memory, PE files, etc...
Hi! I'd like to write one or more scripts that analyze processes in memory on Windows 7. I used to do these things in C++ by using native Win32 API calls. How should I proceed in python? Any pointers? -- https://mail.python.org/mailman/listinfo/python-list
Re: memory, PE files, etc...
On Monday, October 27, 2014 6:24:19 PM UTC+1, Tim Golden wrote: > psutil is definitely your friend: > > https://github.com/giampaolo/psutil > > Although WMI can be quite handy too, depending on what you're trying to do: > > http://timgolden.me.uk/python/wmi/ > > TJG Thanks for answering. I don't know if psutil is what I'm looking for. What I need to do is more related to debugging than to administration. Let's say I want to search for a sequence of bytes in the .text section of a given module. Can I do that with psutil? Maybe I should buy this book: http://www.amazon.com/Gray-Hat-Python-Programming-Engineers/dp/1593271921 -- https://mail.python.org/mailman/listinfo/python-list
different behavior from idle/pycharm and shell
Consider this code: --- from ctypes import * user32 = windll.user32 user32.MessageBoxA(0, 'ok', 'ok', 0) --- If I run it in idle or from pycharm, the messagebox shows 'o' instead of 'ok', but if I run it from shell, it shows 'ok' like it should. The same happens with msvcrt.printf(). Why? -- https://mail.python.org/mailman/listinfo/python-list
Re: different behavior from idle/pycharm and shell
On Monday, October 27, 2014 11:55:44 PM UTC+1, MRAB wrote: > On 2014-10-27 22:38, kiuhnm wrote: > > Consider this code: > > > > --- > > from ctypes import * > > > > user32 = windll.user32 > > user32.MessageBoxA(0, 'ok', 'ok', 0) > > --- > > > > If I run it in idle or from pycharm, the messagebox shows 'o' instead of > > 'ok', but if I run it from shell, it shows 'ok' like it should. > > The same happens with msvcrt.printf(). > > Why? > > > You didn't say whether you're using Python 2 or Python 3, but it looks > like you're using Python 3. > > There are 2 forms of the MessageBox function, one with the suffix 'A', > which uses bytestrings, and one with the suffix 'W', which uses Unicode > strings. > > In Python 3, the str class is a Unicode string, so you'll want the > MessageBoxW function: > > from ctypes import * > > user32 = windll.user32 > user32.MessageBoxW(0, 'ok', 'ok', 0) > > Also, the msvcrt.printf function expects a bytestring. Yes, you're right. Thank you both. -- https://mail.python.org/mailman/listinfo/python-list
