API tools faq
paste
Guest User

Untitled

a guest
Nov 17th, 2018
124
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Python 2.50 KB | None | 0 0
raw download clone embed print report
  1. from ctypes import *
  2. from my_debugger_defines import *
  3.  
  4. kernel32 = windll.kernel32
  5. class debugger():
  6.     def __init__(self):
  7.         self.h_process = None
  8.         self.pid = None
  9.         self.debugger_active = False
  10.        
  11.     def load(self,path_to_exe):
  12. # dwCreation flag determines how to create the process
  13. # set creation_flags = CREATE_NEW_CONSOLE if you want
  14. # to see the calculator GUI
  15. creation_flags = DEBUG_PROCESS
  16. # instantiate the structs
  17. startupinfo = STARTUPINFO()
  18. process_information = PROCESS_INFORMATION()
  19. # The following two options allow the started process
  20. # to be shown as a separate window. This also illustrates
  21. # how different settings in the STARTUPINFO struct can affect
  22. # the debuggee.
  23. startupinfo.dwFlags = 0x1
  24. startupinfo.wShowWindow = 0x0
  25. # We then initialize the cb variable in the STARTUPINFO struct
  26. # which is just the size of the struct itself
  27. startupinfo.cb = sizeof(startupinfo)
  28. if kernel32.CreateProcessA(path_to_exe,
  29. None,
  30. None,
  31. None,
  32. None,
  33. creation_flags,
  34. None,
  35. None,
  36. byref(startupinfo),
  37. byref(process_information)):
  38. print "[*] We have successfully launched the process!"
  39. print "[*] PID: %d" % process_information.dwProcessId
  40. else:
  41. print "[*] Error: 0x%08x." % kernel32.GetLastError()
  42.  
  43.     def open_process(self,pid):
  44.         h_process = kernel32.OpenProcess(PROCESS_ALL_ACCESS,pid,False)
  45.         return h_process
  46.    
  47.     def attach(self,pid):
  48.         self.h_process = self.open_process(pid)
  49.         if kernel32.DebugActiveProcess(pid):
  50.             self.debugger_active = True
  51.             self.pid = int(pid)
  52.             self.run()
  53.         else:
  54.             print "[*] Unable to attach to the process."
  55.            
  56.     def run(self):
  57.         while self.debugger_active == True:
  58.             self.get_debug_event()
  59.  
  60.     def get_debug_event(self):
  61.         debug_event = DEBUG_EVENT()
  62.         continue_status= DBG_CONTINUE
  63.         if kernel32.WaitForDebugEvent(byref(debug_event),INFINITE):
  64.             raw_input("Press a key to continue...")
  65.             self.debugger_active = False
  66.             kernel32.ContinueDebugEvent( \
  67.                                          debug_event.dwProcessId, \
  68.                                          debug_event.dwThreadId, \
  69.                                         continue_status )
  70.     def detach(self):
  71.         if kernel32.DebugActiveProcessStop(self.pid):
  72.             print "[*] Finished debugging. Exiting..."
  73.             return True
  74.         else:
  75.             print "There was an error"
  76.             return False
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!