zelos.threads module¶
-
class
zelos.threads.
ThreadState
¶ Bases:
enum.Enum
An enumeration.
-
UNKNOWN
= 0¶
-
RUNNING
= 1¶
-
SUCCESS
= 2¶
-
FAILURE
= 3¶
-
PAUSED
= 4¶
-
KILLED
= 5¶
-
-
exception
zelos.threads.
ThreadException
¶
-
exception
zelos.threads.
InvalidTidException
(tid)¶
-
class
zelos.threads.
Thread
(thread_manager, context, stack_base, stack_size, id, name=None, priority=0, parent=None, module_path=None, benign_code=False)¶ Bases:
object
Represents information regarding a thread of execution.
Remember, a thread is mostly its register state. This is contained in the Emu class, and as such, if you are interacting with a thread that is not “the current thread” you may not be changing the correct state. Remember to save_context and load_context where appropriate to ensure that your changes only effect the thread that you care about.
-
property
memory
¶
-
property
emu
¶
-
property
is_active
¶
-
get_reg
(reg_name: str) → int¶ Gets the value of the specified register for this thread.
- Parameters
reg_name – The name of the register to get the value of.
- Returns
An unsigned integer containing the value of the register.
-
set_reg
(reg_name: str, val: int) → None¶ Gets the value of the specified register for this thread.
- Parameters
reg_name – The name of the register to set.
val – The value to set the register to.
- Returns
An unsigned integer containing the value of the register.
-
getIP
() → int¶
-
setIP
(new_ip: int) → None¶
-
getSP
() → int¶
-
setSP
(new_sp: int) → None¶
-
getFP
() → int¶
-
setFP
(new_fp: int) → None¶
-
getstack
(idx: int) → int¶
-
setstack
(idx: int, val: int) → None¶
-
popstack
() → int¶
-
pushstack
(data: int) → int¶
-
get_all_regs
()¶
-
get_all_reg_vals
()¶
-
get_regs
(regs=None)¶
-
dumpregs
(regs=None)¶
-
pack
(x, bytes=None, little_endian=None, signed=False)¶
-
unpack
(x, bytes=None, little_endian=None, signed=False)¶
-
cleanup
(z)¶
-
save_context
()¶
-
load_context
()¶
-
print_stack
(sp=0, fp=0, top_count=5, bottom_count=10)¶
-
property
-
class
zelos.threads.
Threads
(emu, memory, stack_size)¶ Bases:
object
Handles the execution of multiple threads on the same memory.
This class should be manipulated through the process layer.
-
property
completed_threads
¶
-
property
failed_threads
¶
-
get_active_threads
() → List[zelos.threads.Thread]¶ Returns all active threads
-
is_current_thread
(t: zelos.threads.Thread) → bool¶ Returns True if “t” is the currently running thread.
- Parameters
t – The thread to check.
- Returns
True if “t” is currently running.
-
kill_thread
(tid: int) → None¶ Changes the state of the specified thread to KILLED
- Parameters
tid – The thread id of desired thread to kill
-
as_current_thread
(t: zelos.threads.Thread, closure: Callable[[], Any]) → Any¶ Executes the closure as if “t” was the current thread.
- Parameters
t – The thread to set active while executing the closure
closure – The function to execute
- Returns
The result of the closure.
-
record_block
(block_address)¶
-
block_seen_before
(block_address)¶ Returns true if the block address has been seen in the current thread before
-
num_unique_blocks
(thread_name=None)¶ Returns the number of unique blocks for the given thread. Returns unique blocks across threads if no thread name is given
-
executed_within_region
(begin_addr, end_addr, thread_names=None)¶ Returns all block starts within the specified region, executed by the specified threads. If no thread_names are specified, checks all threads
-
num_active_threads
() → int¶ Returns the number of threads that are still executing.
- Returns
Number of threads that are still executing
-
fail_current_thread
(fail_reason: Optional[str] = None) → None¶ Records the current thread as a failure and removes it from execution
- Parameters
fail_reason – Keeps track of why the thread failed. Used in debugging
-
complete_current_thread
() → None¶ Records the current thread as having completed successfully and removes it from execution
-
pause_current_thread
(condition: Optional[Callable[[], bool]] = None) → None¶ Pauses the thread until the condition closure is checked and it evaluates to true. If no condition is supplied, the thread is paused indefinitely.
- Parameters
condition – Evaluated periodically, if it ever returns True, unpauses the thread
-
new_thread
(start_addr: int, tid: int, name: Optional[str] = None, priority: int = 0, stack_setup=None, module_path: str = '????', benign_code: bool = False) → zelos.threads.Thread¶ Adds a thread which will run the thread_setup before starting.
-
create_thread
(start_addr, tid, stack_base, name=None, priority=0, stack_setup=None, module_path='????', benign_code=False) → zelos.threads.Thread¶
-
change_thread_priority
(thread_name, new_priority)¶ Change the priority of a thread
-
get_all_threads
() → List[zelos.threads.Thread]¶ Returns all threads, whether active or stopped
-
get_thread_by_name
(name: str) → Optional[zelos.threads.Thread]¶ Returns the first thread with the given name
-
get_thread
(tid)¶
-
get_threads
(names)¶ Returns threads that have a name within the given list. If names is None, returns all threads
-
get_child_threads
(tid: int) → List[zelos.threads.Thread]¶ Returns all threads with the given parent name
-
swap_with_thread
(name: Optional[str] = None, tid: Optional[int] = None) → None¶ Swaps the current thread with the first thread with the given name or thread id. Keep in mind, this will override the priority given to threads. You can only specify one of name or tid.
- Parameters
name – If specified, finds a thread by the name
tid – If specified, finds a thread with that thread id
-
swap_with_next_thread
() → None¶ Swaps the current thread with the next thread to execute. This respects priority, and will not swap if there is no thread of equal or greater priority
-
regs_to_save
= ('eax', 'ebp', 'ebx', 'ecx', 'edi', 'edx', 'flags', 'eip', 'esi', 'esp')¶
-
property