Threads¶

Threads class object is what you get when you request Process.threads.

class revenge.threads.Threads(process)[source]¶

Bases: object

_register_plugin(plugin, name)[source]¶

Registers this plugin to be exposed as a thread plugin.

Parameters

plugin (callable) – A class constructor. Must take an argument for the current thread
name (str) – What will this be called?

The plugin will be instantiated at most once per thread instance, and done only when referenced.

Examples

class MyPlugin:
    @classmethod
    def _thread_plugin(klass, thread):
        self = klass()
        self._thread = module
        return self

process.threads._register_plugin(MyPlugin._thread_plugin, "myplugin")

# This first call will instantiate the plugin
process.threads[1234].myplugin

create(callback)[source]¶

Create and start a new thread on the given callback.

Parameters: callback – Pointer to function to start the thread on. This can be created via CModule, NativeCallback or use an existing function in the binary
Returns: The new thread that was created or None if either the thread create failed or the thread finished before this method returned.
Return type: revenge.threads.Thread

Example

# Create a stupid callback that just spins
func = process.memory.create_c_function("void func() { while ( 1 ) { ; } }")

# Start the thread
t = process.threads.create(func.address)
assert isinstance(t, revenge.threads.thread.Thread)

# View it running
print(process.threads)

# Grab the return value (in this case the thread won't end though)
return_val = t.join()

property threads¶: Current snapshop of active threads.

Thread¶

The Thread class is an actual description of the thread itself.

class revenge.threads.Thread(process, info)[source]¶

Bases: object

Defines a process thread.

Parameters: info (dict) – frida thread info dict

Examples

# Grab your thread
thread = process.threads[tid]

# Wait for this thread to return
thread.join()

# Check out any exceptions that may have been thrown on this thread
thread.exceptions

# Check out the attached trace object
thread.trace

property breakpoint¶

Is this thread at a breakpoint?

Type: bool

property context¶

The current context for this thread.

Type: revenge.cpu.contexts.CPUContext

property exceptions¶

Exceptions that have been caught generically for this thread.

Type: list

property id¶

Thread ID

Return type: int

join()[source]¶: Traditional thread join. Wait for thread to exit and return the thread’s return value.

kill()[source]¶: Attempts to kill this thread.

Note

If you’re having trouble killing the thread, be sure your thread is killable.

For pthreads, that means: pthread_setcancelstate(0, 0); pthread_setcanceltype(1,0)

property module¶

What module is the thread’s program counter in? i.e.: libc-2.27.so.

Return type: str

property pc¶

The current program counter/instruction pointer.

Return type: int

property state¶

Thread state, such as ‘waiting’, ‘suspended’

Return type: str

property trace¶

Returns Trace object if this thread is currently being traced, otherwise None.

Type: revenge.tracer.instruction_tracer.Trace