Mathieu Tarral Wenzel

## gist:2187306f8e581f32758686b49cec3684
libvmi images

## __bindgen.c
#include "/usr/include/xenstore.h"

## mount_guestfs.py
#!/usr/bin/env python3

"""Mount qcow in libguestfs.

Usage:
  mount_guestfs.py [options] <disk_path>
  mount_guestfs.py (-h | --help)

Options:
  -d --debug                    Enable debugging

## singlestep-in-callback.c
/* The LibVMI Library is an introspection library that simplifies access to
 * memory in a target virtual machine or in a file containing a dump of
 * a system's physical memory.  LibVMI is based on the XenAccess Library.
 *
 * Author: Tamas K Lengyel (tamas.lengyel@zentific.com)
 *
 * This file is part of LibVMI.
 *
 * LibVMI is free software: you can redistribute it and/or modify it under
 * the terms of the GNU Lesser General Public License as published by the

## singlestep-in-callback.c
/* The LibVMI Library is an introspection library that simplifies access to
 * memory in a target virtual machine or in a file containing a dump of
 * a system's physical memory.  LibVMI is based on the XenAccess Library.
 *
 * Author: Tamas K Lengyel (tamas.lengyel@zentific.com)
 *
 * This file is part of LibVMI.
 *
 * LibVMI is free software: you can redistribute it and/or modify it under
 * the terms of the GNU Lesser General Public License as published by the

## xen-emulate-response.c
/* The LibVMI Library is an introspection library that simplifies access to
 * memory in a target virtual machine or in a file containing a dump of
 * a system's physical memory.  LibVMI is based on the XenAccess Library.
 *
 * Author: Tamas K Lengyel (tamas.lengyel@zentific.com)
 *
 * This file is part of LibVMI.
 *
 * LibVMI is free software: you can redistribute it and/or modify it under
 * the terms of the GNU Lesser General Public License as published by the

## script.r2
e dbg.hwbp=true
echo printing 10 opcodes
pd 10
echo setting breakpoint on next opcode
so 1
db $$
echo printing 10 opcodes, with breakpoint
pd 10
echo continue execution
dc

## packer.log
2018/07/04 12:23:52 ui: ==> qemu: Overriding defaults Qemu arguments with QemuArgs...
2018/07/04 12:23:52 packer: 2018/07/04 12:23:52 Executing /usr/bin/qemu-system-x86_64: []string{"-fda", "/tmp/packer822671350", "-name", "win7x64", "-cdrom", "/home/vagrant/packer_cache/2b74e82a7abe5592aac026c1d0d5da01dd5a8dfad148b31b32203d23739da902.iso", "-smp", "1", "-m", "2048M", "-machine", "type=pc,accel=xen", "-device", "e1000,netdev=user.0", "-vnc", "0.0.0.0:23", "-netdev", "user,id=user.0,hostfwd=tcp::2387-:5985", "-drive", "file=output-qemu/win7x64,if=ide,cache=writeback,discard=ignore,format=qcow2", "-boot", "once=d"}
2018/07/04 12:23:52 packer: 2018/07/04 12:23:52 Started Qemu. Pid: 10999
2018/07/04 12:23:53 packer: 2018/07/04 12:23:53 Qemu stderr: WARNING: Image format was not specified for '/tmp/packer822671350' and probing guessed raw.
2018/07/04 12:23:53 packer: 2018/07/04 12:23:53 Qemu stderr:          Automatically detecting the format is dangerous for raw images, write operations on block 0 will be restric

## bug_sstep.py
#!/usr/bin/env python3

"""

Usage:
  bug_sstep.py [options] <vm_name> <symbol>

Options:
  -h --help     Show this screen.
  --sstep       Use singlestepping instead of emulation

## memdump.py
#!/usr/bin/env python3

"""MemDump.

Usage:
  memdump.py [options] <vm_name>

Options:
  -h --help     Show this screen.
"""
	#!/usr/bin/env python3

	"""Mount qcow in libguestfs.

	Usage:
	mount_guestfs.py [options] <disk_path>
	mount_guestfs.py (-h \| --help)

	Options:
	-d --debug Enable debugging
	/* The LibVMI Library is an introspection library that simplifies access to
	* memory in a target virtual machine or in a file containing a dump of
	* a system's physical memory. LibVMI is based on the XenAccess Library.
	*
	* Author: Tamas K Lengyel (tamas.lengyel@zentific.com)
	*
	* This file is part of LibVMI.
	*
	* LibVMI is free software: you can redistribute it and/or modify it under
	* the terms of the GNU Lesser General Public License as published by the
	e dbg.hwbp=true
	echo printing 10 opcodes
	pd 10
	echo setting breakpoint on next opcode
	so 1
	db $$
	echo printing 10 opcodes, with breakpoint
	pd 10
	echo continue execution
	dc
	2018/07/04 12:23:52 ui: ==> qemu: Overriding defaults Qemu arguments with QemuArgs...
	2018/07/04 12:23:52 packer: 2018/07/04 12:23:52 Executing /usr/bin/qemu-system-x86_64: []string{"-fda", "/tmp/packer822671350", "-name", "win7x64", "-cdrom", "/home/vagrant/packer_cache/2b74e82a7abe5592aac026c1d0d5da01dd5a8dfad148b31b32203d23739da902.iso", "-smp", "1", "-m", "2048M", "-machine", "type=pc,accel=xen", "-device", "e1000,netdev=user.0", "-vnc", "0.0.0.0:23", "-netdev", "user,id=user.0,hostfwd=tcp::2387-:5985", "-drive", "file=output-qemu/win7x64,if=ide,cache=writeback,discard=ignore,format=qcow2", "-boot", "once=d"}
	2018/07/04 12:23:52 packer: 2018/07/04 12:23:52 Started Qemu. Pid: 10999
	2018/07/04 12:23:53 packer: 2018/07/04 12:23:53 Qemu stderr: WARNING: Image format was not specified for '/tmp/packer822671350' and probing guessed raw.
	2018/07/04 12:23:53 packer: 2018/07/04 12:23:53 Qemu stderr: Automatically detecting the format is dangerous for raw images, write operations on block 0 will be restric
	#!/usr/bin/env python3

	"""

	Usage:
	bug_sstep.py [options] <vm_name> <symbol>

	Options:
	-h --help Show this screen.
	--sstep Use singlestepping instead of emulation
	#!/usr/bin/env python3

	"""MemDump.

	Usage:
	memdump.py [options] <vm_name>

	Options:
	-h --help Show this screen.
	"""