# Author: Nicolas VERDIER
# This file is part of memorpy.
#
# memorpy is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# memorpy is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with memorpy. If not, see .
import sys
import string
import re
import logging
import traceback
import binascii
import struct
from .Process import *
from .utils import *
from .Address import Address
from .BaseProcess import ProcessException
from .structures import *
logger = logging.getLogger('memorpy')
REGEX_TYPE=type(re.compile("^plop$"))
class MemWorker(object):
def __init__(self, pid=None, name=None, end_offset = None, start_offset = None, debug=True):
self.process = Process(name=name, pid=pid, debug=debug)
def __enter__(self):
return self
def __exit__(self, type, value, traceback):
self.process.close()
def Address(self, value, default_type = 'uint'):
""" wrapper to instanciate an Address class for the memworker.process"""
return Address(value, process=self.process, default_type=default_type)
def umem_replace(self, regex, replace):
""" like search_replace_mem but works with unicode strings """
regex = re_to_unicode(regex)
replace = replace.encode('utf-16-le')
return self.mem_replace(re.compile(regex, re.UNICODE), replace)
def mem_replace(self, regex, replace):
""" search memory for a pattern and replace all found occurrences """
allWritesSucceed = True
for _, start_offset in self.mem_search(regex, ftype='re'):
if self.process.write_bytes(start_offset, replace) == 1:
logger.debug('Write at offset %s succeeded !' % start_offset)
else:
allWritesSucceed = False
logger.debug('Write at offset %s failed !' % start_offset)
return allWritesSucceed
def umem_search(self, regex):
""" like mem_search but works with unicode strings """
regex = re_to_unicode(regex)
for _, i in self.mem_search(str(regex), ftype='re'):
yield i
def group_search(self, group, start_offset = None, end_offset = None):
regex = ''
for value, type in group:
if type == 'f' or type == 'float':
f = struct.pack('