PyQBDIPreload API
Introduction
PyQBDIPreload consists of two main components:
The QBDIPreload script included in the PyQBDI library. It will load the Python runtime and execute the user script in order to instrument the target.
An injector script called pyqbdipreload.py that sets up the environment variables to inject the library and the Python runtime.
Note
PyQBDIPreload has the same limitations as QBDIPreload and PyQBDI.
User callback
QBDIPreload steps
qbdipreload_on_start()
and qbdipreload_on_premain()
are not available on PyQBDIPreload.
The Python interpreter and the preloaded script are loaded while executing qbdipreload_on_main()
.
The pyqbdipreload_on_run()
method is called while executing qbdipreload_on_main()
.
The interpreter is shut down while executing qbdipreload_on_exit()
, after calling all the registered methods of
atexit module.
PyQBDIPreload script
You can use pyqbdipreload.py as follows:
$ python3 -m pyqbdipreload <script> <target> [<args> ...]
with:
script
: The Python scripttarget
: The binary you are targetingargs
: Argument(s) to be passed to the binary (if any)