-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathvolatilitux.py
125 lines (91 loc) · 3.29 KB
/
volatilitux.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
#!/usr/bin/python
import os
import sys
import getopt
from init import *
def usage(progname):
print ""
print "Volatilitux v1.0"
print "By Emilien Girault <[email protected]>"
print "http://www.segmentationfault.fr"
print ""
print "usage: %s -f <dumpfile> [-c <configfile>] [-o] [-d] <command> [options]" % (os.path.basename(progname))
print ""
print " -f <dumpfile> Physical memory dump file to analyze"
print " -o Create an XML file with the current configuration"
print " -c <configfile> Configuration file to read instead of autmatically detecting all offsets"
print " -d Enable debug mode"
print ""
print "List of supported architectures: "
archs = map( lambda f: f[:-3],
filter(lambda f: f != '__init__.py' and f[-3:] == '.py',
os.listdir(os.path.dirname(progname)+"/core/mm/arch")
)
)
for a in archs:
print " "*3 + a
print
# Get the list of all supported commands
print "List of supported commands: "
commands = map(lambda f: f[:-3],
filter(lambda f: f != '__init__.py' and f[-3:] == '.py',
os.listdir(os.path.dirname(progname)+"/commands")
)
)
for c in commands:
m = __import__('commands.'+c, globals(), locals(), 'desc')
print " "*3 + c.ljust(20), m.desc()
print
print "To get help about a specific command: %s [options] <command> -h" % (os.path.basename(progname))
def main(argv=sys.argv):
options = "ho:c:f:d"
try:
o = getopt.getopt(sys.argv[1:], options)
short_opts = dict(o[0])
args = o[1]
# Parse standard arguments
if((len(short_opts) == 0 and len(args) == 1) or "-h" in short_opts):
usage(argv[0])
sys.exit(0)
if(not "-f" in short_opts):
raise Exception("Dump file not specified, please use -f")
Config.setDumpFile(short_opts["-f"])
if("-d" in short_opts):
Config.setDebug(True)
# Parse the config file, if any
if("-c" in short_opts):
Config.setConfigFile(short_opts["-c"])
else: # Otherwise, perform a fingerprint on the dump
Config.fingerprint(short_opts.get("-o", None))
# Get the module
if(len(args) == 0):
raise Exception("No command specified.")
module_name = args[0]
try:
module = __import__('commands.'+module_name, globals(), locals(), ['run', 'usage', 'desc'])
except ImportError:
raise Exception("Invalid command specified.")
# Parse the command options
m_o = module.options
if(m_o is None):
m_o = ""
module_options = getopt.getopt(args[1:], "h"+m_o)
# Print the command help if needed
if("-h" in dict(module_options[0])):
print module_name + ": " + module.desc()
try:
module.usage()
except AttributeError:
print "No arguments needed."
pass
sys.exit(0)
# Run the command with the specified option
module.run(module_options)
# Error in arguments
except getopt.GetoptError, e:
print "Error: " + str(e)
usage(argv[0])
except Exception, e:
print "Error: " + str(e)
if __name__ == "__main__":
main()