skip to navigation
skip to content

Not Logged In

python-ptrace 0.6.4

python binding of ptrace

Latest Version: 0.7

python-ptrace is a Python binding of ptrace library.

The binding works on:

  • Linux version 2.6.20 on i386, x86_64, PPC (may works on Linux 2.4.x and 2.6.x)
  • Linux version 2.4 on PPC
  • FreeBSD version 7.0RC1 on i386 (may works on FreeBSD 5.x/6.x)
  • OpenBSD version 4.2 on i386

Features:

  • High level Python object API : !PtraceDebugger and !PtraceProcess
  • Able to control multiple processes: catch fork events on Linux
  • Read/write bytes to arbitrary address: take care of memory alignment and split bytes to cpu word
  • Execution step by step using ptrace_singlestep() or hardware interruption 3
  • Can use distorm (http://www.ragestorm.net/distorm/) disassembler
  • Dump registers, memory mappings, stack, etc.
  • Syscall tracer and parser (strace command)

Website: http://bitbucket.org/haypo/python-ptrace/wiki/Home

Installation

Read INSTALL documentation file.

Documentation

Browse doc/ and examples/ directories.

Changelog

python-ptrace 0.6.4 (2012-02-26)

  • Convert all classes to new-style classes, patch written by teythoon
  • Fix compilation on Apple, patch written by Anthony Gelibert
  • Support GNU/kFreeBSD, patch written by Jakub Wilk
  • Support sockaddr_in6 (IPv6 address)

python-ptrace 0.6.3 (2011-02-16)

  • Support distrom3
  • Support Python 3
  • Rename strace.py option --socketcall to --socket, and fix this option for FreeBSD and Linux/64 bits
  • Add MANIFEST.in: include all files in source distribution (tests, cptrace module, ...)

python-ptrace 0.6.2 (2009-11-09)

  • Fix 64 bits sub registers (set mask for eax, ebx, ecx, edx)

python-ptrace 0.6.1 (2009-11-07)

  • Create follow, showfollow, resetfollow, xray commands in gdb.py. Patch written by Dimitris Glynos
  • Project website moved to http://bitbucket.org/haypo/python-ptrace/
  • Replace types (u)intXX_t by c_(u)intXX
  • Create MemoryMapping.search() method and MemoryMapping now keeps a weak reference to the process

python-ptrace 0.6 (2009-02-13)

User visible changes:

  • python-ptrace now depends on Python 2.5
  • Invalid memory access: add fault address in the name
  • Update Python 3.0 conversion patch
  • Create -i (--show-ip) option to strace.py: show instruction pointer
  • Add a new example (itrace.py) written by Mark Seaborn and based on strace.py

API changes:

  • PtraceSyscall: store the instruction pointer at syscall enter (if the option instr_pointer=True, disabled by default)
  • Remove PROC_DIRNAME and procFilename() from ptrace.linux_proc

Bugfixes:

  • Fix locateProgram() for relative path
  • Fix interpretation of memory fault on MOSVW instruction (source is ESI and destination is EDI, and not the inverse!)

python-ptrace 0.5 (2008-09-13)

Visible changes:

  • Write an example (the most simple debugger) and begin to document the code
  • gdb.py: create "dbginfo" command
  • Parse socket syscalls on FreeBSD
  • On invalid memory access (SIGSEGV), eval the dereference expression to get the fault address on OS without siginfo (eg. FreeBSD)
  • Fixes to get minimal Windows support: fix imports, fix locateProgram()

Other changes:

  • Break the API: - Rename PtraceDebugger.traceSysgood() to PtraceDebugger.enableSysgood() - Rename PtraceDebugger.trace_sysgood to PtraceDebugger.use_sysgood - Remove PtraceProcess.readCode()
  • Create createChild() function which close all files except stdin, stdout and stderr
  • On FreeBSD, on process exit recalls waitpid(pid) to avoid zombi process

python-ptrace 0.4.2 (2008-08-28)

  • BUGFIX: Fix typo in gdb.py (commands => command_str), it wasn't possible to write more than one command...
  • BUGIFX: Fix typo in SignalInfo class (remove "self."). When a process received a signal SIGCHLD (because of a fork), the debugger exited because of this bug.
  • BUGFIX: Debugger._wait() return abnormal process exit as a normal event, the event is not raised as an exception
  • PtraceSignal: don't clear preformatted arguments (eg. arguments of execve)

python-ptrace 0.4.1 (2008-08-23)

  • The project has a new dedicated website: http://python-ptrace.hachoir.org/
  • Create cptrace: optional Python binding of ptrace written in C (faster than ptrace, the Python binding written in Python with ctypes)
  • Add name attribute to SignalInfo classes
  • Fixes to help Python 3.0 compatibility: don't use sys.exc_clear() (was useless) in writeBacktrace()
  • ProcessState: create utime, stime, starttime attributes

python-ptrace 0.4.0 (2008-08-19)

Visible changes:

  • Rename the project to "python-ptrace" (old name was "Ptrace)
  • strace.py: create --ignore-regex option
  • PtraceSignal: support SIGBUS, display the related registers and the instruction
  • Support execve() syscall tracing

Developer changes:

  • New API is incompatible with 0.3.2
  • PtraceProcess.waitProcessEvent() accepts optional blocking=False argument
  • PtraceProcess.getreg()/setreg() are able to read/write i386 and x86-64 "sub-registers" like al or bx
  • Remove iterProc() function, replaced by openProc() with explicit call to .close() to make sure that files are closed
  • Create searchProcessesByName()
  • Replace CPU_PPC constant by CPU_POWERPC and create CPU_PPC32 and CPU_PPC64
  • Create MemoryMapping object, used by readMappings() and findStack() methods of PtraceProcess
  • Always define all PtraceProcess methods but raise an error if the function is not implemented
 
File Type Py Version Uploaded on Size
python-ptrace-0.6.4.tar.gz (md5) Source 2012-02-26 75KB
  • Downloads (All Versions):
  • 71 downloads in the last day
  • 757 downloads in the last week
  • 3431 downloads in the last month