FOX
October 21, 2018, 4:13pm
1
hello everyone
I’m trying do do dll injection using ctype in python , but the return value of this line of code is zero ctypes.windll.kenrel32.GetProcAddress(k32handle , "LoadLibraryA")
here is the code before I open process to inject :
import ctypes
kernel32 = ctypes.windll.kernel32
h_k32 = kernel32.GetModuleHandleA(“kernel32.dll”)
print "h_k32 = " + h_k32
lp_func = kernel32.GetProcAddress(h_k32 , “LoadLibraryA”)
print "lp_func = " + lp_func
the output is:
h_k32 = -780730368
lp_func = 0
can someone tell me what I’m doing wrong ?
NOTE: I just did try the code above on other machine with same python version and worked,but still not working on my current machine !!
thank you
1 Like
sir1ous
October 21, 2018, 10:19pm
2
I think you need to declare proper restype and argtypes for GetModuleHandle and GetProcAddress.
Anyway this answer worked for me: https://stackoverflow.com/questions/33779657/python-getmodulehandlew-oserror-winerror-126-the-specified-module-could-not-b/33780664#33780664
TLDR:
kernel32 = ctypes.WinDLL('kernel32', use_last_error=True)
kernel32.GetProcAddress.restype = ctypes.c_void_p
kernel32.GetProcAddress.argtypes = (wintypes.HMODULE, wintypes.LPCSTR)
LoadLibAddy = kernel32.GetProcAddress(kernel32._handle, b'LoadLibraryA')
if not LoadLibAddy:
raise ctypes.WinError(ctypes.get_last_error())
1 Like
sir1ous
October 21, 2018, 11:47pm
4
Yup, this should be an address of the LoadLibraryA function.
1 Like
dtm
October 21, 2018, 11:47pm
5
You should print them out in hex because it’d make more sense/readable. No one prints addresses in decimal.
3 Likes
FOX
October 22, 2018, 12:52am
6
I appreciate your help, thank you
system
(system)
Closed
October 25, 2018, 12:52am
7
This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.