not sure, but maybe you can confirm :)
>> It seems like 64 bits support for winappdbg wasn't there for the 1.2
>> version (that was the one we started to develop with); from what I can
>> see in the winappdbg site/tickets there is some work in progress and
>> 1.3beta partially works on win64. Are you trying this winappdbg
>> version? Could you check that?
>>
>> On Thu, Oct 8, 2009 at 3:03 PM, +NCR/CRC! [ReVeRsEr]
>> <nah...@gm...> wrote:
>> > C:\pypeelf\third-party\winappdbg-1.2\examples\instrumentation>python
>> > example1.py
>> >
>> > Traceback (most recent call last):
>> > File "example1.py", line 38, in <module>
>> > System.request_debug_privileges()
>> > File "C:\Python25\Lib\site-packages\winappdbg\system.py", line 5586,
>> in
>> > reques
>> > t_debug_privileges
>> > win32.TOKEN_ADJUST_PRIVILEGES)
>> > File "C:\Python25\Lib\site-packages\winappdbg\win32\advapi32.py", line
>> > 131, in
>> > OpenProcessToken
>> > raise ctypes.WinError()
>> > WindowsError: [Error 6] The handle is invalid.
>> >
>> > On Thu, Oct 8, 2009 at 3:02 PM, +NCR/CRC! [ReVeRsEr] <
>> nah...@gm...>
>> > wrote:
>> >>
>> >> currently, winappdbg is raising an exception and i'm sure that is
>> ctypes
>> >> fault!.
>> >>
>> >> On Thu, Oct 8, 2009 at 3:00 PM, Matias Bordese <mbo...@gm...>
>> wrote:
>> >>>
>> >>> > btw, i'm testing pypeelf in Windows 7 Ultimate RTM x64. If we
>> install
>> >>> > Python + wxPython + pefile + extra modules (x86 version) everything
>> >>> > works
>> >>> > fine (i think) but i have a problem to run it in x64 native because
>> >>> > Python
>> >>> > wxPython x64 does not recognize the Python x64 installation,
>> besides,
>> >>> > it
>> >>> > seems that ctypes it has not x64 native version (fuck!) (am i right
>> >>> > matias?).
>> >>>
>> >>> You will probably need to install specifically the win64 version (that
>> >>> you can download here: http://sourceforge.net/projects/ctypes/files/
>> ),
>> >>> although it is the first version for 64 bits and it could have some
>> >>> problems
>> >>> (
>> http://mail.python.org/pipermail/python-announce-list/2007-May/005852.html
>> ).
>> >>>
>> >>> Let me know!
>> >>>
>> >>>
>> >>>
>> ------------------------------------------------------------------------------
>> >>> Come build with us! The BlackBerry(R) Developer Conference in SF, CA
>> >>> is the only developer event you need to attend this year. Jumpstart
>> your
>> >>> developing skills, take BlackBerry mobile applications to market and
>> stay
>> >>> ahead of the curve. Join us from November 9 - 12, 2009. Register now!
>> >>> http://p.sf.net/sfu/devconference
>> >>> _______________________________________________
>> >>> Pypeelf-users mailing list
>> >>> Pyp...@li...
>> >>> https://lists.sourceforge.net/lists/listinfo/pypeelf-users
>> >>
>> >>
>> >>
>> >> --
>> >> +NCR/CRC! [ReVeRsEr] // CracksLatinoS! 2003 - 2009
>> >>
>> >> http://crackinglandia.blogspot.com
>> >> http://twitter.com/crackinglandia
>> >> http://www.reversinglabs.com.ar/blog
>> >> http://www.reversinglabs.com.ar/ncr
>> >
>> >
>> >
>> > --
>> > +NCR/CRC! [ReVeRsEr] // CracksLatinoS! 2003 - 2009
>> >
>> > http://crackinglandia.blogspot.com
>> > http://twitter.com/crackinglandia
>> > http://www.reversinglabs.com.ar/blog
>> > http://www.reversinglabs.com.ar/ncr
>> >
>> >
>> ------------------------------------------------------------------------------
>> > Come build with us! The BlackBerry(R) Developer Conference in SF, CA
>> > is the only developer event you need to attend this year. Jumpstart your
>> > developing skills, take BlackBerry mobile applications to market and
>> stay
>> > ahead of the curve. Join us from November 9 - 12, 2009. Register now!
>> > http://p.sf.net/sfu/devconference
>> > _______________________________________________
>> > Pypeelf-users mailing list
>> > Pyp...@li...
>> > https://lists.sourceforge.net/lists/listinfo/pypeelf-users
>> >
>> >
>>
>>
>> ------------------------------------------------------------------------------
>> Come build with us! The BlackBerry(R) Developer Conference in SF, CA
>> is the only developer event you need to attend this year. Jumpstart your
>> developing skills, take BlackBerry mobile applications to market and stay
>> ahead of the curve. Join us from November 9 - 12, 2009. Register now!
>> http://p.sf.net/sfu/devconference
>> _______________________________________________
>> Pypeelf-users mailing list
>> Pyp...@li...
>> https://lists.sourceforge.net/lists/listinfo/pypeelf-users
>>
>
>
>
> --
> +NCR/CRC! [ReVeRsEr] // CracksLatinoS! 2003 - 2009
>
> http://crackinglandia.blogspot.com
> http://twitter.com/crackinglandia
> http://www.reversinglabs.com.ar/blog
> http://www.reversinglabs.com.ar/ncr
>
--
+NCR/CRC! [ReVeRsEr] // CracksLatinoS! 2003 - 2009
http://crackinglandia.blogspot.com
http://twitter.com/crackinglandia
http://www.reversinglabs.com.ar/blog
http://www.reversinglabs.com.ar/ncr
|
