Skip to content
/ py3dbg Public

modified the PyDbg library to support x64 processes, enhancing its capabilities.

3 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

qerogram/py3dbg

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
example
example
 
 
py3dbg
py3dbg
 
 
.DS_Store
.DS_Store
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
setup.py
setup.py
 
 

Repository files navigation

py3dbg

modified the PyDbg library to support x64 processes, enhancing its capabilities. Some changes have been made to the code in this repository.(https://github.com/rchateauneu/pydbg)

Install

$ pip install py3dbg

Usage

import py3dbg
import py3dbg.defines

PROCESS_NAME = b"program.exe"

def debug_event_handler(dbg):
    if dbg.dbg.u.Exception.dwFirstChance:
        return py3dbg.defines.DBG_CONTINUE
    else:
        return py3dbg.defines.DBG_EXCEPTION_NOT_HANDLED

def debug_stack(dbg) :
    # dump register values
    context = dbg.dump_context()

    # dump stack
    stack = ""
    address = 0
    memsize = 0x4

    if not py3dbg.process_is_wow64(dbg.pid) :
        address = dbg.context.Rsp
        memsize = 0x8
    else :
        address = dbg.context.Esp


    for i in range(16):
        value = dbg.read_process_memory(address, memsize)
        stack += "{:#08x}: {}\n".format(address, value)
        address += memsize
    
    return py3dbg.defines.DBG_EXCEPTION_NOT_HANDLED


dbg = py3dbg.pydbg()

dbg.load(PROCESS_NAME)
dbg.set_callback(py3dbg.defines.EXCEPTION_ACCESS_VIOLATION, debug_stack)
dbg.attach(dbg.pid)
dbg.run()

About

modified the PyDbg library to support x64 processes, enhancing its capabilities.

Topics

windows debugger pydbg

Resources

Readme
Activity

Stars

3 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages