Miasm2
 All Classes Namespaces Files Functions Variables Typedefs Properties Macros
Namespaces | Functions | Variables
win_api_x86_32_seh.py File Reference

Go to the source code of this file.

Namespaces

 miasm2.os_dep.win_api_x86_32_seh
 

Functions

def miasm2.os_dep.win_api_x86_32_seh.build_teb
 
def miasm2.os_dep.win_api_x86_32_seh.build_peb
 
def miasm2.os_dep.win_api_x86_32_seh.build_ldr_data
 
def miasm2.os_dep.win_api_x86_32_seh.create_modules_chain
 
def miasm2.os_dep.win_api_x86_32_seh.fix_InLoadOrderModuleList
 
def miasm2.os_dep.win_api_x86_32_seh.fix_InMemoryOrderModuleList
 
def miasm2.os_dep.win_api_x86_32_seh.fix_InInitializationOrderModuleList
 
def miasm2.os_dep.win_api_x86_32_seh.add_process_env
 
def miasm2.os_dep.win_api_x86_32_seh.add_process_parameters
 
def miasm2.os_dep.win_api_x86_32_seh.init_seh
 
def miasm2.os_dep.win_api_x86_32_seh.regs2ctxt
 
def miasm2.os_dep.win_api_x86_32_seh.ctxt2regs
 
def miasm2.os_dep.win_api_x86_32_seh.fake_seh_handler
 
def miasm2.os_dep.win_api_x86_32_seh.dump_seh
 
def miasm2.os_dep.win_api_x86_32_seh.set_win_fs_0
 
def miasm2.os_dep.win_api_x86_32_seh.add_modules_info
 
def miasm2.os_dep.win_api_x86_32_seh.return_from_seh
 

Variables

int miasm2.os_dep.win_api_x86_32_seh.EXCEPTION_BREAKPOINT = 0x80000003
 
int miasm2.os_dep.win_api_x86_32_seh.EXCEPTION_ACCESS_VIOLATION = 0xc0000005
 
int miasm2.os_dep.win_api_x86_32_seh.EXCEPTION_INT_DIVIDE_BY_ZERO = 0xc0000094
 
int miasm2.os_dep.win_api_x86_32_seh.EXCEPTION_PRIV_INSTRUCTION = 0xc0000096
 
int miasm2.os_dep.win_api_x86_32_seh.EXCEPTION_ILLEGAL_INSTRUCTION = 0xc000001d
 
tuple miasm2.os_dep.win_api_x86_32_seh.log = logging.getLogger("seh_helper")
 
tuple miasm2.os_dep.win_api_x86_32_seh.console_handler = logging.StreamHandler()
 
int miasm2.os_dep.win_api_x86_32_seh.FS_0_AD = 0x7ff70000
 
int miasm2.os_dep.win_api_x86_32_seh.PEB_AD = 0x7ffdf000
 
int miasm2.os_dep.win_api_x86_32_seh.LDR_AD = 0x340000
 
int miasm2.os_dep.win_api_x86_32_seh.MAX_MODULES = 0x40
 
 miasm2.os_dep.win_api_x86_32_seh.tib_address = FS_0_AD
 
 miasm2.os_dep.win_api_x86_32_seh.peb_address = PEB_AD
 
int miasm2.os_dep.win_api_x86_32_seh.peb_ldr_data_offset = 0x1ea0
 
 miasm2.os_dep.win_api_x86_32_seh.peb_ldr_data_address = LDR_AD+peb_ldr_data_offset
 
int miasm2.os_dep.win_api_x86_32_seh.modules_list_offset = 0x1f00
 
int miasm2.os_dep.win_api_x86_32_seh.InInitializationOrderModuleList_offset = 0x1ee0
 
 miasm2.os_dep.win_api_x86_32_seh.InInitializationOrderModuleList_address = LDR_AD+\
 
int miasm2.os_dep.win_api_x86_32_seh.InLoadOrderModuleList_offset = 0x1ee0
 
 miasm2.os_dep.win_api_x86_32_seh.InLoadOrderModuleList_address = LDR_AD+\
 
int miasm2.os_dep.win_api_x86_32_seh.default_seh = PEB_AD+0x20000
 
int miasm2.os_dep.win_api_x86_32_seh.process_environment_address = 0x10000
 
int miasm2.os_dep.win_api_x86_32_seh.process_parameters_address = 0x200000
 
int miasm2.os_dep.win_api_x86_32_seh.context_address = 0x201000
 
int miasm2.os_dep.win_api_x86_32_seh.exception_record_address = context_address+0x1000
 
int miasm2.os_dep.win_api_x86_32_seh.return_from_exception = 0x6eadbeef
 
int miasm2.os_dep.win_api_x86_32_seh.FAKE_SEH_B_AD = context_address+0x2000
 
 miasm2.os_dep.win_api_x86_32_seh.cur_seh_ad = FAKE_SEH_B_AD
 
list miasm2.os_dep.win_api_x86_32_seh.loaded_modules = ["ntdll.dll", "kernel32.dll"]
 
 miasm2.os_dep.win_api_x86_32_seh.main_pe = None
 
string miasm2.os_dep.win_api_x86_32_seh.main_pe_name = "c:\\xxx\\toto.exe"
 
int miasm2.os_dep.win_api_x86_32_seh.MAX_SEH = 5
 
tuple miasm2.os_dep.win_api_x86_32_seh.dummy_e = pe_init.PE()
 
tuple miasm2.os_dep.win_api_x86_32_seh.all_seh_ad
 
int miasm2.os_dep.win_api_x86_32_seh.seh_count = 0
 
Generated by   doxygen 1.8.8