How to use get_memory method in Airtest

Best Python code snippet using Airtest

upx_unpacker.py

Source:upx_unpacker.py

...10);11'''12def loadlibrary(name, address):13    # Retrieve the DLL name 14    dllname   = emu.get_memory_string(emu.get_memory(emu.get_register("ESP") + 4))15    16    # Make a real call to LoadLibrary and return the handle17    dllhandle = windll.kernel32.LoadLibraryA(dllname)18    emu.set_register("EAX", dllhandle)19    20    # Reset the stack and return from the handler21    return_address = emu.get_memory(emu.get_register("ESP"))22    emu.set_register("ESP", emu.get_register("ESP") + 8)23    emu.set_register("EIP", return_address)24    25    return True26    27'''28FARPROC WINAPI GetProcAddress(29  __in  HMODULE hModule,30  __in  LPCSTR lpProcName31);32'''33def getprocaddress(name, address):34    # Get both arguments, which are a handle and the procedure name35    handle    = emu.get_memory(emu.get_register("ESP") + 4)36    proc_name = emu.get_memory(emu.get_register("ESP") + 8)37    38    # lpProcName can be a name or ordinal, if top word is null its an ordinal39    if (proc_name >> 16):40        procname = emu.get_memory_string(emu.get_memory(emu.get_register("ESP") + 8))41    else:42        procname = arg243    44    # Add the procedure to the emulator45    emu.os.add_library(handle, procname)46    import_address = emu.os.get_library_address(procname)47    48    # Return the import address49    emu.set_register("EAX", import_address)50    51    # Reset the stack and return from our handler52    return_address = emu.get_memory(emu.get_register("ESP"))53    emu.set_register("ESP", emu.get_register("ESP") + 8)54    emu.set_register("EIP", return_address)55    return True56'''57BOOL WINAPI VirtualProtect(58  __in   LPVOID lpAddress,59  __in   SIZE_T dwSize,60  __in   DWORD flNewProtect,61  __out  PDWORD lpflOldProtect62);63'''64def virtualprotect(name, address):65    # Just return TRUE66    emu.set_register("EAX", 1)67    68    # Reset the stack and return from our handler69    return_address = emu.get_memory(emu.get_register("ESP"))70    emu.set_register("ESP", emu.get_register("ESP") + 16)71    emu.set_register("EIP", return_address)72    return True73# When the unpacking routine is finished, handle the JMP to the OEP74def jmp_handler(emu, mnemonic, eip, op1, op2, op3):75    76    # The UPX1 section	77    if eip < emu.sections["UPX1"]["base"]:78        print "[*] We are jumping out of the unpacking routine."79        print "[*] OEP = 0x%08x" % eip80	# Dump the unpacked binary to disk81        dump_unpacked(emu)82        83        # We can stop emulating now84        emu.emulating = False85        86        return True87# Dump out our newly unpacked binary        88def dump_unpacked(emu):89    global outputfile90    91    fh = open(outputfile, 'wb')92    print "[*] Dumping UPX0 Section"93    base   = emu.sections["UPX0"]["base"]94    length = emu.sections["UPX0"]["vsize"]95    print "[*] Base: 0x%08x  Vsize: %08x" % (base, length)96    for x in range(length):97        fh.write("%c" % emu.get_memory(base + x, 1))98    99    print "[*] Dumping UPX1 Section"100    base   = emu.sections["UPX1"]["base"]101    length = emu.sections["UPX1"]["vsize"]102    print "[*] Base: 0x%08x  Vsize: %08x" % (base, length)103    104    for x in range(length):105        fh.write("%c" % emu.get_memory(base + x, 1))106    107    print "[*] Finished."108    109# Commandline arguments110exename    = sys.argv[1]111outputfile = sys.argv[2]112# Instantiate our emulator object113emu = PEPyEmu()114if exename:115    116    # Load the binary into PyEmu117    if not emu.load(exename):118        print "[!] Problem loading %s" % exename119        sys.exit(2)...

Automation Testing Tutorials

Learn to execute automation testing from scratch with LambdaTest Learning Hub. Right from setting up the prerequisites to run your first automation test, to following best practices and diving deeper into advanced test scenarios. LambdaTest Learning Hubs compile a list of step-by-step guides to help you be proficient with different test automation frameworks i.e. Selenium, Cypress, TestNG etc.