def queue_initial_commands(self):
# Queue the attach commands, if needed
if self.options.attach:
cmd = 'attach %s' % self.join_tokens(self.options.attach)
self.cmdqueue.append(cmd)
# Queue the windowed commands, if needed
for argv in self.options.windowed:
cmdline = System.argv_to_cmdline(argv)
self.cmdqueue.append('windowed %s' % cmdline)
# Queue the console commands, if needed
for argv in self.options.console:
cmdline = System.argv_to_cmdline(argv)
self.cmdqueue.append('console %s' % cmdline)
# Queue the continue command, if other commands were queued before
if len(self.cmdqueue) > 0:
self.cmdqueue.append('continue')
def queue_initial_commands(self):
# Queue the attach commands, if needed
if self.options.attach:
cmd = 'attach %s' % self.join_tokens(self.options.attach)
self.cmdqueue.append(cmd)
# Queue the windowed commands, if needed
for argv in self.options.windowed:
cmdline = System.argv_to_cmdline(argv)
self.cmdqueue.append( 'windowed %s' % cmdline )
# Queue the console commands, if needed
for argv in self.options.console:
cmdline = System.argv_to_cmdline(argv)
self.cmdqueue.append( 'console %s' % cmdline )
# Queue the continue command, if other commands were queued before
if len(self.cmdqueue) > 0:
self.cmdqueue.append('continue')
def main(argv):
# print(the banner.)
print("SelectMyParent: Start a program with a selected parent process")
print("by Mario Vilas (mvilas at gmail.com)")
print("based on a Didier Stevens tool (https://DidierStevens.com)")
print
# Check the command line arguments.
if len(argv) < 3:
script = os.path.basename(argv[0])
print(" %s <pid> <process.exe> [arguments]" % script)
return
# Request debug privileges.
system = System()
system.request_debug_privileges()
# Parse the parent process argument.
try:
dwParentProcessId = HexInput.integer(argv[1])
except ValueError:
dwParentProcessId = None
if dwParentProcessId is not None:
dwMyProcessId = win32.GetProcessId(win32.GetCurrentProcess())
if dwParentProcessId != dwMyProcessId:
system.scan_processes_fast()
if not system.has_process(dwParentProcessId):
print("Can't find process ID %d" % dwParentProcessId)
return
else:
system.scan_processes()
process_list = system.find_processes_by_filename(argv[1])
if not process_list:
print("Can't find process %r" % argv[1])
return
if len(process_list) > 1:
print("Too many processes found:")
for process, name in process_list:
print("\t%d:\t%s" % (process.get_pid(), name))
return
dwParentProcessId = process_list[0][0].get_pid()
# Parse the target process argument.
filename = argv[2]
if not ntpath.exists(filename):
try:
filename = win32.SearchPath(None, filename, '.exe')[0]
except WindowsError as e:
print("Error searching for %s: %s" % (filename, str(e)))
return
argv = list(argv)
argv[2] = filename
# Start the new process.
try:
process = system.start_process(system.argv_to_cmdline(argv[2:]),
bConsole=True,
bInheritHandles=True,
dwParentProcessId=dwParentProcessId)
dwProcessId = process.get_pid()
except AttributeError as e:
if "InitializeProcThreadAttributeList" in str(e):
print("This tool requires Windows Vista or above.")
else:
print("Error starting new process: %s" % str(e))
return
except WindowsError as e:
print("Error starting new process: %s" % str(e))
return
print("Process created: %d" % dwProcessId)
return dwProcessId
# contributors may be used to endorse or promote products derived from # this software without specific prior written permission. # # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" # AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE # ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE # LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR # CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE # POSSIBILITY OF SUCH DAMAGE. from winappdbg import System import sys # Instance a System object. system = System() # Get the target application. command_line = system.argv_to_cmdline( sys.argv[ 1 : ] ) # Start a new process. process = system.start_process( command_line ) # see the docs for more options # Show info on the new process. print "Started process %d (%d bits)" % ( process.get_pid(), process.get_bits() )
# contributors may be used to endorse or promote products derived from # this software without specific prior written permission. # # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" # AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE # ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE # LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR # CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE # POSSIBILITY OF SUCH DAMAGE. from winappdbg import System import sys # Instance a System object. system = System() # Get the target application. command_line = system.argv_to_cmdline( sys.argv[ 1 : ] ) # Start a new process. process = system.start_process( command_line ) # see the docs for more options # Show info on the new process. print "Started process %d (%d bits)" % ( process.get_pid(), process.get_bits() )
from winappdbg import System import sys # Instance a System object. system = System() # Get the target application. command_line = system.argv_to_cmdline( sys.argv[ 1 : ] ) # Start a new process. process = system.start_process( command_line ) # see the docs for more options # Show info on the new process. print "Started process %d (%d bits)" % ( process.get_pid(), process.get_bits() )
from winappdbg import System import sys # Instance a System object. system = System() # Get the target application. command_line = system.argv_to_cmdline(sys.argv[1:]) # Start a new process. process = system.start_process(command_line) # see the docs for more options # Show info on the new process. print "Started process %d (%d bits)" % (process.get_pid(), process.get_bits())