def main(argv):
# Print the banner.
print "SelectMyParent: Start a program with a selected parent process"
print "by Mario Vilas (mvilas at gmail.com)"
print "based on a Didier Stevens tool (https://DidierStevens.com)"
print
# Check the command line arguments.
if len(argv) < 3:
script = os.path.basename(argv[0])
print " %s <pid> <process.exe> [arguments]" % script
return
# Request debug privileges.
system = System()
system.request_debug_privileges()
# Parse the parent process argument.
try:
dwParentProcessId = HexInput.integer(argv[1])
except ValueError:
dwParentProcessId = None
if dwParentProcessId is not None:
dwMyProcessId = win32.GetProcessId(win32.GetCurrentProcess())
if dwParentProcessId != dwMyProcessId:
system.scan_processes_fast()
if not system.has_process(dwParentProcessId):
print "Can't find process ID %d" % dwParentProcessId
return
else:
system.scan_processes()
process_list = system.find_processes_by_filename(argv[1])
if not process_list:
print "Can't find process %r" % argv[1]
return
if len(process_list) > 1:
print "Too many processes found:"
for process, name in process_list:
print "\t%d:\t%s" % (process.get_pid(), name)
return
dwParentProcessId = process_list[0][0].get_pid()
# Parse the target process argument.
filename = argv[2]
if not ntpath.exists(filename):
try:
filename = win32.SearchPath(None, filename, '.exe')[0]
except WindowsError, e:
print "Error searching for %s: %s" % (filename, str(e))
return
argv = list(argv)
argv[2] = filename
def main(argv):
# print(the banner.)
print("SelectMyParent: Start a program with a selected parent process")
print("by Mario Vilas (mvilas at gmail.com)")
print("based on a Didier Stevens tool (https://DidierStevens.com)")
print
# Check the command line arguments.
if len(argv) < 3:
script = os.path.basename(argv[0])
print(" %s <pid> <process.exe> [arguments]" % script)
return
# Request debug privileges.
system = System()
system.request_debug_privileges()
# Parse the parent process argument.
try:
dwParentProcessId = HexInput.integer(argv[1])
except ValueError:
dwParentProcessId = None
if dwParentProcessId is not None:
dwMyProcessId = win32.GetProcessId(win32.GetCurrentProcess())
if dwParentProcessId != dwMyProcessId:
system.scan_processes_fast()
if not system.has_process(dwParentProcessId):
print("Can't find process ID %d" % dwParentProcessId)
return
else:
system.scan_processes()
process_list = system.find_processes_by_filename(argv[1])
if not process_list:
print("Can't find process %r" % argv[1])
return
if len(process_list) > 1:
print("Too many processes found:")
for process, name in process_list:
print("\t%d:\t%s" % (process.get_pid(), name))
return
dwParentProcessId = process_list[0][0].get_pid()
# Parse the target process argument.
filename = argv[2]
if not ntpath.exists(filename):
try:
filename = win32.SearchPath(None, filename, '.exe')[0]
except WindowsError as e:
print("Error searching for %s: %s" % (filename, str(e)))
return
argv = list(argv)
argv[2] = filename
# Start the new process.
try:
process = system.start_process(system.argv_to_cmdline(argv[2:]),
bConsole=True,
bInheritHandles=True,
dwParentProcessId=dwParentProcessId)
dwProcessId = process.get_pid()
except AttributeError as e:
if "InitializeProcThreadAttributeList" in str(e):
print("This tool requires Windows Vista or above.")
else:
print("Error starting new process: %s" % str(e))
return
except WindowsError as e:
print("Error starting new process: %s" % str(e))
return
print("Process created: %d" % dwProcessId)
return dwProcessId