DLL injection using Ctype in python


#1

hello everyone
I’m trying do do dll injection using ctype in python , but the return value of this line of code is zero ctypes.windll.kenrel32.GetProcAddress(k32handle , "LoadLibraryA")

here is the code before I open process to inject :

import ctypes
kernel32 = ctypes.windll.kernel32
h_k32 = kernel32.GetModuleHandleA(“kernel32.dll”)
print "h_k32 = " + h_k32

lp_func = kernel32.GetProcAddress(h_k32 , “LoadLibraryA”)

print "lp_func = " + lp_func

the output is:

h_k32 = -780730368
lp_func = 0

can someone tell me what I’m doing wrong ?:sweat:
NOTE: I just did try the code above on other machine with same python version and worked,but still not working on my current machine !!

thank you


#2

I think you need to declare proper restype and argtypes for GetModuleHandle and GetProcAddress.
Anyway this answer worked for me: https://stackoverflow.com/questions/33779657/python-getmodulehandlew-oserror-winerror-126-the-specified-module-could-not-b/33780664#33780664

TLDR:

kernel32 = ctypes.WinDLL('kernel32', use_last_error=True)   
kernel32.GetProcAddress.restype = ctypes.c_void_p
kernel32.GetProcAddress.argtypes = (wintypes.HMODULE, wintypes.LPCSTR)

LoadLibAddy = kernel32.GetProcAddress(kernel32._handle, b'LoadLibraryA')
if not LoadLibAddy:
    raise ctypes.WinError(ctypes.get_last_error())

#3

C

Is this normal ? :thinking:


#4

Yup, this should be an address of the LoadLibraryA function.


#5

You should print them out in hex because it’d make more sense/readable. No one prints addresses in decimal.


#6

I appreciate your help, thank you


(system) #7

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.