Warning: file_get_contents(/data/phpspider/zhask/data//catemap/2/python/301.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
如何修复python脚本以插入DLL?_Python_X86 64_Dll Injection - Fatal编程技术网
Fatal编程技术网
  • python/
  • 如何修复python脚本以插入DLL?

如何修复python脚本以插入DLL?

python

如何修复python脚本以插入DLL?,python,x86-64,dll-injection,Python,X86 64,Dll Injection,我是新的DLL注入,我正在努力学习如何做到这一点。我从中找到了一个DLL注入器源代码。我尝试将代码从C翻译成python: from ctypes import * def dllinjector(processID, DLL_NAME): PROCESS_CREATE_THREAD = 0x0002 PROCESS_QUERY_INFORMATION = 0x0400 PROCESS_VM_OPERATION = 0x0008 PROCESS_VM_WRITE

我是新的DLL注入,我正在努力学习如何做到这一点。我从中找到了一个DLL注入器源代码。我尝试将代码从C翻译成python:

from ctypes import *

def dllinjector(processID, DLL_NAME):
    PROCESS_CREATE_THREAD = 0x0002
    PROCESS_QUERY_INFORMATION = 0x0400
    PROCESS_VM_OPERATION = 0x0008
    PROCESS_VM_WRITE = 0x0020
    PROCESS_VM_READ = 0x0010
    openHandle = windll.kernel32.OpenProcess(PROCESS_CREATE_THREAD|
                                             PROCESS_QUERY_INFORMATION|
                                             PROCESS_VM_OPERATION|
                                             PROCESS_VM_WRITE|
                                             PROCESS_VM_READ, False, processID)
    MEM_RESERVE = 0x00002000
    MEM_COMMIT = 0x00001000
    PAGE_READWRITE = 0x04

    if not openHandle:
        print("OpenProcess failed.")
        return False

    print("Successfully opened process.")

    LoadLibAddy = windll.kernel32.GetProcAddress(windll.kernel32.GetModuleHandleW("kernel32.dll"), "LoadLibraryA"); 

    # Allocate space in the process for the dll
    RemoteString = windll.kernel32.VirtualAllocEx(openHandle, None, len(DLL_NAME), MEM_RESERVE | MEM_COMMIT, PAGE_READWRITE)
    if not RemoteString:
        print("VirtualAllocEx failed.")
        return False

    # Write the string name of the dll in the memory allocated
    if not windll.kernel32.WriteProcessMemory(openHandle, RemoteString, DLL_NAME, len(DLL_NAME), None):
        print("WriteProcessMemory failed.")
        print(windll.kernel32.GetLastError())
        return False

    #Load the dll
    #print(windll.kernel32.CreateRemoteThread(openHandle, None, None, LoadLibAddy, RemoteString, None, None))

    windll.kernel32.CloseHandle(openHandle)

    return True

def main():
    processID = 18364
    DLL_NAME = "mydll.dll"

    #mydll = cdll.LoadLibrary('mydll.dll')

    dllinjector(processID, DLL_NAME)

    print("program completed.")

main()
我遇到的问题是,当我调用WriteProcessMemory时,它返回0。我已经阅读了文档,根据这些文档,如果出现错误,函数将返回0,并表示使用GetLastError函数获取更多信息。然而,当我调用GetLastError时,所有显示的都是0。另外,当我调用windell.kernel32.CreateRemoteThread(openHandle,None,None,LoadLibAddy,RemoteString,None,None)时,我试图将dll注入的程序(Calc.exe)崩溃(我假设这是因为WriteProcessMemory不工作,但我不确定)。如果有人能向我解释为什么WriteProcessMemory不工作,我将不胜感激。

我尝试切换到32位应用程序,WriteProcessMemory现在可以工作了。但是CreateRemoteThread仍然会使程序崩溃。