Skip to content

Instantly share code, notes, and snippets.

@DoranekoSystems

DoranekoSystems/dump.js

Created August 31, 2022 11:50
Show Gist options
  • Star 3 You must be signed in to star a gist
  • Fork 1 You must be signed in to fork a gist
  • Save DoranekoSystems/ef4c6ecb1ae4b8890a8b42fdfc0c8c50 to your computer and use it in GitHub Desktop.
Save DoranekoSystems/ef4c6ecb1ae4b8890a8b42fdfc0c8c50 to your computer and use it in GitHub Desktop.
Download ZIP
Generate windows syscall csv with Frida
Raw
dump.js
const outputPath = "C::\\put_your_path\\syscall.csv";
var module = Process.getModuleByName("ntdll.dll");
var symbols = module.enumerateExports();
var csvString = "Name,Number\n";
for (var i = 0; i < symbols.length; i++) {
const sysName = symbols[i].name;
if (sysName.indexOf("Nt") == 0 && sysName.indexOf("Ntdll") == -1) {
const symAddr = symbols[i].address;
const sysNumber = symAddr.add(0x04).readUInt().toString(16);
csvString += `${sysName},0x${sysNumber}\n`;
}
}
csvString = csvString.slice(0, -1);
var file_handle = new File(outputPath, "w");
file_handle.write(csvString);
file_handle.flush();
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment