-
Notifications
You must be signed in to change notification settings - Fork 2
/
test.py
44 lines (31 loc) · 937 Bytes
/
test.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
'''
Created on 08/02/2011
@author: Zhen
'''
import sys
print sys.path
import os
print os.path
import os
import time
import thread
import injection
import ctypes
from pydbg import pydbg
dbg = pydbg(False)
inject = injection.inject()
#thread.start_new_thread(dbg.load, (r"c:\windows\system32\calc.exe", None, True))
thread.start_new_thread(dbg.load, (r"c:\python27\python.exe", None, True))
while not dbg.pid:
time.sleep(0.01)
#dbg.pid = 0x11ac
#dbg.open_process(dbg.pid)
print dbg.pid, os.getcwd() + r"\bootstrap.dll"
base = inject.inject_dll(os.getcwd() + r"\bootstrap.dll", dbg.pid)
print "Injected"
#alternatively use base-local=delta
loader_path = dbg.func_resolve_debuggee("bootstrap.dll", "loader_path")
start_loader = dbg.func_resolve_debuggee("bootstrap.dll", "start_loader")
print start_loader
dbg.write(loader_path, ctypes.create_string_buffer(os.getcwd() + r"\loader.py"))
dbg.call_func(start_loader, dbg.pid)