如何修复python脚本以插入DLL?
我是新的DLL注入,我正在努力学习如何做到这一点。我从中找到了一个DLL注入器源代码。我尝试将代码从C翻译成python:如何修复python脚本以插入DLL?,python,x86-64,dll-injection,Python,X86 64,Dll Injection,我是新的DLL注入,我正在努力学习如何做到这一点。我从中找到了一个DLL注入器源代码。我尝试将代码从C翻译成python: from ctypes import * def dllinjector(processID, DLL_NAME): PROCESS_CREATE_THREAD = 0x0002 PROCESS_QUERY_INFORMATION = 0x0400 PROCESS_VM_OPERATION = 0x0008 PROCESS_VM_WRITE
from ctypes import *
def dllinjector(processID, DLL_NAME):
PROCESS_CREATE_THREAD = 0x0002
PROCESS_QUERY_INFORMATION = 0x0400
PROCESS_VM_OPERATION = 0x0008
PROCESS_VM_WRITE = 0x0020
PROCESS_VM_READ = 0x0010
openHandle = windll.kernel32.OpenProcess(PROCESS_CREATE_THREAD|
PROCESS_QUERY_INFORMATION|
PROCESS_VM_OPERATION|
PROCESS_VM_WRITE|
PROCESS_VM_READ, False, processID)
MEM_RESERVE = 0x00002000
MEM_COMMIT = 0x00001000
PAGE_READWRITE = 0x04
if not openHandle:
print("OpenProcess failed.")
return False
print("Successfully opened process.")
LoadLibAddy = windll.kernel32.GetProcAddress(windll.kernel32.GetModuleHandleW("kernel32.dll"), "LoadLibraryA");
# Allocate space in the process for the dll
RemoteString = windll.kernel32.VirtualAllocEx(openHandle, None, len(DLL_NAME), MEM_RESERVE | MEM_COMMIT, PAGE_READWRITE)
if not RemoteString:
print("VirtualAllocEx failed.")
return False
# Write the string name of the dll in the memory allocated
if not windll.kernel32.WriteProcessMemory(openHandle, RemoteString, DLL_NAME, len(DLL_NAME), None):
print("WriteProcessMemory failed.")
print(windll.kernel32.GetLastError())
return False
#Load the dll
#print(windll.kernel32.CreateRemoteThread(openHandle, None, None, LoadLibAddy, RemoteString, None, None))
windll.kernel32.CloseHandle(openHandle)
return True
def main():
processID = 18364
DLL_NAME = "mydll.dll"
#mydll = cdll.LoadLibrary('mydll.dll')
dllinjector(processID, DLL_NAME)
print("program completed.")
main()
我遇到的问题是,当我调用WriteProcessMemory时,它返回0。我已经阅读了文档,根据这些文档,如果出现错误,函数将返回0,并表示使用GetLastError函数获取更多信息。然而,当我调用GetLastError时,所有显示的都是0。另外,当我调用windell.kernel32.CreateRemoteThread(openHandle,None,None,LoadLibAddy,RemoteString,None,None)时,我试图将dll注入的程序(Calc.exe)崩溃(我假设这是因为WriteProcessMemory不工作,但我不确定)。如果有人能向我解释为什么WriteProcessMemory不工作,我将不胜感激。我尝试切换到32位应用程序,WriteProcessMemory现在可以工作了。但是CreateRemoteThread仍然会使程序崩溃。