Skip to content

Instantly share code, notes, and snippets.

@Wenzel

Wenzel/test_libvmi.py

Last active June 8, 2022 10:08
Show Gist options
  • Star 1 You must be signed in to star a gist
  • Fork 1 You must be signed in to fork a gist
  • Save Wenzel/49c3951f02c747e549bef27a75f897b6 to your computer and use it in GitHub Desktop.
Save Wenzel/49c3951f02c747e549bef27a75f897b6 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
test_libvmi.py
#!/usr/bin/env python3
import sys
import libvirt
import logging
from auto_config import get_windows_config
from libvmi import Libvmi, VMIOS, VMIConfig
if __name__ == '__main__':
logger = logging.getLogger()
logger.setLevel(logging.INFO)
domain_name = sys.argv[1]
con = libvirt.open("qemu:///system") # change this to your needs
domain = con.lookupByName(domain_name)
config = get_windows_config(domain)
with Libvmi(domain_name, mode=VMIConfig.DICT, config=config) as vmi:
vaddr = vmi.translate_ksym2v('PsActiveProcessHead')
logging.info('PsActiveProcessHead %s', hex(vaddr))
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment