This codebase is born from my need to have IAT hooks implemented in Python. build_number '3.608' # windows.system also contains dynamic lists about processes / threads / handles /. product_type VER_NT_WORKSTATION ( 0x1 ) > windows. computer_name 'DESKTOP-VKUGISR' > windows. Information about the Windows computer running the script are available through the windows.system object. WindowsError : died during execution of python command > calc > calc. execute_python ( "exit(os.getpid() + 1)" ) # execute_python raise if process died Traceback ( most recent call last ). execute_python ( "import os" ) True > proc.
integrity SECURITY_MANDATORY_MEDIUM_RID ( 0x2000 ) > proc = > proc > proc. You can also make some operation on threads (suspend/resume/wait/get(or set) context/ kill) > import windows > windows. This involves relying on non-documented Windows functions/behaviours and also injecting code in the 64bits world of a Syswow64 process.Īll those operations are also available for the current_process. I try my best to make those features available for every cross-bitness processes ( 32 64 in both ways). Execute native and Python code in the context of a process.Explore the PEB (Process Environment Block).Perform basic interprocess operation (allocation, create thread, read/write memory).Retrieve basic process informations (pid, name, ppid, bitness.
PythonForWindows offers objects around processes and allows you to: You can also install PythonForWindows by cloning it and using the setup.py script:Īll the tests pass on master, but I did not test it heavily on real case.ĭo not hesitate report bugs and issues. PythonForWindows is available on Pypi an this can be installed with I am always glad to have feedbacks from people using this project. If you have any issue, question or suggestion do not hesitate to join the Gitter channel. PythonForWindows is principally known for its ALPC-RPC Client (see samples). You can find some examples of code in the samples directory or online. Let's say that the codebase evolves with my needs and my curiosity.Ĭomplete online documentation is available here Some of this code is clean (IMHO) and some parts are just a wreck that works for now. There is no external dependencies but it relies heavily on the ctypes module. It also tries to make the barrier between python and native execution thinner in both ways. Its goal is to offer abstractions around some of the OS features in a (I hope) pythonic way. PythonForWindows (PFW) is a base of code aimed to make interaction with Windows (on X86/X64) easier (for both 32 and 64 bits Python).
0 kommentar(er)
