Skip to content

Commit 53b4e52

Browse files
williballenthinwilliballenthin
committed
update windows example
1 parent 965e041 commit 53b4e52

File tree

1 file changed

+2
-11
lines changed

1 file changed

+2
-11
lines changed

readme.md

Lines changed: 2 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -66,19 +66,10 @@ assert emu.rax == 0x0
6666
assert emu.rbx == 0x0
6767
```
6868

69-
Install TEB and PEB for Windows process emulation (useful for shellcode):
69+
Install TEB and PEB for Windows process emulation (useful for tracing shellcode), and then load a PE file:
7070
```python
71-
# Thread Environment Block (TEB)
72-
teb_addr = ucutils.plat.win64.map_teb(emu)
71+
ucutils.plat.win64.map_teb(emu)
7372

74-
# Process Environment Block (PEB)
75-
peb_addr = ucutils.plat.win64.map_peb(emu)
76-
77-
ucutils.arch.x64.set_fs(emu, teb_addr)
78-
```
79-
80-
Load a PE file:
81-
```python
8273
pe = pefile.PE(data=b"MZ...")
8374
ucutils.plat.win.load_dll(emu, {"filename": "payload.dll", "pe": pe})
8475

0 commit comments

Comments
 (0)