Error on Attaching to the process while debugging

Dave Angel davea at ieee.org
Thu Aug 6 00:51:19 EDT 2009 

MalC0de wrote:
> Hello there, I'm writting a debugger,
> the problem is there no good interpretation ...
>
> here's the codes:
>
> my_debugger.py :
>
> #!/usr/bin/env python
> from ctypes import *
> from my_debugger_defines import *
> kernel32 = windll.kernel32
> class debugger():
>     def __init__(self):
> 	  self.h_process = None
> 	  self.pid = None
> 	  self.debugger_active = False
>           pass
>     def load(self,path_to_exe):
>         creation_flags = DEBUG_PROCESS
>         startupinfo = STARTUPINFO()
>         process_information = PROCESSINFORMATION()
>         startupinfo.dwFlags = 0x1
>         startupinfo.wShowWindow = 0x0
>         startupinfo.cb = sizeof(startupinfo)
>         if kernel32.CreateProcessA(path_to_exe,
>                                     None,
>                                     None,
>                                     None,
>                                     None,
>                                     creation_flags,
>                                     None,
>                                     None,
>                                     byref(startupinfo),
>                                     byref(process_information)):
>                   print "[*]we have sucessfully launched the process"
>                   print "[*]PID %d" % process_information.dwProcessId
>                   self.h_process = self.open_process
> (process_information.dwProcessId)
>         else:
>             print"[*]Error 0x%08x." % kernel32.GetLastError()
>
> def Open_process(self,pid):
>     h_process = kernel32.OpenProcess(PROCESS_ALL_ACCESS,pid,False)
>     return h_process
> def attach(self,pid):
>         self.h_process = self.open_process(pid)
>         # We attempt to attach to the process
>         # if this fails we exit the call
>         if kernel32.DebugActiveProcess(pid):
>             self.debugger_active = True
>             self.pid             = int(pid)
>
>         else:
>             print "[*] Unable to attach to the process."
>
> def run(self):
>     while self.debugger_active == True:
>         self.get_debug_event()
> def get_debug_event(self):
>     debug_event = DEBUG_EVENT()
>     continue_status = DBG_CONTINUE
>     if kernel32.WaitForDebugEvent(byref(debug_event),INFINITE):
>         raw_input("Press a key to continue ...")
>     self.debugger_active = False
>     kernel32.ContinueDebugEvent
> (debug_event.dwProdcessid,debug_event.dwThreadId,continue_status)
>     def detach(self):
>         if kernel32.DeugActiveProcessStop(self.pid):
>             print "[*]Finished debugging. exiting ..."
>             return True
>         else:
>             print "there was an error"
>             return false
>
> it's already have a method named : Attach ...
> <snip>
>   
Indentation is critical.  You have defined functions ( Open_process() 
attach(), run(), etc. ) that have formal parameters named self, but are 
indented outside of the class definition.  Indentation trumps, so these 
are not attributes of the class.  They're functions, not methods.

It looks like you have other indentation problems, but I'll let you run 
with this much.

Incidentally, following naming conventions could also help here.  
debugger is a class, but it's not capitalized.  Open_process() is 
intended to be a method, but it is capitalized.  And your comments refer 
to attach() as Attach...  Another convention you're breaking is using    
"from ctypes import * "   That's a dangerous way to do imports, as it 
mixes those names with the ones in this module.  I prefer a simple 
import, and use the module name as a prefix when you reference those 
symbols.  If there are a few symbols you do want to have directly 
included, then import them one at a time, without the * notation.  (just 
my opinion)

DaveA

More information about the Python-list mailing list