forked from skelsec/pypykatz
-
Notifications
You must be signed in to change notification settings - Fork 0
/
debugfile.py
96 lines (80 loc) · 2.16 KB
/
debugfile.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
import sys
import traceback
import asyncio
from pypykatz.pypykatz import pypykatz
from pypykatz.apypykatz import apypykatz
class DebugFile:
def __init__(self, filename):
self.filename = filename
self.fh = open(self.filename, 'rb')
self.reads = []
self.total_read = 0
def read(self, n = -1):
#print('READ %s' % n)
self.reads.append((self.fh.tell(), n))
self.total_read += n
#if n > 1024*40:
# print('READ %s' % n)
# traceback.print_stack()
# input()
return self.fh.read(n)
def seek(self, n, whence = 0):
#print('SEEK %s %s' % (n, whence))
return self.fh.seek(n, whence)
def tell(self):
return self.fh.tell()
class ADebugFile:
def __init__(self, filename):
self.filename = filename
self.fh = open(self.filename, 'rb')
self.reads = []
self.total_read = 0
async def read(self, n = -1):
#print('READ %s' % n)
self.reads.append((self.fh.tell(), n))
self.total_read += n
#if n > 1024*40:
# print('READ %s' % n)
# traceback.print_stack()
# input()
return self.fh.read(n)
async def seek(self, n, whence = 0):
#print('SEEK %s %s' % (n, whence))
return self.fh.seek(n, whence)
def tell(self):
return self.fh.tell()
async def amain():
for chk in [512,1024,5*1024,10*1024,20*1024,50*1024]:
f = ADebugFile(sys.argv[1])
mimi = await apypykatz.parse_minidump_external(f, chunksize=chk, packages=['all'])
res = sorted(f.reads, key=lambda x: x[0])
i = 0
for pos, n in res:
#print('READ: %s %s' % (pos, n))
if n < 1024:
i += 1
print('chk : %s' % chk)
print('reads: %s' % len(f.reads))
print('small reads: %s' % i)
print('total reads: %s' % (f.total_read))
print('')
print('DONE!')
def main():
for chk in [512,1024,5*1024,10*1024,20*1024,50*1024]:
f = DebugFile(sys.argv[1])
mimi = pypykatz.parse_minidump_external(f, chunksize=chk, packages=['all'])
res = sorted(f.reads, key=lambda x: x[0])
i = 0
for pos, n in res:
#print('READ: %s %s' % (pos, n))
if n < 1024:
i += 1
print('chk : %s' % chk)
print('reads: %s' % len(f.reads))
print('small reads: %s' % i)
print('total reads: %s' % (f.total_read))
print('')
print('DONE!')
if __name__ == '__main__':
#main()
asyncio.run(amain())