Python volatility.commands.Command() Examples
The following are 30
code examples of volatility.commands.Command().
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example.
You may also want to check out all available functions/classes of the module
volatility.commands
, or try the search function
.
.
Example #1
| Source File: vol_interface.py From VolUtility with GNU General Public License v3.0 | 6 votes |
|
def list_plugins(self):
"""
list of plugins valid for the selected profile
:return:
"""
plugin_list = []
cmds = registry.get_plugin_classes(commands.Command, lower=True)
profs = registry.get_plugin_classes(obj.Profile)
profile_type = self.config.PROFILE
if profile_type not in profs:
print "Not a valid profile"
profile = profs[profile_type]()
for cmdname in sorted(cmds):
command = cmds[cmdname]
helpline = command.help() or ''
if command.is_valid_profile(profile):
plugin_list.append([cmdname, helpline])
return plugin_list
Example #2
| Source File: vol.py From volatility with GNU General Public License v2.0 | 6 votes |
|
def print_info():
""" Returns the results """
categories = {addrspace.BaseAddressSpace: 'Address Spaces',
commands.Command : 'Plugins',
obj.Profile: 'Profiles',
scan.ScannerCheck: 'Scanner Checks'}
for c, n in sorted(categories.items()):
lower = (c == commands.Command)
plugins = registry.get_plugin_classes(c, lower = lower)
print "\n"
print "{0}".format(n)
print "-" * len(n)
result = []
max_length = 0
for clsname, cls in sorted(plugins.items()):
try:
doc = cls.__doc__.strip().splitlines()[0]
except AttributeError:
doc = 'No docs'
result.append((clsname, doc))
max_length = max(len(clsname), max_length)
for (name, doc) in result:
print "{0:{2}} - {1:15}".format(name, doc, max_length)
Example #3
| Source File: vol.py From vortessence with GNU General Public License v2.0 | 6 votes |
|
def print_info():
""" Returns the results """
categories = {addrspace.BaseAddressSpace: 'Address Spaces',
commands.Command : 'Plugins',
obj.Profile: 'Profiles',
scan.ScannerCheck: 'Scanner Checks'}
for c, n in sorted(categories.items()):
lower = (c == commands.Command)
plugins = registry.get_plugin_classes(c, lower = lower)
print "\n"
print "{0}".format(n)
print "-" * len(n)
result = []
max_length = 0
for clsname, cls in sorted(plugins.items()):
try:
doc = cls.__doc__.strip().splitlines()[0]
except AttributeError:
doc = 'No docs'
result.append((clsname, doc))
max_length = max(len(clsname), max_length)
for (name, doc) in result:
print "{0:{2}} - {1:15}".format(name, doc, max_length)
Example #4
| Source File: vol.py From aumfor with GNU General Public License v3.0 | 6 votes |
|
def print_info():
""" Returns the results """
categories = {addrspace.BaseAddressSpace: 'Address Spaces',
commands.Command : 'Plugins',
obj.Profile: 'Profiles',
scan.ScannerCheck: 'Scanner Checks'}
for c, n in sorted(categories.items()):
lower = (c == commands.Command)
plugins = registry.get_plugin_classes(c, lower = lower)
print "\n"
print "{0}".format(n)
print "-" * len(n)
result = []
max_length = 0
for clsname, cls in sorted(plugins.items()):
try:
doc = cls.__doc__.strip().splitlines()[0]
except AttributeError:
doc = 'No docs'
result.append((clsname, doc))
max_length = max(len(clsname), max_length)
for (name, doc) in result:
print "{0:{2}} - {1:15}".format(name, doc, max_length)
Example #5
| Source File: unchain.py From ROPMEMU with GNU Lesser General Public License v2.1 | 6 votes |
|
def __init__(self, config, *args, **kwargs):
commands.Command.__init__(self, config, *args, **kwargs)
self._config.add_option('BIN', short_option = 'B', default = None, help = 'Filename for the dumped chain', action = 'store', type = 'str')
self._config.add_option('MODE', short_option = 'm', default = 'x64', help = 'Modes: x86 and x64', action = 'store', type = 'str')
self._config.add_option('IJSON', short_option = 'i', default = None, help = 'JSON Trace Input file', action = 'store', type = 'str')
self._config.add_option('GLIMIT', short_option = 'G', default = None, help = 'Gadget Limit Number', action = 'store', type = 'int')
self._config.add_option('CLEAN', short_option = 'C', dest="clean", default = False, action="store_true", help="Clean /tmp files")
self._config.add_option('DB', short_option = 'D', default = None, action="store", help="Filename for the opcode DB", type = 'str')
self._config.add_option('SGADGET', short_option = 'S', default = -1, action="store", help="Starting gadget for emulation", type = 'int')
self._config.add_option('IDB', short_option = 'I', default = None, action="store", help="Input opcodes DB", type = 'str')
self.dump_fd = 0
self.gid = 0
self.md = None
self.WHITELIST_INSTRUCTIONS = ['mov', 'pop', 'add', 'sub', 'xor', 'pushf']
self.BLACKLIST_INSTRUCTIONS = ['ret', 'call', 'leave']
self.GREYLIST_INSTRUCTIONS = []
self.trace = OrderedDict()
self.opcodes_db = OrderedDict()
self.NASM = '/usr/bin/nasm'
self.branch = [X86_GRP_JUMP, X86_GRP_INT, X86_GRP_CALL, X86_GRP_RET, X86_GRP_IRET, X86_GRP_VM]
Example #6
| Source File: vol.py From volatility with GNU General Public License v2.0 | 6 votes |
|
def print_info():
""" Returns the results """
categories = {addrspace.BaseAddressSpace: 'Address Spaces',
commands.Command : 'Plugins',
obj.Profile: 'Profiles',
scan.ScannerCheck: 'Scanner Checks'}
for c, n in sorted(categories.items()):
lower = (c == commands.Command)
plugins = registry.get_plugin_classes(c, lower = lower)
print "\n"
print "{0}".format(n)
print "-" * len(n)
result = []
max_length = 0
for clsname, cls in sorted(plugins.items()):
try:
doc = cls.__doc__.strip().splitlines()[0]
except AttributeError:
doc = 'No docs'
result.append((clsname, doc))
max_length = max(len(clsname), max_length)
for (name, doc) in result:
print "{0:{2}} - {1:15}".format(name, doc, max_length)
Example #7
| Source File: patcher.py From volatility with GNU General Public License v2.0 | 5 votes |
|
def __init__(self, config, *args, **kwargs):
commands.Command.__init__(self, config, *args, **kwargs)
config.add_option('XML-INPUT', short_option = 'x',
help = 'Input XML file for patching binaries')
Example #8
| Source File: patcher.py From aumfor with GNU General Public License v3.0 | 5 votes |
|
def __init__(self, config, *args, **kwargs):
commands.Command.__init__(self, config, *args, **kwargs)
config.add_option('XML-INPUT', short_option = 'x',
help = 'Input XML file for patching binaries')
Example #9
| Source File: imagecopy.py From vortessence with GNU General Public License v2.0 | 5 votes |
|
def __init__(self, *args, **kwargs):
commands.Command.__init__(self, *args, **kwargs)
self._config.add_option("BLOCKSIZE", short_option = "b", default = 1024 * 1024 * 5,
help = "Size (in bytes) of blocks to copy",
action = 'store', type = 'int')
self._config.add_option("OUTPUT-IMAGE", short_option = "O", default = None,
help = "Writes a raw DD image out to OUTPUT-IMAGE",
action = 'store', type = 'str')
Example #10
| Source File: vol.py From vortessence with GNU General Public License v2.0 | 5 votes |
|
def list_plugins():
result = "\n\tSupported Plugin Commands:\n\n"
cmds = registry.get_plugin_classes(commands.Command, lower = True)
profs = registry.get_plugin_classes(obj.Profile)
if config.PROFILE == None:
config.update("PROFILE", "WinXPSP2x86")
if config.PROFILE not in profs:
raise BaseException("Invalid profile " + config.PROFILE + " selected")
profile = profs[config.PROFILE]()
wrongprofile = ""
for cmdname in sorted(cmds):
command = cmds[cmdname]
helpline = command.help() or ''
## Just put the title line (First non empty line) in this
## abbreviated display
for line in helpline.splitlines():
if line:
helpline = line
break
if command.is_valid_profile(profile):
result += "\t\t{0:15}\t{1}\n".format(cmdname, helpline)
else:
wrongprofile += "\t\t{0:15}\t{1}\n".format(cmdname, helpline)
if wrongprofile and config.VERBOSE:
result += "\n\tPlugins requiring a different profile:\n\n"
result += wrongprofile
return result
Example #11
| Source File: libapi.py From vortessence with GNU General Public License v2.0 | 5 votes |
|
def get_config(profile, target_path):
config = conf.ConfObject()
registry.register_global_options(config, commands.Command)
registry.register_global_options(config, addrspace.BaseAddressSpace)
config.parse_options()
config.PROFILE = profile
config.LOCATION = "file://{0}".format(target_path)
return config
Example #12
| Source File: patcher.py From DAMM with GNU General Public License v2.0 | 5 votes |
|
def __init__(self, config, *args, **kwargs):
commands.Command.__init__(self, config, *args, **kwargs)
config.add_option('XML-INPUT', short_option = 'x',
help = 'Input XML file for patching binaries')
Example #13
| Source File: common.py From DAMM with GNU General Public License v2.0 | 5 votes |
|
def __init__(self, *args, **kwargs):
self.addr_space = None
self.known_addrs = {}
commands.Command.__init__(self, *args, **kwargs)
Example #14
| Source File: common.py From DAMM with GNU General Public License v2.0 | 5 votes |
|
def execute(self, *args, **kwargs):
commands.Command.execute(self, *args, **kwargs)
Example #15
| Source File: common.py From DAMM with GNU General Public License v2.0 | 5 votes |
|
def __init__(self, *args, **kwargs):
self.addr_space = None
commands.Command.__init__(self, *args, **kwargs)
Example #16
| Source File: common.py From DAMM with GNU General Public License v2.0 | 5 votes |
|
def execute(self, *args, **kwargs):
commands.Command.execute(self, *args, **kwargs)
Example #17
| Source File: imagecopy.py From DAMM with GNU General Public License v2.0 | 5 votes |
|
def __init__(self, *args, **kwargs):
commands.Command.__init__(self, *args, **kwargs)
self._config.add_option("BLOCKSIZE", short_option = "b", default = 1024 * 1024 * 5,
help = "Size (in bytes) of blocks to copy",
action = 'store', type = 'int')
self._config.add_option("OUTPUT-IMAGE", short_option = "O", default = None,
help = "Writes a raw DD image out to OUTPUT-IMAGE",
action = 'store', type = 'str')
Example #18
| Source File: common.py From vortessence with GNU General Public License v2.0 | 5 votes |
|
def execute(self, *args, **kwargs):
commands.Command.execute(self, *args, **kwargs)
Example #19
| Source File: common.py From volatility with GNU General Public License v2.0 | 5 votes |
|
def __init__(self, *args, **kwargs):
self.addr_space = None
self.known_addrs = {}
commands.Command.__init__(self, *args, **kwargs)
Example #20
| Source File: common.py From volatility with GNU General Public License v2.0 | 5 votes |
|
def execute(self, *args, **kwargs):
commands.Command.execute(self, *args, **kwargs)
Example #21
| Source File: common.py From volatility with GNU General Public License v2.0 | 5 votes |
|
def __init__(self, *args, **kwargs):
self.addr_space = None
commands.Command.__init__(self, *args, **kwargs)
Example #22
| Source File: common.py From volatility with GNU General Public License v2.0 | 5 votes |
|
def execute(self, *args, **kwargs):
commands.Command.execute(self, *args, **kwargs)
Example #23
| Source File: imagecopy.py From volatility with GNU General Public License v2.0 | 5 votes |
|
def __init__(self, *args, **kwargs):
commands.Command.__init__(self, *args, **kwargs)
self._config.add_option("BLOCKSIZE", short_option = "b", default = 1024 * 1024 * 5,
help = "Size (in bytes) of blocks to copy",
action = 'store', type = 'int')
self._config.add_option("OUTPUT-IMAGE", short_option = "O", default = None,
help = "Writes a raw DD image out to OUTPUT-IMAGE",
action = 'store', type = 'str')
Example #24
| Source File: vol.py From volatility with GNU General Public License v2.0 | 5 votes |
|
def list_plugins():
result = "\n\tSupported Plugin Commands:\n\n"
cmds = registry.get_plugin_classes(commands.Command, lower = True)
profs = registry.get_plugin_classes(obj.Profile)
if config.PROFILE == None:
config.update("PROFILE", "WinXPSP2x86")
if config.PROFILE not in profs:
raise BaseException("Invalid profile " + config.PROFILE + " selected")
profile = profs[config.PROFILE]()
wrongprofile = ""
for cmdname in sorted(cmds):
command = cmds[cmdname]
helpline = command.help() or ''
## Just put the title line (First non empty line) in this
## abbreviated display
for line in helpline.splitlines():
if line:
helpline = line
break
if command.is_valid_profile(profile):
result += "\t\t{0:15}\t{1}\n".format(cmdname, helpline)
else:
wrongprofile += "\t\t{0:15}\t{1}\n".format(cmdname, helpline)
if wrongprofile and config.VERBOSE:
result += "\n\tPlugins requiring a different profile:\n\n"
result += wrongprofile
return result
Example #25
| Source File: vol_interface.py From VolUtility with GNU General Public License v3.0 | 5 votes |
|
def init_config(self):
"""Creates a volatility configuration."""
self.config = conf.ConfObject()
self.config.optparser.set_conflict_handler("resolve")
registry.register_global_options(self.config, commands.Command)
registry.register_global_options(self.config, addrspace.BaseAddressSpace)
base_conf = {
"profile": "WinXPSP2x86",
"use_old_as": None,
"kdbg": None,
"help": False,
"kpcr": None,
"tz": None,
"pid": None,
"output_file": None,
"physical_offset": None,
"conf_file": None,
"dtb": None,
"output": None,
"info": None,
"location": "file://" + self.memdump,
"plugins": 'plugins',
"debug": 4,
"cache_dtb": True,
"filename": None,
"cache_directory": None,
"verbose": None,
"write": False
}
if self.osprofile:
base_conf["profile"] = self.osprofile
for key, value in base_conf.items():
self.config.update(key, value)
self.plugins = registry.get_plugin_classes(commands.Command, lower=True)
return self.config
Example #26
| Source File: VolatilityInterface.py From quincy with GNU General Public License v3.0 | 5 votes |
|
def __init__(self, path, profile='WinXPSP2x86'):
self.config = conf.ConfObject()
registry.PluginImporter()
registry.register_global_options(self.config, commands.Command)
registry.register_global_options(self.config, addrspace.BaseAddressSpace)
# self.config.parse_options()
self.config.PROFILE = profile
self.config.LOCATION = "file://" + path
self.Memory = utils.load_as(self.config)
self.Processes = self.__getProcesses()
self.Threads = self.__getThreads()
Example #27
| Source File: common.py From vortessence with GNU General Public License v2.0 | 5 votes |
|
def execute(self, *args, **kwargs):
commands.Command.execute(self, *args, **kwargs)
Example #28
| Source File: common.py From aumfor with GNU General Public License v3.0 | 5 votes |
|
def __init__(self, *args, **kwargs):
self.addr_space = None
self.known_addrs = {}
self.known_fops = {}
commands.Command.__init__(self, *args, **kwargs)
Example #29
| Source File: common.py From aumfor with GNU General Public License v3.0 | 5 votes |
|
def execute(self, *args, **kwargs):
commands.Command.execute(self, *args, **kwargs)
Example #30
| Source File: common.py From aumfor with GNU General Public License v3.0 | 5 votes |
|
def __init__(self, *args, **kwargs):
self.addr_space = None
commands.Command.__init__(self, *args, **kwargs)
