Modules

Modules

class revenge.modules.Modules(process)[source]

Bases: object

_flush_cache()[source]

Make sure the next time we’re hit is a full one.

_register_plugin(plugin, name)[source]

Registers this plugin to be exposed as a module plugin.

Parameters

  • plugin (callable) – A class constructor. Must take an argument for the current module

  • name (str) – What will this be called?

The plugin will be instantiated at most once per module instance, and done only when referenced.

Examples

class MyPlugin:
    @classmethod
    def _modules_plugin(klass, module):
        self = klass()
        self._module = module
        return self

process.modules._register_plugin(MyPlugin._modules_plugin, "myplugin")

# This first call will instantiate the plugin
process.modules['proc_name'].myplugin
load_library(library)[source]

Dynamically load a library into the program.

Parameters

library (str) – The full path to the library on the process machine

Returns

RetuRns the new loaded module or None on error.

Return type

revenge.modules.Module

Examples

selinux = process.modules.load_library("/lib/x86_64-linux-gnu/libselinux.so.1")

This will eventually be implemented across all platforms. For now, it only works on linux platforms.

lookup_offset(symbol)[source]

Lookup raw file offset to symbol.

Returns

(module_name, offset) or None if cannot resolve

Return type

tuple

See examples from modules.lookup_symbol

lookup_symbol(symbol)[source]

Generically resolve a symbol.

Examples

resolve_symbol(“:strlen”) -> returns address of strlen resolved globally. resolve_symbol(“strlen”) -> equivalent to above resolve_symbol(“strlen+0xf”) -> strlen offset by 0xf resolve_symbol(“a.out:main”) -> returns address of main resolved to a.out. resolve_symbol(0x12345) -> returns symbol at that address.

property modules

Return list of modules.

Type

list

Module

class revenge.modules.Module(process, name, base, size, path)[source]

Bases: object

property base

Base address this module is loaded at.

Type

int

property elf

Returns ELF object, if applicable, otherwise None.

property file

Opened file reader to a local copy of this module.

Type

io.BufferReader

property name

Module name.

Type

str

property path

Module path.

Type

str

property pe

Returns PE object, if applicable, otherwise None.

property plt

Location of PLT for this module. Returns None if not known.

Type

int

property size

Size of this module.

Type

int

property symbols

symbol name -> address for this binary.

Type

dict