将地址转换为 PyKD 可以使用的数字/相当于 WinDbg 的数字?命令 [英] Convert address into a number that PyKD can work with / equivalent of the WinDbg ? command
问题描述
在 WinDbg 中,我有几个选项来定义数字
0:006>?17评估表达式:23 = 000000170:006>?0x17评估表达式:23 = 000000170:006>?0n23评估表达式:23 = 000000170:006>?ntdll评估表达式:2004549632 = 777b00000:006>?ntdll+100评估表达式:2004549888 = 777b01000:006>?ntdll!NtCreateThreadEx评估表达式:2005018944 = 778229400:006>?0t755评估表达式:493 = 000001ed0:006>?0y1111评估表达式:15 = 0000000f我正在寻找等效的 PyKD,以将所有这些可能性用作我的脚本的输入.
即:我在 sys.argv[1] 中得到一个字符串,它可以是上述任何一种格式,我需要将其转换为 PyKD 可以理解的地址.>
我已经尝试过:
from pykd import *地址 = addr64(sys.argv[1])PyKd 命令是 expr().
expr( (str)expression [, (bool)cplusplus]) -> 对象:
评估windbg表达式
该命令甚至会考虑使用 n 命令在 WinDbg 中设置的数字基数.
要模拟WinDbg的?行为,可以使用
print("求值表达式:", expr(sys.argv[1]), "=", hex(expr(sys.argv[1])), sep=" ")In WinDbg, I have several options to define a number
0:006> ? 17
Evaluate expression: 23 = 00000017
0:006> ? 0x17
Evaluate expression: 23 = 00000017
0:006> ? 0n23
Evaluate expression: 23 = 00000017
0:006> ? ntdll
Evaluate expression: 2004549632 = 777b0000
0:006> ? ntdll+100
Evaluate expression: 2004549888 = 777b0100
0:006> ? ntdll!NtCreateThreadEx
Evaluate expression: 2005018944 = 77822940
0:006> ? 0t755
Evaluate expression: 493 = 000001ed
0:006> ? 0y1111
Evaluate expression: 15 = 0000000f
I am looking for the PyKD equivalent to use all these possibilities as an input for my script.
That is: I get a string in sys.argv[1] which could be in any of the above mentioned formats and I need to convert it into an address that PyKD can understand.
I have tried:
from pykd import *
address = addr64(sys.argv[1])
The PyKd command is expr().
expr( (str)expression [, (bool)cplusplus]) -> object :
Evaluate windbg expression
The command will even consider the number base that has been set in WinDbg using the n command.
To simulate WinDbg's ? behavior, you can use
print("Evaluate expression:", expr(sys.argv[1]), "=", hex(expr(sys.argv[1])), sep=" ")
这篇关于将地址转换为 PyKD 可以使用的数字/相当于 WinDbg 的数字?命令的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
