Python indexerror

时间:2016-03-25 17:48:36

标签: python dll-injection

在IDLE“运行模块”中运行时,我检索下面的错误。我尝试了很多不同的东西,但似乎什么都没有用!我只是在学习python,而且还不太了解.. 

print ("[+] Universal DLL Injector by Ckacmaster")
print ("[+] contact : If you know me then give me a shout")
print ("[+] usage: ./dll_injector.py <PID> <DLLPATH>")
print ("\n")

from ctypes import *
import sys,ctypes
import time
# Define constants we use
PAGE_RW_PRIV = 0x04
PROCESS_ALL_ACCESS = 0x1F0FFF
VIRTUAL_MEM = 0x3000

#CTYPES handler
kernel32 = windll.kernel32

def dll_inject(PID,DLL_PATH):
print ("[+] Starting DLL Injector")
LEN_DLL = len(DLL_PATH)# get the length of the DLL PATH 
print ("\t[+] Getting process handle for PID:%d ") % PID 
hProcess = kernel32.OpenProcess(PROCESS_ALL_ACCESS,False,PID)

if hProcess == None:
    print ("\t[+] Unable to get process handle")
    sys.exit(0)
print ("\t[+] Allocating space for DLL PATH")
DLL_PATH_ADDR = kernel32.VirtualAllocEx(hProcess, 
                                        0,
                                        LEN_DLL,
                                        VIRTUAL_MEM,
                                        PAGE_RW_PRIV)
bool_Written = c_int(0)
print ("\t[+] Writing DLL PATH to current process space")
kernel32.WriteProcessMemory(hProcess,
                            DLL_PATH_ADDR,
                            DLL_PATH,
                            LEN_DLL,
                            byref(bool_Written))
print ("\t[+] Resolving Call Specific functions & libraries")
kernel32DllHandler_addr = kernel32.GetModuleHandleA("kernel32")
print ("\t\t[+] Resolved kernel32 library at 0x%08x") % kernel32DllHandler_addr
LoadLibraryA_func_addr = kernel32.GetProcAddress(kernel32DllHandler_addr,"LoadLibraryA")
print ("\t\t[+] Resolve LoadLibraryA function at 0x%08x") %LoadLibraryA_func_addr

thread_id = c_ulong(0) # for our thread id
print ("\t[+] Creating Remote Thread to load our DLL")
if not kernel32.CreateRemoteThread(hProcess,
                            None,
                            0,
                            LoadLibraryA_func_addr,
                            DLL_PATH_ADDR,
                            0,
                            byref(thread_id)):
    print ("Injection Failed, exiting")
    sys.exit(0)
else:
    print ("Remote Thread 0x%08x created, DLL code injected") % thread_id.value
PID = int(sys.argv[1])
DLL_PATH = str(sys.argv[2])
dll_inject(PID, DLL_PATH)
time.sleep(5)
import subprocess

filepath=os.path.dirname(os.path.realpath(pid.cmd))
p = subprocess.Popen(filepath, shell=True, stdout = subprocess.PIPE)

stdout, stderr = p.communicate()
print p.returncode # is 0 if success

获得

  

追踪(最近的呼叫最后):
    文件“C:\ Users \ The Man \ Desktop \ dll.py”,第58行,中       PID = int(sys.argv [1])
  IndexError:列表索引超出范围`

1 个答案:

答案 0 :(得分:1)

此模块需要传递一些命令行参数,特别是作为第一个参数的PID和作为第二个参数的DLL的路径。这就是sys.argv[1]导致错误的原因; sys.argv存储程序参数,但它没有被传递,因此该数组只有1个元素(脚本名称)。

相反,打开命令提示符,输入此内容(将<PID><DLLPATH>替换为所需的值),然后按 Enter 

"C:\Users\The Man\Desktop\dll.py" <PID> <DLLPATH>

这将为脚本提供所需的参数。

相关问题
最新问题