diff options
| author | serpilliere <devnull@localhost> | 2011-11-29 11:35:18 +0100 |
|---|---|---|
| committer | serpilliere <devnull@localhost> | 2011-11-29 11:35:18 +0100 |
| commit | e25d6f821dfd4f6b80148df092f39d7964c27ebc (patch) | |
| tree | ffbd5e099751f3404560d062948df2264159ce11 | |
| parent | 43b7f1f7b92ca2636494e0f3f60cc5ee85490885 (diff) | |
| download | miasm-e25d6f821dfd4f6b80148df092f39d7964c27ebc.tar.gz miasm-e25d6f821dfd4f6b80148df092f39d7964c27ebc.zip | |
fix winapi snapshootable
Diffstat (limited to '')
| -rw-r--r-- | miasm/tools/win_api.py | 15 |
1 files changed, 10 insertions, 5 deletions
diff --git a/miasm/tools/win_api.py b/miasm/tools/win_api.py index db5e7eee..97529c11 100644 --- a/miasm/tools/win_api.py +++ b/miasm/tools/win_api.py @@ -118,6 +118,7 @@ class c_winobjs: self.module_fname_nux = None self.module_name = "test.exe\x00" self.module_path = "c:\\mydir\\"+self.module_name + self.hcurmodule = None self.module_filesize = None self.getversion = 0x0A280105 self.getforegroundwindow = 0x333333 @@ -635,9 +636,9 @@ def kernel32_CreateFile(funcname, get_str): eax = 0xffffffff - if fname in [r"\\.\SICE", r"\\.\NTICE", r"\\.\Siwvid"]: + if fname.upper() in [r"\\.\SICE", r"\\.\NTICE", r"\\.\SIWVID"]: pass - elif fname in ['NUL']: + elif fname.upper() in ['NUL']: eax = winobjs.module_cur_hwnd else: # go in sandbox files @@ -645,7 +646,7 @@ def kernel32_CreateFile(funcname, get_str): if access & 0x80000000: # read if not os.access(f, os.R_OK): - raise ValueError("file doesn't exit", fname) + raise ValueError("file doesn't exit", f) h = open(f, 'rb+') eax = winobjs.handle_pool.add(f, h) @@ -832,7 +833,7 @@ def kernel32_GetModuleFileName(funcname, set_str): print whoami(), hex(ret_ad), '(', hex(hmodule), hex(lpfilename), hex(nsize), ')' - if hmodule in [0]: + if hmodule in [0, winobjs.hcurmodule]: p = winobjs.module_path[:] else: print ValueError('unknown module h', hex(hmodule)) @@ -913,6 +914,10 @@ def kernel32_SetLastError(): e = vm_pop_uint32_t() print whoami(), hex(ret_ad), hex(e) + #lasterr addr + ad = seh_helper.FS_0_AD + 0x34 + vm_set_mem(ad, pdw(e)) + winobjs.lastwin32error = e regs = vm_get_gpreg() regs['eip'] = ret_ad @@ -2710,7 +2715,7 @@ def kernel32_CreateFileMapping(funcname, get_str): dwmaximumsizelow = vm_pop_uint32_t() lpname = vm_pop_uint32_t() - print funcname, hex(hfile), hex(lpattr), hex(flprotect), hex(dwmaximumsizehigh), hex(dwmaximumsizelow) + print funcname, hex(ret_ad), hex(hfile), hex(lpattr), hex(flprotect), hex(dwmaximumsizehigh), hex(dwmaximumsizelow) if lpname: f = get_str(lpname) |