Python winappdbg getting process name from event object

Question

I'm developing a debugging automation system using https://github.com/MarioVilas/winappdbg.

I would like to retrieve process name from event object. Here is my code:

def EventHandler(event):
    print 'Inside event handler'
    # I want to print the  process name here, In this case which should be somefile.exe

debug = Debug( EventHandler, bKillOnExit = True )
proc = debug.execv(['c:\somefile.exe','arg'])
debug.loop()

score 1 · Accepted Answer · answered Mar 26 '17 at 04:26

1

The tool author answered my question on github : Here is the solution

We can do event.get_process().get_filename(), or if we want to be more fancy:

process = event.get_process()
name = process.get_filename()
print "Process: %s" % name

answered Mar 26 '17 at 04:26

Dev.K.

2,428
5
35
49

Python winappdbg getting process name from event object

1 Answers1