Postulate: PYDLL is already loaded in target process
(target, code_injected, PYDLL)
| 303 | |
| 304 | |
| 305 | def inject_python_command(target, code_injected, PYDLL): |
| 306 | """Postulate: PYDLL is already loaded in target process""" |
| 307 | PYCODE = code_injected + "\x00" |
| 308 | # TODO: free this (how ? when ?) |
| 309 | remote_python_code_addr = target.virtual_alloc(len(PYCODE)) |
| 310 | target.write_memory(remote_python_code_addr, PYCODE) |
| 311 | shellcode_addr = getattr(target, "_execute_python_shellcode", None) |
| 312 | if shellcode_addr is not None: |
| 313 | return shellcode_addr, remote_python_code_addr |
| 314 | if target.bitness == 32: |
| 315 | shellcode_generator = generate_python_exec_shellcode_32 |
| 316 | else: |
| 317 | shellcode_generator = generate_python_exec_shellcode_64 |
| 318 | |
| 319 | shellcode = shellcode_generator(target, PYDLL) |
| 320 | shellcode_addr = target.virtual_alloc(len(shellcode)) |
| 321 | target.write_memory(shellcode_addr, shellcode) |
| 322 | target._execute_python_shellcode = shellcode_addr |
| 323 | return shellcode_addr, remote_python_code_addr |
| 324 | |
| 325 | def get_dll_name_from_python_version(): |
| 326 | version = sys.version_info |
no test coverage detected