【免费】LyScriptSDK1.0.13.zip_DLL被加载到内存后,怎么扫描其数据资源-CSDN文库

共309个文件

py：95个

h：63个

txt：31个

python

需积分: 0 176 浏览量 2023-11-14 16:55:45 上传评论收藏 5.34MB ZIP 举报

资源推荐

资源详情

资源评论

收起资源包目录

LyScript SDK 1.0.13.zip （309个子文件）

TitanEngine_x64.a 326KB

TitanEngine_x86.a 325KB

dbghelp_x86.a 163KB

dbghelp_x64.a 159KB

jansson_x64.a 50KB

jansson_x86.a 49KB

lz4_x64.a 33KB

lz4_x86.a 33KB

DeviceNameResolver_x64.a 6KB

DeviceNameResolver_x86.a 6KB

XEDParse_x86.a 3KB

XEDParse_x64.a 3KB

scriptapi.cpp 48KB

plugin.cpp 5KB

pluginmain.cpp 917B

LyPeUtils-1.0.0.tar.gz 63KB

LyScriptTools64-1.0.6.tar.gz 20KB

LyScriptTools64-1.0.5.tar.gz 20KB

LyScriptTools32-1.0.6.tar.gz 19KB

LyScriptTools32-1.0.5.tar.gz 19KB

LyScript64-1.0.13.tar.gz 7KB

LyScript32-1.0.13.tar.gz 7KB

LyScript64-1.0.12.tar.gz 7KB

LyScript64-1.0.11.tar.gz 7KB

LyScript32-1.0.11.tar.gz 7KB

LyScript32-1.0.12.tar.gz 7KB

LyScriptUtils-1.0.1.tar.gz 4KB

dbghelp.h 124KB

pybind11.h 115KB

pytypes.h 75KB

numpy.h 70KB

TitanEngine.h 64KB

cast.h 59KB

bridgemain.h 50KB

common.h 47KB

type_caster_base.h 41KB

eigen.h 29KB

class.h 27KB

stl_bind.h 26KB

attr.h 23KB

internals.h 21KB

init.h 17KB

stl.h 13KB

lz4.h 13KB

jansson.h 12KB

embed.h 11KB

_scriptapi_register.h 11KB

_dbgfunctions.h 10KB

_plugins.h 10KB

lz4hc.h 9KB

iostream.h 9KB

operators.h 9KB

chrono.h 8KB

gil.h 6KB

bridgegraph.h 6KB

buffer_info.h 6KB

eval.h 5KB

descr.h 5KB

functional.h 4KB

bridgelist.h 4KB

filesystem.h 3KB

_scriptapi_module.h 3KB

_scriptapi_misc.h 3KB

_scriptapi_gui.h 2KB

pluginmain.h 2KB

options.h 2KB

complex.h 2KB

jansson_config.h 2KB

_scriptapi_memory.h 2KB

typeid.h 1KB

XEDParse.h 1KB

_scriptapi_flag.h 1KB

_scriptapi_function.h 1KB

_scriptapi_label.h 1KB

_scriptapi_argument.h 1KB

_scriptapi_debug.h 944B

_scriptapi_comment.h 939B

_scriptapi_bookmark.h 853B

DeviceNameResolver.h 845B

lz4file.h 815B

_scriptapi_pattern.h 801B

_scriptapi_assembler.h 706B

_scriptapi_symbol.h 679B

_plugin_types.h 596B

jansson_x64dbg.h 518B

_scriptapi_stack.h 447B

pystream.h 336B

plugin.h 206B

_scriptapi.h 132B

common.h 120B

lyscript_png.jpg 39KB

x64dbg.lib 116KB

TitanEngine_x86.lib 104KB

TitanEngine_x64.lib 100KB

x32dbg.lib 90KB

共 309 条

# x64dbg 自动化控制插件 <br> <div align=center> <img width="150" src="./svg/lyscript_png.jpg" /> <br><br> [简体中文](README.md) | [繁體中文(中國)](README-TC.md) | [ENGLISH](README-EN.md) | [русский язык ](README-RU.md) <br> [![Build status](./svg/build.svg)](https://github.com/lyshark/LyScript) [![Open Source Helpers](./svg/users.svg)](https://github.com/lyshark/LyScript) [![Crowdin](./svg/email.svg)](mailto:me@lyshark.com) [![Download x64dbg](./svg/x64dbg.svg)](https://github.com/lyshark/LyScript/releases/tag/LyScript) [![OSCS Status](./svg/OSCS.svg)](https://www.oscs1024.com/project/lyshark/LyScript?ref=badge_small) [![python3](./svg/python3.svg)](https://github.com/lyshark/LyScript) [![platform](./svg/platform.svg)](https://github.com/lyshark/LyScript) [![lyscriptver](./svg/lyscript_version.svg)](https://github.com/lyshark/LyScript) <br><br> 一款 x64dbg 自动化控制插件，通过Python控制x64dbg的行为，实现远程动态调试，解决了逆向工作者分析程序，反病毒人员脱壳，漏洞分析者寻找指令片段，原生脚本不够强大的问题，通过与Python相结合利用Python语法的灵活性以及其丰富的第三方库，加速漏洞利用程序的开发，辅助漏洞挖掘以及恶意软件分析。 </div> <br> Python 包请安装与插件一致的版本，在cmd命令行下执行pip命令即可安装，推荐两个包全部安装。 - 安装标准包：`pip install LyScript32` 或者 `pip install LyScript64` - 安装扩展包：`pip install LyScriptTools32` 或者 `pip install LyScriptTools64` 其次您需要手动下载对应`x64dbg`版本的驱动文件，并放入指定的`plugins`目录下。 - 调试器下载：<a href="https://sourceforge.net/projects/x64dbg/files/snapshots/snapshot_2022-09-11_15-59.zip/download">snapshot_2022-09-11_15-59.zip</a> - 插件下载：<a href="https://github.com/lyshark/LyScript/raw/master/plugins/LyScript32-1.0.13.zip">LyScript32-1.0.13 (32位插件)</a> 或者 <a href="https://github.com/lyshark/LyScript/raw/master/plugins/LyScript64-1.0.13.zip">LyScript64-1.0.13 (64位插件)</a> 插件下载好以后，请将该插件复制到x64dbg的plugins目录下，程序运行后会自动加载插件。 ![image](https://user-images.githubusercontent.com/52789403/185293618-68102ea6-8c37-493e-8be3-ca46eca0f0b5.png) 当插件加载成功后，会在日志位置看到具体的绑定信息以及输出调试，该插件并不会在插件栏显示。 ![image](https://user-images.githubusercontent.com/52789403/161062658-0452fe0c-3e11-4df4-a83b-b026f74884d0.png) 如果需要远程调试，则只需要在初始化`MyDebug()`类时传入对端IP地址即可，如果不填写参数则默认使用`127.0.0.1`地址，请确保对端放行了`6589`端口，否则无法连接。 ![image](https://user-images.githubusercontent.com/52789403/161062393-df04aabb-2d70-4434-80b9-a46974bccf8a.png) 运行x64dbg程序并手动载入需要分析的可执行文件，然后我们可以通过`connect()`方法连接到调试器，连接后会创建一个持久会话直到python脚本结束则连接会被强制断开，在此期间可调用`is_connect()`检查该链接是否还存在，具体代码如下所示。 ```Python from LyScript32 import MyDebug if __name__ == "__main__": # 初始化 dbg = MyDebug() # 连接到调试器 connect_flag = dbg.connect() print("连接状态: {}".format(connect_flag)) # 检测套接字是否还在 ref = dbg.is_connect() print("是否在连接: ", ref) dbg.close() ``` <br> ### 寄存器系列函数 **get_register() 函数:** 该函数主要用于实现，对特定寄存器的获取操作，用户需传入需要获取的寄存器名字即可。 - 参数1：传入寄存器字符串可用范围："DR0", "DR1", "DR2", "DR3", "DR6", "DR7", "EAX", "AX", "AH", "AL", "EBX", "BX", "BH", "BL", "ECX", "CX", "CH", "CL", "EDX", "DX", "DH", "DL", "EDI", "DI","ESI", "SI", "EBP", "BP", "ESP", "SP", "EIP", "CIP", "CSP", "CAX", "CBX", "CCX", "CDX", "CDI", "CSI", "CBP", "CFLAGS" ```Python from LyScript32 import MyDebug if __name__ == "__main__": dbg = MyDebug() connect_flag = dbg.connect() print("连接状态: {}".format(connect_flag)) eax = dbg.get_register("eax") ebx = dbg.get_register("ebx") print("eax = {}".format(hex(eax))) print("ebx = {}".format(hex(ebx))) dbg.close() ``` 如果您使用的是64位插件，则寄存器的支持范围将变为E系列加R系列。可用范围扩展： "DR0", "DR1", "DR2", "DR3", "DR6", "DR7", "EAX", "AX", "AH", "AL", "EBX", "BX", "BH", "BL", "ECX", "CX", "CH", "CL", "EDX", "DX", "DH", "DL", "EDI", "DI", "ESI", "SI", "EBP", "BP", "ESP", "SP", "EIP", "RAX", "RBX", "RCX", "RDX", "RSI", "SIL", "RDI", "DIL", "RBP", "BPL", "RSP", "SPL", "RIP", "R8", "R8D", "R8W", "R8B", "R9", "R9D", "R9W", "R9B", "R10", "R10D", "R10W", "R10B", "R11", "R11D", "R11W", "R11B", "R12", "R12D", "R12W", "R12B", "R13", "R13D", "R13W", "R13B", "R14", "R14D", "R14W", "R14B", "R15", "R15D", "R15W", "R15B" ```Python from LyScript64 import MyDebug if __name__ == "__main__": dbg = MyDebug() connect_flag = dbg.connect() rax = dbg.get_register("rax") eax = dbg.get_register("eax") ax = dbg.get_register("ax") print("rax = {} eax = {} ax ={}".format(hex(rax),hex(eax),hex(ax))) r8 = dbg.get_register("r8") print("获取R系列寄存器: {}".format(hex(r8))) dbg.close() ``` **set_register() 函数:** 该函数实现设置指定寄存器参数，同理64位将支持更多寄存器的参数修改。 - 参数1：传入寄存器字符串 - 参数2：十进制数值可用范围："DR0", "DR1", "DR2", "DR3", "DR6", "DR7", "EAX", "AX", "AH", "AL", "EBX", "BX", "BH", "BL", "ECX", "CX", "CH", "CL", "EDX", "DX", "DH", "DL", "EDI", "DI", "ESI", "SI", "EBP", "BP", "ESP", "SP", "EIP" ```Python from LyScript32 import MyDebug if __name__ == "__main__": dbg = MyDebug() connect_flag = dbg.connect() print("连接状态: {}".format(connect_flag)) eax = dbg.get_register("eax") dbg.set_register("eax",100) print("eax = {}".format(hex(eax))) dbg.close() ``` **get_flag_register() 函数:** 用于获取某个标志位参数，返回值只有真或者假。 - 参数1：寄存器字符串可用寄存器范围："ZF", "OF", "CF", "PF", "SF", "TF", "AF", "DF", "IF" ```Python from LyScript32 import MyDebug if __name__ == "__main__": dbg = MyDebug() connect_flag = dbg.connect() print("连接状态: {}".format(connect_flag)) cf = dbg.get_flag_register("cf") print("标志: {}".format(cf)) dbg.close() ``` **set_flag_register() 函数:** 用于设置某个标志位参数，返回值只有真或者假。 - 参数1：寄存器字符串 - 参数2：[ 设置为真 True] / [设置为假 False] 可用寄存器范围："ZF", "OF", "CF", "PF", "SF", "TF", "AF", "DF", "IF" ```Python from LyScript32 import MyDebug if __name__ == "__main__": dbg = MyDebug() connect_flag = dbg.connect() zf = dbg.get_flag_register("zf") print(zf) dbg.set_flag_register("zf",False) zf = dbg.get_flag_register("zf") print(zf) dbg.close() ``` <br> ### 调试系列函数 **set_debug() 函数:** 用于影响调试器，例如前进一次，后退一次，暂停调试，终止等。 - 参数1: 传入需要执行的动作可用动作范围：[暂停 Pause] [运行 Run] [步入 StepIn] [步过 StepOut] [到结束 StepOver] [停止 Stop] [等待 Wait] ```Python from LyScript32 import MyDebug if __name__ == "__main__": dbg = MyDebug() connect_flag = dbg.connect() print("连接状态: {}".format(connect_flag)) while True: dbg.set_debug("StepIn") eax = dbg.get_register("eax") if eax == 0: print("找到了") break dbg.close() ``` **set_debug_count() 函数:** 该函�

评论收藏

内容反馈