Sha256: 56a09a438edcef16b0eaaf56e056d64bd7a912f06c765bde9531ea144ff9471b

Contents?: true

Size: 1.22 KB

Versions: 35

Compression:

Stored size: 1.22 KB

Contents

#!/usr/bin/env ruby

# $Id: pe_memdump.rb 12196 2011-04-01 00:51:33Z egypt $

require 'rex/image_source'
require 'rex/peparsey/exceptions'
require 'rex/peparsey/pebase'
require 'rex/peparsey/section'
require 'rex/struct2'

#
# This class is for use with memdump.exe generated dump images.  It basically
# just lies, gets the ImageBase from the file name, and generates 1 big
# header_section with all of the data in it...
#

module Rex
module PeParsey
class PeMemDump < Pe

	def self.new_from_string(data)
		raise NotImplementError
	end

	def self.new_from_file(filename, disk_backed = false)
	
		if filename[-4, 4] != '.rng'
			raise "Not a .rng file: #{filename}"
		end
		
		if filename[-9, 9] == "index.rng"
			raise SkipError
		end

		file = File.open(filename, 'rb')

		if disk_backed
			obj = ImageSource::Disk.new(file)
		else
			obj = ImageSource::Memory.new(file.read)
			obj.close
		end

		return self.new(obj, filename.gsub(/.*[\/\\]/, '')[0,8].hex)
	end

	def initialize(isource, base)
		self._isource = isource
		self.header_section = Section.new(isource, base, nil)
		self.sections = [ self.header_section ]
		self.image_base = 0
	end
	
	def all_sections
		self.sections
	end

	# No 64-bit support
	def ptr_64?
		false
	end

end end end

Version data entries

35 entries across 35 versions & 1 rubygems

Version Path
librex-0.0.65 lib/rex/peparsey/pe_memdump.rb
librex-0.0.63 lib/rex/peparsey/pe_memdump.rb
librex-0.0.54 lib/rex/peparsey/pe_memdump.rb
librex-0.0.53 lib/rex/peparsey/pe_memdump.rb
librex-0.0.52 lib/rex/peparsey/pe_memdump.rb
librex-0.0.51 lib/rex/peparsey/pe_memdump.rb
librex-0.0.50 lib/rex/peparsey/pe_memdump.rb
librex-0.0.49 lib/rex/peparsey/pe_memdump.rb
librex-0.0.48 lib/rex/peparsey/pe_memdump.rb
librex-0.0.47 lib/rex/peparsey/pe_memdump.rb
librex-0.0.46 lib/rex/peparsey/pe_memdump.rb
librex-0.0.44 lib/rex/peparsey/pe_memdump.rb
librex-0.0.43 lib/rex/peparsey/pe_memdump.rb
librex-0.0.42 lib/rex/peparsey/pe_memdump.rb
librex-0.0.41 lib/rex/peparsey/pe_memdump.rb
librex-0.0.40 lib/rex/peparsey/pe_memdump.rb
librex-0.0.39 lib/rex/peparsey/pe_memdump.rb
librex-0.0.38 lib/rex/peparsey/pe_memdump.rb
librex-0.0.37 lib/rex/peparsey/pe_memdump.rb
librex-0.0.36 lib/rex/peparsey/pe_memdump.rb