-
Notifications
You must be signed in to change notification settings - Fork 12
Expand file tree
/
Copy pathAuxFunctions.py
More file actions
27 lines (21 loc) · 870 Bytes
/
AuxFunctions.py
File metadata and controls
27 lines (21 loc) · 870 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
# Auxiliar Functions =====================================================================
from subprocess import *
def GetPIDByProcessName(aProcessName):
for proc in psutil.process_iter():
if proc.name == aProcessName:
return proc.pid
def OpenNotepadAndGetPID():
print 'Starting Notepad...'
pid = Popen("notepad").pid
print 'Notepad started successfully'
return pid
def HookFunctionForProcess(spyManager, functionModuleAndName, notepadPID):
print 'Hooking function ' + functionModuleAndName + ' for Notepad...'
hook = spyManager.CreateHook(functionModuleAndName, 0)
hook.Attach(notepadPID, True)
hook.Hook(True)
print 'Notepad successfully hooked'
return hook
def StartNotepadAndHook(spyManager):
notepadPID = OpenNotepadAndGetPID()
hook = HookFunctionForProcess(spyManager, "kernel32.dll!CreateFileW", notepadPID)