如何修复python脚本以插入DLL?

2024-09-23 10:28:27 发布

您现在位置:Python中文网/ 问答频道 /正文
921 3

我是新的DLL注入,我正在努力学习如何做。我从http://www.mpgh.net/forum/showthread.php?t=209479找到了一个DLL注入器源代码。我试着把代码从C翻译成python:

from ctypes import *

def dllinjector(processID, DLL_NAME):
    PROCESS_CREATE_THREAD = 0x0002
    PROCESS_QUERY_INFORMATION = 0x0400
    PROCESS_VM_OPERATION = 0x0008
    PROCESS_VM_WRITE = 0x0020
    PROCESS_VM_READ = 0x0010
    openHandle = windll.kernel32.OpenProcess(PROCESS_CREATE_THREAD|
                                             PROCESS_QUERY_INFORMATION|
                                             PROCESS_VM_OPERATION|
                                             PROCESS_VM_WRITE|
                                             PROCESS_VM_READ, False, processID)
    MEM_RESERVE = 0x00002000
    MEM_COMMIT = 0x00001000
    PAGE_READWRITE = 0x04

    if not openHandle:
        print("OpenProcess failed.")
        return False

    print("Successfully opened process.")

    LoadLibAddy = windll.kernel32.GetProcAddress(windll.kernel32.GetModuleHandleW("kernel32.dll"), "LoadLibraryA"); 

    # Allocate space in the process for the dll
    RemoteString = windll.kernel32.VirtualAllocEx(openHandle, None, len(DLL_NAME), MEM_RESERVE | MEM_COMMIT, PAGE_READWRITE)
    if not RemoteString:
        print("VirtualAllocEx failed.")
        return False

    # Write the string name of the dll in the memory allocated
    if not windll.kernel32.WriteProcessMemory(openHandle, RemoteString, DLL_NAME, len(DLL_NAME), None):
        print("WriteProcessMemory failed.")
        print(windll.kernel32.GetLastError())
        return False

    #Load the dll
    #print(windll.kernel32.CreateRemoteThread(openHandle, None, None, LoadLibAddy, RemoteString, None, None))

    windll.kernel32.CloseHandle(openHandle)

    return True

def main():
    processID = 18364
    DLL_NAME = "mydll.dll"

    #mydll = cdll.LoadLibrary('mydll.dll')

    dllinjector(processID, DLL_NAME)

    print("program completed.")

main()

我遇到的问题是,当我调用WriteProcessMemory时,它返回0。我已经阅读了这些文档,根据它们,如果出现错误,函数将返回0,并且它说要使用GetLastError函数来获取更多信息。但是,当我调用GetLastError时,显示的是0。还有,当我打电话的时候windll.kernel32号.CreateRemoteThread(openHandle,None,None,LoadLibAddy,RemoteString,None,None)我正试图将dll插入的程序(小算盘)崩溃(我假设是因为WriteProcessMemory不工作,但我不确定)。如果有人能向我解释为什么WriteProcessMemory不起作用,我将不胜感激。在


Tags: thenamenonefalsevmprocessdllprint
0条回答

目前没有回答

相关问题 更多 >

    编程相关推荐