Skip to content

[!] Failed to inject DLL, exit... 5 #2

New issue
New issue
Open
Open
[!] Failed to inject DLL, exit... 5#2
@AndrewZheng-AI

Description

@AndrewZheng-AI
AndrewZheng-AI
opened on Jan 21, 2017

I met some stranger things

mysql code:
#!/usr/bin/python

Win32 DLL injector from Grey Hat Python

Minor formatting cleanups done...

import sys
from ctypes import *

print "DLL Injector implementation in Python"
print "Taken from Grey Hat Python"

'''
if (len(sys.argv) != 3):
print "Usage: %s " %(sys.argv[0])
print "Eg: %s 1111 C:\test\messagebox.dll" %(sys.argv[0])
sys.exit(0)
'''

PAGE_READWRITE = 0x04
PROCESS_ALL_ACCESS = ( 0x00F0000 | 0x00100000 | 0xFFF )
VIRTUAL_MEM = ( 0x1000 | 0x2000 )

kernel32 = windll.kernel32
#pid = sys.argv[1]
#dll_path = sys.argv[2]
pid = 2312
dll_path = "C:\Users\Administrator\Desktop\pyplugins\ZhudongFangyu\ImgWalk.dll"

dll_len = len(dll_path)

Get handle to process being injected...

h_process = kernel32.OpenProcess( PROCESS_ALL_ACCESS, False, int(pid) )

if not h_process:
print "[!] Couldn't get handle to PID: %s" %(pid)
print "[!] Are you sure %s is a valid PID?" %(pid)
sys.exit(0)

Allocate space for DLL path

arg_address = kernel32.VirtualAllocEx(h_process, 0, dll_len, VIRTUAL_MEM, PAGE_READWRITE)
print "arg_address: ", arg_address

Write DLL path to allocated space

written = c_int(0)
kernel32.WriteProcessMemory(h_process, arg_address, dll_path, dll_len, byref(written))

Resolve LoadLibraryA Address

h_kernel32 = kernel32.GetModuleHandleA("kernel32.dll")
h_loadlib = kernel32.GetProcAddress(h_kernel32, "LoadLibraryW")
print "LoadLibraryA: ", h_loadlib

Now we createRemoteThread with entrypoiny set to LoadLibraryA and pointer to DLL path as param

thread_id = c_ulong(0)

if not kernel32.CreateRemoteThread(h_process, None, 0, h_loadlib, arg_address, 0, byref(thread_id)):
print "[!] Failed to inject DLL, exit...", kernel32.GetLastError()
sys.exit(0)

print "[+] Remote Thread with ID 0x%08x created." %(thread_id.value)

when i run it, i get
DLL Injector implementation in Python
Taken from Grey Hat Python
arg_address: 49938432
LoadLibraryA: 1978878195
[!] Failed to inject DLL, exit... 5

i don't know what's wrong, can i get some tips?

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions