[Tutor] Tkinter's Documentation
Where can i find the reference documentation of "Tkinter" and if possible in PDF forme? Because there is no documentation on the widgets in "python library reference". Thanks ___ Tutor maillist - Tutor@python.org To unsubscribe or change subscription options: https://mail.python.org/mailman/listinfo/tutor
Re: [Tutor] Tkinter's Documentation
On 05/10/17 17:38, adil gourinda wrote: > Where can i find the reference documentation of "Tkinter" Tkinter is a module, not part of the language, so it is documented in the modules section. But the documentation is not 100% complete and for details you often need to look at the Tk/Tcl documentation too. Also there are several Tkinter web sites that offer additional information. One of the official web pages has links to them. This is probably the most comprehensive: https://infohost.nmt.edu/tcc/help/pubs/tkinter/web/index.html And there is a PDF link on their web page. -- Alan G Author of the Learn to Program web site http://www.alan-g.me.uk/ http://www.amazon.com/author/alan_gauld Follow my photo-blog on Flickr at: http://www.flickr.com/photos/alangauldphotos ___ Tutor maillist - Tutor@python.org To unsubscribe or change subscription options: https://mail.python.org/mailman/listinfo/tutor
Re: [Tutor] script guidelines
currently m using pycharm , interpreter = python 3.6 i am getting th error as below, what might be the reason for this. UnicodeDecodeError: 'charmap' codec can't decode byte 0x81 in position 159: character maps to On Tue, Oct 3, 2017 at 2:18 PM, renukesh nk wrote: > requirement: > i have a directory , that contains multiple sub directories, each sub > directory has multiple text and log files, my script fetches the required > lines from all the sub directories and stores it in one text file. > > but i want it to store separate text file for each sub directory ,after > fetching the contents. can anyone please help me where to edit my script. > > my script is currently dumping all in on file instead of separate file for > each directory. > > ___ Tutor maillist - Tutor@python.org To unsubscribe or change subscription options: https://mail.python.org/mailman/listinfo/tutor
Re: [Tutor] script guidelines
On 06/10/17 11:07, renukesh nk wrote: > currently m using pycharm , interpreter = python 3.6 > i am getting th error as below, what might be the reason for this. > > UnicodeDecodeError: 'charmap' codec can't decode byte 0x81 in position 159: > character maps to It looks like you have a character in your charmap that the decoder can't decode. But without seeing any code it's hard to be more specific. Please always include the full error message every time. And sending at least the enclosing function, but preferably the whole source code if its not too long(<100 lines?) or under confidentiality constraints. (If the latter try to recreate the issue in a small snippet you can post) -- Alan G Author of the Learn to Program web site http://www.alan-g.me.uk/ http://www.amazon.com/author/alan_gauld Follow my photo-blog on Flickr at: http://www.flickr.com/photos/alangauldphotos ___ Tutor maillist - Tutor@python.org To unsubscribe or change subscription options: https://mail.python.org/mailman/listinfo/tutor
Re: [Tutor] script guidelines
On Fri, Oct 06, 2017 at 03:37:36PM +0530, renukesh nk wrote:
> currently m using pycharm , interpreter = python 3.6
> i am getting th error as below, what might be the reason for this.
>
> UnicodeDecodeError: 'charmap' codec can't decode byte 0x81 in position 159:
> character maps to
When you get an error, Python prints a full traceback showing the full
chain of function calls. This is useful. Without it, we cannot even
begin to solve the problem.
All we can say is that, somewhere, somehow, for some reason, you are
trying to decode some bytes from somewhere (we don't know where) to
text, and there is an error doing so.
If I look deeply into my magic crystal ball, I *think* the problem is
that you are trying to read a file (maybe a HTML file downloaded from
the Internet?) which is encoded differently than you expect. But I can't
replicate the error you get:
py> b'\x81'.decode('utf-8')
Traceback (most recent call last):
File "", line 1, in
UnicodeDecodeError: 'utf-8' codec can't decode byte 0x81 in position 0:
invalid start byte
If this is a HTML file, have you tried inspecting the HTML to see what
encoding you should use?
--
Steve
___
Tutor maillist - Tutor@python.org
To unsubscribe or change subscription options:
https://mail.python.org/mailman/listinfo/tutor
Re: [Tutor] Tkinter's Documentation
Tkinter is very much alive and has an active developers list. However Tkinter is just a wrapper around Tcl/Tk so there is only activity in Tkinter when there is something new in Tk. But both projects are going strong. On 6 Oct 2017 12:45 pm, adil gourinda wrote: This link exists in "python library reference under the name "Tkinter reference: a GUI for Python", but after sending an email to them (I wanted to participate with some suggestions) I didn't get any response, So I thought that it is like a dead project, for this reason why I asked for an alternative. Sorry if my first message was not so clear -- From: Tutor on behalf of Alan Gauld via Tutor Sent: Friday, October 6, 2017 10:05:27 AM To: tutor@python.org Subject: Re: [Tutor] Tkinter's Documentation ** On 05/10/17 17:38, adil gourinda wrote: > Where can i find the reference documentation of "Tkinter" Tkinter is a module, not part of the language, so it is documented in the modules section. But the documentation is not 100% complete and for details you often need to look at the Tk/Tcl documentation too. Also there are several Tkinter web sites that offer additional information. One of the official web pages has links to them. This is probably the most comprehensive: [1]https://infohost.nmt.edu/tcc/help/pubs/tkinter/web/index.html And there is a PDF link on their web page. -- Alan G Author of the Learn to Program web site [2]http://www.alan-g.me.uk/ [3]http://www.amazon.com/author/alan_gauld Follow my photo-blog on Flickr at: [4]http://www.flickr.com/photos/alangauldphotos ___ Tutor maillist** -** Tutor@python.org To unsubscribe or change subscription options: [5]https://mail.python.org/mailman/listinfo/tutor References Visible links 1. https://infohost.nmt.edu/tcc/help/pubs/tkinter/web/index.html 2. http://www.alan-g.me.uk/ 3. http://www.amazon.com/author/alan_gauld 4. http://www.flickr.com/photos/alangauldphotos 5. https://mail.python.org/mailman/listinfo/tutor ___ Tutor maillist - Tutor@python.org To unsubscribe or change subscription options: https://mail.python.org/mailman/listinfo/tutor
Re: [Tutor] Tkinter's Documentation
This link exists in "python library reference under the name "Tkinter reference: a GUI for Python", but after sending an email to them (I wanted to participate with some suggestions) I didn't get any response, So I thought that it is like a dead project, for this reason why I asked for an alternative. Sorry if my first message was not so clear From: Tutor on behalf of Alan Gauld via Tutor Sent: Friday, October 6, 2017 10:05:27 AM To: tutor@python.org Subject: Re: [Tutor] Tkinter's Documentation On 05/10/17 17:38, adil gourinda wrote: > Where can i find the reference documentation of "Tkinter" Tkinter is a module, not part of the language, so it is documented in the modules section. But the documentation is not 100% complete and for details you often need to look at the Tk/Tcl documentation too. Also there are several Tkinter web sites that offer additional information. One of the official web pages has links to them. This is probably the most comprehensive: https://infohost.nmt.edu/tcc/help/pubs/tkinter/web/index.html And there is a PDF link on their web page. -- Alan G Author of the Learn to Program web site http://www.alan-g.me.uk/ http://www.amazon.com/author/alan_gauld Follow my photo-blog on Flickr at: http://www.flickr.com/photos/alangauldphotos ___ Tutor maillist - Tutor@python.org To unsubscribe or change subscription options: https://mail.python.org/mailman/listinfo/tutor ___ Tutor maillist - Tutor@python.org To unsubscribe or change subscription options: https://mail.python.org/mailman/listinfo/tutor
Re: [Tutor] ctypes wintypes
On Fri, Oct 6, 2017 at 7:26 PM, Michael C
wrote:
>
> I started out with what you gave me:
>
[...]
>
> I am trying to acquire "lpMinimumApplicationAddress" and
> "lpMaximumApplicationAddress" from system_info, so I did this,
>
>>code
> Kernel32 = ctypes.WinDLL('kernel32', use_last_error=True)
> Kernel32.GetSystemInfo(LPSYSTEM_INFO)
> print(LPLPSYSTEM_INFO.lpMinimumApplicationAddress)
It's the same pattern as before. Create a SYSTEM_INFO instance, which
allocates the block of memory for the information, and pass
GetSystemInfo a pointer. For example:
kernel32 = ctypes.WinDLL('kernel32', use_last_error=True)
kernel32.GetSystemInfo.restype = None
kernel32.GetSystemInfo.argtypes = (LPSYSTEM_INFO,)
sysinfo = SYSTEM_INFO()
kernel32.GetSystemInfo(ctypes.byref(sysinfo))
Here are the minimum and maximum addresses for a 64-bit process,
formatted in hexadecimal:
>>> hex(sysinfo.lpMinimumApplicationAddress)
'0x1'
>>> hex(sysinfo.lpMaximumApplicationAddress)
'0x7ffe'
___
Tutor maillist - Tutor@python.org
To unsubscribe or change subscription options:
https://mail.python.org/mailman/listinfo/tutor
Re: [Tutor] ctypes wintypes
On Fri, Oct 6, 2017 at 7:43 PM, Michael C wrote: > Sorry but I dont understand this line: > > mbi = MEMORY_BASIC_INFORMATION() > > This creates a instance of the class? Yes, and this allocates sizeof(MEMORY_BASIC_INFORMATION) bytes at addressof(mbi), which you pass to a function by reference via byref(mbi). > Also, I thought with VirtualQueryEx, what you need for it > is a handle, which I acquire from this > Process = Kernel32.OpenProcess(PROCESS_QUERY_INFORMATION|PROCESS_VM_READ, > False, PID) My example called VirtualQuery, not VirtualQueryEx. Internally VirtualQuery calls VirtualQueryEx using the pseudo handle (HANDLE)(-1), which refers to the current process. > and then feed it to the function like so: > > VirtualQuery(Process, ctypes.byref(mbi), ctypes.sizeof(mbi)) > > I know it doesn't work. But what are these lines for? They don't look like > handle to me: > > VirtualQuery = kernel32.VirtualQuery > VirtualQuery.restype = SIZE_T > VirtualQuery.argtypes = (LPVOID, PMEMORY_BASIC_INFORMATION, SIZE_T) In the above, I'm setting the function pointer's argtypes attribute to the types of the 3 parameters that VirtualQuery takes: the target address (i.e. LPVOID), a pointer to the buffer (i.e. PMEMORY_BASIC_INFORMATION), and the size of the buffer (SIZE_T). This is to allow ctypes to correctly check and convert arguments passed to the function. VirtualQueryEx has four parameters, starting with the handle to the target process, hProcess. The remaining 3 are the same as VirtualQuery. ___ Tutor maillist - Tutor@python.org To unsubscribe or change subscription options: https://mail.python.org/mailman/listinfo/tutor
Re: [Tutor] Tkinter's Documentation
On 6 Oct 2017 7:41 pm, adil gourinda wrote: Thanks, Now it is more clear, So I have to wait for the next version of tkinter if I want someone to listen to me. Not at all, as I said, there is an active developers list. They will listen and advise whether it's something you can do, or something that can be changed in Tkinter or something you need to talk to the Tcl/Tk developers about. Alan g. -- From: Alan Gauld Sent: Friday, October 6, 2017 1:39:14 PM To: adil gourinda Cc: tutor@python.org Subject: Re: [Tutor] Tkinter's Documentation Tkinter is very much alive and has an active developers list. However Tkinter is just a wrapper around Tcl/Tk so there is only activity in Tkinter when there is something new in Tk. But both projects are going strong. On 6 Oct 2017 12:45 pm, adil gourinda wrote: This link exists in "python library reference under the name "Tkinter reference: a GUI for Python", but after sending an email to them (I wanted to participate with some suggestions) I didn't get any response, So I thought that it is like a dead project, for this reason why I asked for an alternative. Sorry if my first message was not so clear -- From: Tutor on behalf of Alan Gauld via Tutor Sent: Friday, October 6, 2017 10:05:27 AM To: tutor@python.org Subject: Re: [Tutor] Tkinter's Documentation On 05/10/17 17:38, adil gourinda wrote: > Where can i find the reference documentation of "Tkinter" Tkinter is a module, not part of the language, so it is documented in the modules section. But the documentation is not 100% complete and for details you often need to look at the Tk/Tcl documentation too. Also there are several Tkinter web sites that offer additional information. One of the official web pages has links to them. This is probably the most comprehensive: [1]https://infohost.nmt.edu/tcc/help/pubs/tkinter/web/index.html And there is a PDF link on their web page. -- Alan G Author of the Learn to Program web site [2]http://www.alan-g.me.uk/ [3]http://www.amazon.com/author/alan_gauld Follow my photo-blog on Flickr at: [4]http://www.flickr.com/photos/alangauldphotos ___ Tutor maillist - Tutor@python.org To unsubscribe or change subscription options: [5]https://mail.python.org/mailman/listinfo/tutor References Visible links 1. https://infohost.nmt.edu/tcc/help/pubs/tkinter/web/index.html 2. http://www.alan-g.me.uk/ 3. http://www.amazon.com/author/alan_gauld 4. http://www.flickr.com/photos/alangauldphotos 5. https://mail.python.org/mailman/listinfo/tutor ___ Tutor maillist - Tutor@python.org To unsubscribe or change subscription options: https://mail.python.org/mailman/listinfo/tutor
Re: [Tutor] Tkinter's Documentation
Thanks, Now it is more clear, So I have to wait for the next version of tkinter if I want someone to listen to me. From: Alan Gauld Sent: Friday, October 6, 2017 1:39:14 PM To: adil gourinda Cc: tutor@python.org Subject: Re: [Tutor] Tkinter's Documentation Tkinter is very much alive and has an active developers list. However Tkinter is just a wrapper around Tcl/Tk so there is only activity in Tkinter when there is something new in Tk. But both projects are going strong. On 6 Oct 2017 12:45 pm, adil gourinda wrote: This link exists in "python library reference under the name "Tkinter reference: a GUI for Python", but after sending an email to them (I wanted to participate with some suggestions) I didn't get any response, So I thought that it is like a dead project, for this reason why I asked for an alternative. Sorry if my first message was not so clear From: Tutor on behalf of Alan Gauld via Tutor Sent: Friday, October 6, 2017 10:05:27 AM To: tutor@python.org Subject: Re: [Tutor] Tkinter's Documentation On 05/10/17 17:38, adil gourinda wrote: > Where can i find the reference documentation of "Tkinter" Tkinter is a module, not part of the language, so it is documented in the modules section. But the documentation is not 100% complete and for details you often need to look at the Tk/Tcl documentation too. Also there are several Tkinter web sites that offer additional information. One of the official web pages has links to them. This is probably the most comprehensive: https://infohost.nmt.edu/tcc/help/pubs/tkinter/web/index.html And there is a PDF link on their web page. -- Alan G Author of the Learn to Program web site http://www.alan-g.me.uk/ http://www.amazon.com/author/alan_gauld Follow my photo-blog on Flickr at: http://www.flickr.com/photos/alangauldphotos ___ Tutor maillist - Tutor@python.org To unsubscribe or change subscription options: https://mail.python.org/mailman/listinfo/tutor ___ Tutor maillist - Tutor@python.org To unsubscribe or change subscription options: https://mail.python.org/mailman/listinfo/tutor
Re: [Tutor] ctypes wintypes
Sorry but I dont understand this line:
mbi = MEMORY_BASIC_INFORMATION()
This creates a instance of the class?
Also, I thought with VirtualQueryEx, what you need for it
is a handle, which I acquire from this
Process = Kernel32.OpenProcess(PROCESS_QUERY_INFORMATION|PROCESS_VM_READ,
False, PID)
and then feed it to the function like so:
VirtualQuery(Process, ctypes.byref(mbi), ctypes.sizeof(mbi))
I know it doesn't work. But what are these lines for? They don't look like
handle to me:
VirtualQuery = kernel32.VirtualQuery
VirtualQuery.restype = SIZE_T
VirtualQuery.argtypes = (LPVOID, PMEMORY_BASIC_INFORMATION, SIZE_T)
thanks !
On Thu, Oct 5, 2017 at 1:13 PM, eryk sun wrote:
> On Thu, Oct 5, 2017 at 8:27 PM, Michael C
> wrote:
> >
> > How do I see the values of each field? This doesn't work.
> >
> > print(PMEMORY_BASIC_INFORMATION.Protect)
>
> Create an instance of MEMORY_BASIC_INFORMATION and pass a pointer to
> it via byref(). For example, the following queries the region of
> memory of the VirtualQuery function itself.
>
> kernel32 = ctypes.WinDLL('kernel32', use_last_error=True)
>
> MEM_COMMIT = 0x1000
> PAGE_EXECUTE_READ = 0x20
> PAGE_EXECUTE_WRITECOPY = 0x80
>
> VirtualQuery = kernel32.VirtualQuery
> VirtualQuery.restype = SIZE_T
> VirtualQuery.argtypes = (LPVOID, PMEMORY_BASIC_INFORMATION, SIZE_T)
>
> mbi = MEMORY_BASIC_INFORMATION()
> VirtualQuery(VirtualQuery, ctypes.byref(mbi), ctypes.sizeof(mbi))
>
> >>> mbi.AllocationBase == kernel32._handle
> True
> >>> mbi.AllocationProtect == PAGE_EXECUTE_WRITECOPY
> True
> >>> mbi.BaseAddress
> 140703181352960
> >>> mbi.RegionSize
> 364544
> >>> mbi.State == MEM_COMMIT
> True
> >>> mbi.Protect == PAGE_EXECUTE_READ
> True
>
___
Tutor maillist - Tutor@python.org
To unsubscribe or change subscription options:
https://mail.python.org/mailman/listinfo/tutor
Re: [Tutor] ctypes wintypes
Hi Eryk Sun:
I started out with what you gave me:
>code starts
class SYSTEM_INFO(ctypes.Structure):
"""https://msdn.microsoft.com/en-us/library/ms724958""";
class _U(ctypes.Union):
class _S(ctypes.Structure):
_fields_ = (('wProcessorArchitecture', WORD),
('wReserved', WORD))
_fields_ = (('dwOemId', DWORD), # obsolete
('_s', _S))
_anonymous_ = ('_s',)
_fields_ = (('_u', _U),
('dwPageSize', DWORD),
('lpMinimumApplicationAddress', LPVOID),
('lpMaximumApplicationAddress', LPVOID),
('dwActiveProcessorMask', DWORD_PTR),
('dwNumberOfProcessors',DWORD),
('dwProcessorType', DWORD),
('dwAllocationGranularity', DWORD),
('wProcessorLevel',WORD),
('wProcessorRevision', WORD))
_anonymous_ = ('_u',)
LPSYSTEM_INFO = ctypes.POINTER(SYSTEM_INFO)
> code ends
I am trying to acquire "lpMinimumApplicationAddress" and
"lpMaximumApplicationAddress" from system_info, so I did this,
>code
Kernel32 = ctypes.WinDLL('kernel32', use_last_error=True)
Kernel32.GetSystemInfo(LPSYSTEM_INFO)
print(LPLPSYSTEM_INFO.lpMinimumApplicationAddress)
>code ends
and then it says
Traceback (most recent call last):
File "C:/Users/AwesomeGuy/Google Drive/My life of hacking/SWTOR/mah
scanner/with_eryk_sun_s_help_peace by peace.py", line 55, in
Kernel32.GetSystemInfo(LPSYSTEM_INFO)
ctypes.ArgumentError: argument 1: : Don't know how to
convert parameter 1
thanks for reading!
On Thu, Oct 5, 2017 at 1:13 PM, eryk sun wrote:
> On Thu, Oct 5, 2017 at 8:27 PM, Michael C
> wrote:
> >
> > How do I see the values of each field? This doesn't work.
> >
> > print(PMEMORY_BASIC_INFORMATION.Protect)
>
> Create an instance of MEMORY_BASIC_INFORMATION and pass a pointer to
> it via byref(). For example, the following queries the region of
> memory of the VirtualQuery function itself.
>
> kernel32 = ctypes.WinDLL('kernel32', use_last_error=True)
>
> MEM_COMMIT = 0x1000
> PAGE_EXECUTE_READ = 0x20
> PAGE_EXECUTE_WRITECOPY = 0x80
>
> VirtualQuery = kernel32.VirtualQuery
> VirtualQuery.restype = SIZE_T
> VirtualQuery.argtypes = (LPVOID, PMEMORY_BASIC_INFORMATION, SIZE_T)
>
> mbi = MEMORY_BASIC_INFORMATION()
> VirtualQuery(VirtualQuery, ctypes.byref(mbi), ctypes.sizeof(mbi))
>
> >>> mbi.AllocationBase == kernel32._handle
> True
> >>> mbi.AllocationProtect == PAGE_EXECUTE_WRITECOPY
> True
> >>> mbi.BaseAddress
> 140703181352960
> >>> mbi.RegionSize
> 364544
> >>> mbi.State == MEM_COMMIT
> True
> >>> mbi.Protect == PAGE_EXECUTE_READ
> True
>
___
Tutor maillist - Tutor@python.org
To unsubscribe or change subscription options:
https://mail.python.org/mailman/listinfo/tutor
Re: [Tutor] ctypes wintypes
Hi all:
How do I create a buffer, or rather, is a buffer just a variable?
How do I create a pointer to it?
This code ran fine (thanks to you, Eryk, I now know about how to work
VirtualQueryEx work)
until when I ran the read process memory part.
I think I am not feeding the function properly.
Please look at the red part of this code
Thanks!
>code starts here
mbi = MEMORY_BASIC_INFORMATION()
sysinfo.lpMinimumApplicationAddress
print('VirtualQueryEx ran properly?',Kernel32.VirtualQueryEx(Process, \
sysinfo.lpMinimumApplicationAddress,
ctypes.byref(mbi),ctypes.sizeof(mbi)))
print('')
print('mbi start')
print('mbi.BaseAddress: ',mbi.BaseAddress)
print('mbi.AllocationBase: ',mbi.AllocationBase)
print('mbi.AllocationProtect: ',mbi.AllocationProtect)
print('mbi.RegionSize: ',mbi.RegionSize)
print('mbi.State: ',mbi.State)
print('mbi.Protect: ', mbi.Protect)
print('mbi.Type: ',mbi.Type)
buffer = ctypes.create_string_buffer(4)
bufferSize = (ctypes.sizeof(buffer))
ReadProcessMemory = Kernel32.ReadProcessMemory
if ReadProcessMemory(Process, ctypes.byref(mbi), buffer, bufferSize, None):
print('buffer is: ',buffer)
else:
print('something is wrong')
On Fri, Oct 6, 2017 at 12:03 PM, eryk sun wrote:
> On Fri, Oct 6, 2017 at 7:43 PM, Michael C
> wrote:
> > Sorry but I dont understand this line:
> >
> > mbi = MEMORY_BASIC_INFORMATION()
> >
> > This creates a instance of the class?
>
> Yes, and this allocates sizeof(MEMORY_BASIC_INFORMATION) bytes at
> addressof(mbi), which you pass to a function by reference via
> byref(mbi).
>
> > Also, I thought with VirtualQueryEx, what you need for it
> > is a handle, which I acquire from this
> > Process = Kernel32.OpenProcess(PROCESS_QUERY_INFORMATION|PROCESS_VM_
> READ,
> > False, PID)
>
> My example called VirtualQuery, not VirtualQueryEx. Internally
> VirtualQuery calls VirtualQueryEx using the pseudo handle
> (HANDLE)(-1), which refers to the current process.
>
> > and then feed it to the function like so:
> >
> > VirtualQuery(Process, ctypes.byref(mbi), ctypes.sizeof(mbi))
> >
> > I know it doesn't work. But what are these lines for? They don't look
> like
> > handle to me:
> >
> > VirtualQuery = kernel32.VirtualQuery
> > VirtualQuery.restype = SIZE_T
> > VirtualQuery.argtypes = (LPVOID, PMEMORY_BASIC_INFORMATION, SIZE_T)
>
> In the above, I'm setting the function pointer's argtypes attribute to
> the types of the 3 parameters that VirtualQuery takes: the target
> address (i.e. LPVOID), a pointer to the buffer (i.e.
> PMEMORY_BASIC_INFORMATION), and the size of the buffer (SIZE_T). This
> is to allow ctypes to correctly check and convert arguments passed to
> the function.
>
> VirtualQueryEx has four parameters, starting with the handle to the
> target process, hProcess. The remaining 3 are the same as
> VirtualQuery.
>
___
Tutor maillist - Tutor@python.org
To unsubscribe or change subscription options:
https://mail.python.org/mailman/listinfo/tutor
Re: [Tutor] ctypes wintypes
On Fri, Oct 6, 2017 at 9:12 PM, Michael C
wrote:
>
> How do I create a buffer, or rather, is a buffer just a variable?
A buffer is a block of memory for an I/O operation. For example, if
you need to read a 4-byte (32-bit) integer at an address in another
process, the 'buffer' could be ctypes.c_int32(). In general, to read
an arbitrary-sized block of memory, use ctypes.create_string_buffer()
to create a char array.
> How do I create a pointer to it?
Pass it byref().
> print('mbi.State: ',mbi.State)
Check whether mbi.State is MEM_COMMIT before trying to read it. If
it's MEM_FREE or MEM_RESERVE, then ReadProcessMemory will fail.
> buffer = ctypes.create_string_buffer(4)
> bufferSize = (ctypes.sizeof(buffer))
>
> ReadProcessMemory = Kernel32.ReadProcessMemory
>
> if ReadProcessMemory(Process, ctypes.byref(mbi), buffer, bufferSize, None):
> print('buffer is: ',buffer)
> else:
> print('something is wrong')
Don't print "something is wrong". You're capturing the thread's last
error value, so use it to raise an informative exception. For example:
if not success:
raise ctypes.WinError(ctypes.get_last_error())
___
Tutor maillist - Tutor@python.org
To unsubscribe or change subscription options:
https://mail.python.org/mailman/listinfo/tutor
Re: [Tutor] ctypes wintypes
On Fri, Oct 6, 2017 at 10:06 PM, Michael C
wrote:
> like this?
>
> buffer = ctypes.byref(ctypes.create_string_buffer(4))
No, the buffer is the array created by create_string_buffer, which you
pass byref(). In the following example I create a `test` buffer that
contains "spam", and I use the pseudo-handle from GetCurrentProcess
with ReadProcessMemory to read this buffer into a target `buffer`.
It's silly to do this in the current process, but it's just an
example.
import ctypes
from ctypes.wintypes import HANDLE, LPVOID
kernel32 = ctypes.WinDLL('kernel32', use_last_error=True)
SIZE_T = ctypes.c_size_t
LPSIZE_T = ctypes.POINTER(SIZE_T)
kernel32.GetCurrentProcess.restype = HANDLE
kernel32.ReadProcessMemory.argtypes = (HANDLE, LPVOID,
LPVOID, SIZE_T, LPSIZE_T)
hProcess = kernel32.GetCurrentProcess()
test = ctypes.create_string_buffer(b'spam')
address = ctypes.addressof(test)
buffer = ctypes.create_string_buffer(4)
nread = SIZE_T()
success = kernel32.ReadProcessMemory(hProcess, address,
ctypes.byref(buffer), ctypes.sizeof(buffer),
ctypes.byref(nread))
if not success:
raise ctypes.WinError(ctypes.get_last_error())
print(buffer[:])
___
Tutor maillist - Tutor@python.org
To unsubscribe or change subscription options:
https://mail.python.org/mailman/listinfo/tutor
Re: [Tutor] ctypes wintypes
On Fri, Oct 6, 2017 at 10:26 PM, Michael C
wrote:
>
> base = mbi.BaseAddress
> buffer = ctypes.c_int32()
> buffer_pointer = ctypes.byref(buffer)
> ReadProcessMemory = Kernel32.ReadProcessMemory
>
> if ReadProcessMemory(Process, base, buffer_pointer, mbi.RegionSize, None):
> print('buffer is: ',buffer)
> else:
> raise ctypes.WinError(ctypes.get_last_error())
If you need to read RegionSize bytes, then you have to allocate a
buffer that's RegionSize bytes:
buffer = ctypes.create_string_buffer(mbi.RegionSize)
Or use a smaller buffer and loop until the total number of bytes read
is RegionSize.
Also, remember to check that the state is MEM_COMMIT. You cannot read
an address range that's free or reserved. It must be committed, i.e.
backed by physical storage.
___
Tutor maillist - Tutor@python.org
To unsubscribe or change subscription options:
https://mail.python.org/mailman/listinfo/tutor
Re: [Tutor] ctypes wintypes
On Fri, Oct 6, 2017 at 11:05 PM, Michael C wrote: > For this read process memory, if I am trying compose a LPCVOID > lpBaseAddress, am I not making a variable that equals to mbi.BaseAddress, > and then making a pointer pointing to it? > > start_address = mbi.BaseAddress > LPCVOID = ctypes.byref(start_address) LPCVOID is a pointer type; don't use it as a variable name because it's confusing to someone who's reading your code. The `BaseAddress` field is an LPVOID, which is an alias for ctypes.c_void_p. Simple C types such as c_void_p are automatically converted to Python native types such as int, bytes, and str. It's fine that mbi.BaseAddress is a Python int. With argtypes defined for ReadProcessMemory, ctypes will convert the int back to a void pointer for you automatically. ___ Tutor maillist - Tutor@python.org To unsubscribe or change subscription options: https://mail.python.org/mailman/listinfo/tutor
