Python Examples of ctypes.wintypes.LPDWORD

Source File: microrepl.py From intellij-micropython with Apache License 2.0

6 votes

def __init__(self) -> None:
        super().__init__()
        # ANSI handling available through SetConsoleMode since Windows 10 v1511
        # https://en.wikipedia.org/wiki/ANSI_escape_code#cite_note-win10th2-1
        if platform.release() == '10' and int(platform.version().split('.')[2]) > 10586:
            ENABLE_VIRTUAL_TERMINAL_PROCESSING = 0x0004
            import ctypes.wintypes as wintypes
            if not hasattr(wintypes, 'LPDWORD'):  # PY2
                wintypes.LPDWORD = ctypes.POINTER(wintypes.DWORD)
            SetConsoleMode = ctypes.windll.kernel32.SetConsoleMode
            GetConsoleMode = ctypes.windll.kernel32.GetConsoleMode
            GetStdHandle = ctypes.windll.kernel32.GetStdHandle
            mode = wintypes.DWORD()
            GetConsoleMode(GetStdHandle(-11), ctypes.byref(mode))
            if (mode.value & ENABLE_VIRTUAL_TERMINAL_PROCESSING) == 0:
                SetConsoleMode(GetStdHandle(-11), mode.value | ENABLE_VIRTUAL_TERMINAL_PROCESSING)
                self._saved_cm = mode

Source File: term.py From mpfshell with MIT License

5 votes

def __init__(self):
                super(Console, self).__init__()
                self._saved_ocp = ctypes.windll.kernel32.GetConsoleOutputCP()
                self._saved_icp = ctypes.windll.kernel32.GetConsoleCP()
                ctypes.windll.kernel32.SetConsoleOutputCP(65001)
                ctypes.windll.kernel32.SetConsoleCP(65001)
                # ANSI handling available through SetConsoleMode since Windows 10 v1511
                # https://en.wikipedia.org/wiki/ANSI_escape_code#cite_note-win10th2-1
                # if platform.release() == '10' and int(platform.version().split('.')[2]) > 10586:
                ENABLE_VIRTUAL_TERMINAL_PROCESSING = 0x0004
                import ctypes.wintypes as wintypes

                if not hasattr(wintypes, "LPDWORD"):  # PY2
                    wintypes.LPDWORD = ctypes.POINTER(wintypes.DWORD)
                SetConsoleMode = ctypes.windll.kernel32.SetConsoleMode
                GetConsoleMode = ctypes.windll.kernel32.GetConsoleMode
                GetStdHandle = ctypes.windll.kernel32.GetStdHandle
                mode = wintypes.DWORD()
                GetConsoleMode(GetStdHandle(-11), ctypes.byref(mode))
                if (mode.value & ENABLE_VIRTUAL_TERMINAL_PROCESSING) == 0:
                    SetConsoleMode(
                        GetStdHandle(-11),
                        mode.value | ENABLE_VIRTUAL_TERMINAL_PROCESSING,
                    )
                    self._saved_cm = mode
                self.output = codecs.getwriter("UTF-8")(
                    Out(sys.stdout.fileno()), "replace"
                )
                # the change of the code page is not propagated to Python, manually fix it
                sys.stderr = codecs.getwriter("UTF-8")(
                    Out(sys.stderr.fileno()), "replace"
                )
                sys.stdout = self.output
                self.output.encoding = "UTF-8"  # needed for input

Source File: win.py From gd.py with MIT License

5 votes

def create_remote_thread(
    handle: wintypes.HANDLE,
    thread_attributes: LPSECURITY_ATTRIBUTES,
    stack_size: ctypes.c_size_t,
    start_address: wintypes.LPVOID,
    start_parameter: wintypes.LPVOID,
    flags: wintypes.DWORD,
    thread_id: wintypes.LPDWORD,
) -> wintypes.HANDLE:
    pass

Source File: win.py From gd.py with MIT License

5 votes

def get_window_thread_process_id(
    handle: wintypes.HWND, process_id_ptr: wintypes.LPDWORD
) -> wintypes.DWORD:
    pass

Source File: display.py From vergeml with MIT License

4 votes

def get_ppname():
            process_id_array_size = 1024
            entries = 0

            while entries == 0 or process_id_array_size == entries:
                dword_array = (wintypes.DWORD * process_id_array_size)

                process_ids = dword_array()
                bytes_used = wintypes.DWORD(0)

                res = WINAPI._EnumProcesses(cast(process_ids, wintypes.PDWORD), sizeof(process_ids), byref(bytes_used))
                if not res:
                    return []

                entries = int(bytes_used.value / sizeof(wintypes.DWORD))
                process_id_array_size += 512

            name = None
            index = 0
            ppid = os.getppid()
            while index < entries:
                process_id = process_ids[index]
                if ppid != process_id:
                    index += 1
                    continue
                
                
                process_handle = WINAPI._OpenProcess(WINAPI._PROCESS_QUERY_INFORMATION | WINAPI._PROCESS_VM_READ, False, process_id)
                if process_handle:
                    module = wintypes.HANDLE()
                    needed_bytes = wintypes.LPDWORD()
                    module_res = WINAPI._EnumProcessModules(
                        process_handle,
                        byref(module),
                        sizeof(module),
                        byref(needed_bytes)
                    )
                    if module_res:
                        length = 260
                        buffer = ctypes.create_unicode_buffer(length)
                        WINAPI._GetModuleBaseNameW(process_handle, module, buffer, length)
                        name = buffer.value
                WINAPI._CloseHandle(process_handle)
                break

            return name

Source File: dll_injection.py From BoomER with GNU General Public License v3.0

4 votes

def run(self):
        kernel32 = windll.kernel32
        pid = self.options.get("pid")[1]
        dll_to_inject = self.options.get("dll")[1]
        
        if not pid or not dll_to_inject:
            self.print_error("Configure the settings correctly\n    Execute show options")
            return

        dll_len = len(dll_to_inject)
        if not isfile(dll_to_inject):
            self.print_error("%s not found..." %(dll_to_inject))
            return

        self.print_info("Obtaining handle to process with PID %s" %(pid))
        handle_p = kernel32.OpenProcess(self.PROCESS_ALL_ACCESS, False, pid)

        if not handle_p:
            self.print_error("OpenProcess function didn't work... Review the PID %s" %(pid))
            return

        self.print_info("Assigning space for DLL path")
        virtual_mem_allocate = kernel32.VirtualAllocEx(handle_p, 0, dll_len,
                                            self.COMMIT_RESERVE, self.PAGE_READWRITE)
        if not virtual_mem_allocate:
            self.print_error("Error assigning space for DLL")
            return

        self.print_info("Writing DLL path")
        result = kernel32.WriteProcessMemory(handle_p, virtual_mem_allocate, 
                                    dll_to_inject.encode("ascii"), dll_len, 0)
        if not result:
            self.print_error("Error writing")
            return

        self.print_info("Getting LoadLibraryA address")
        loadlibA_address = c_void_p.from_buffer(kernel32.LoadLibraryA).value
        if not loadlibA_address:
            self.print_error("Error getting address")
            return

        class _SECURITY_ATTRIBUTES(Structure):
            _fields_ = [('nLength', wintypes.DWORD),
                        ('lpSecurityDescriptor', wintypes.LPVOID),
                        ('bInheritHandle', wintypes.BOOL),]

        thread_id = c_ulong(0)

        kernel32.CreateRemoteThread.argtypes = (wintypes.HANDLE, POINTER(_SECURITY_ATTRIBUTES), 
            wintypes.DWORD, wintypes.LPVOID, wintypes.LPVOID, wintypes.DWORD, wintypes.LPDWORD)
        self.print_info("Creating Remote Thread")
        if kernel32.CreateRemoteThread(handle_p, None, 0, loadlibA_address,
                                virtual_mem_allocate, 0, byref(thread_id)):
            self.print_ok("Remote Thread created! :)")
        else:
            self.print_error("DLL could not be injected :(")

Python ctypes.wintypes.LPDWORD Examples