MalC0de wrote:
Hello there, I'm writting a debugger,
the problem is there no good interpretation ...
here's the codes:
my_debugger.py :
#!/usr/bin/env python
from ctypes import *
from my_debugger_defines import *
kernel32 = windll.kernel32
class debugger():
def __init__(self):
self.h_process = None
self.pid = None
self.debugger_active = False
pass
def load(self,path_to_exe):
creation_flags = DEBUG_PROCESS
startupinfo = STARTUPINFO()
process_information = PROCESSINFORMATION()
startupinfo.dwFlags = 0x1
startupinfo.wShowWindow = 0x0
startupinfo.cb = sizeof(startupinfo)
if kernel32.CreateProcessA(path_to_exe,
None,
None,
None,
None,
creation_flags,
None,
None,
byref(startupinfo),
byref(process_information)):
print "[*]we have sucessfully launched the process"
print "[*]PID %d" % process_information.dwProcessId
self.h_process = self.open_process
(process_information.dwProcessId)
else:
print"[*]Error 0x%08x." % kernel32.GetLastError()
def Open_process(self,pid):
h_process = kernel32.OpenProcess(PROCESS_ALL_ACCESS,pid,False)
return h_process
def attach(self,pid):
self.h_process = self.open_process(pid)
# We attempt to attach to the process
# if this fails we exit the call
if kernel32.DebugActiveProcess(pid):
self.debugger_active = True
self.pid = int(pid)
else:
print "[*] Unable to attach to the process."
def run(self):
while self.debugger_active == True:
self.get_debug_event()
def get_debug_event(self):
debug_event = DEBUG_EVENT()
continue_status = DBG_CONTINUE
if kernel32.WaitForDebugEvent(byref(debug_event),INFINITE):
raw_input("Press a key to continue ...")
self.debugger_active = False
kernel32.ContinueDebugEvent
(debug_event.dwProdcessid,debug_event.dwThreadId,continue_status)
def detach(self):
if kernel32.DeugActiveProcessStop(self.pid):
print "[*]Finished debugging. exiting ..."
return True
else:
print "there was an error"
return false
it's already have a method named : Attach ...
<snip>
Indentation is critical. You have defined functions ( Open_process()
attach(), run(), etc. ) that have formal parameters named self, but are
indented outside of the class definition. Indentation trumps, so these
are not attributes of the class. They're functions, not methods.
It looks like you have other indentation problems, but I'll let you run
with this much.
Incidentally, following naming conventions could also help here.
debugger is a class, but it's not capitalized. Open_process() is
intended to be a method, but it is capitalized. And your comments refer
to attach() as Attach... Another convention you're breaking is using
"from ctypes import * " That's a dangerous way to do imports, as it
mixes those names with the ones in this module. I prefer a simple
import, and use the module name as a prefix when you reference those
symbols. If there are a few symbols you do want to have directly
included, then import them one at a time, without the * notation. (just
my opinion)
DaveA
--
http://mail.python.org/mailman/listinfo/python-list
