Re: [IronPython] Cast to a method pointer using CTYPES

Thu, 10 Feb 2011 08:17:44 -0800 

Mind showing showing me an example of using VirtualAlloc?

Thanks for your help

Quick Google Search reveals nothing Nothing to me on VirtualAlloc

*cheers



On Wed, Feb 9, 2011 at 12:37 PM, Dino Viehland <di...@microsoft.com> wrote:

>  So you want to generate the assembly in memory and then execute it?  I
> think you want something like:
>
>
>
> import array
>
> myCode = array.array('b',
> "\x31\xc0\x31\xdb\x31\xc9\x31\xd2\x51\x68\x6c\x6c\x20\x20\x68\x33")
>
> buffer = myCode.buffer_info()[0]
>
>
>
> from ctypes import *
>
> my_callback = CFUNCTYPE(c_int)
>
>
>
> my_callback(buffer)()
>
>
>
> This creates an array from your code, and then gets the address of that
> array.  Then it creates a callback type which just returns an int, and then
> it creates an instance of that callback type using the address of the code
> and calls that instance (which then causes an access violation when I run
> this).
>
>
>
> If you’re on a machine w/ the NX bit you may need to call VirtualAlloc and
> copy the bytes to the allocated executable memory rather than using a
> buffer.
>
>
>
> *From:* users-boun...@lists.ironpython.com [mailto:
> users-boun...@lists.ironpython.com] *On Behalf Of *Andrew Evans
> *Sent:* Wednesday, February 09, 2011 12:23 PM
> *To:* Discussion of IronPython
> *Subject:* Re: [IronPython] Cast to a method pointer using CTYPES
>
>
>
> Hey thank you for the fast reply :-)
>
> I am working on building a security framework in Python for exploit
> development as a part time hobby. But I am missing something key to what I
> am doing. I am having a hard time understanding it as well.
>
> from ctypes import *
>
> myCode = ("\x31\xc0\x31\xdb\x31\xc9\x31\xd2"
>     "\x51\x68\x6c\x6c\x20\x20\x68\x33") #example hex not full for post
> don't want to put up red flags
>
> my_callback = CFUNCTYPE(c_int, c_void_p,
>                         POINTER(myCode),
>                         POINTER(c_int32), c_void_p)
>
> print type(my_callback)
>
> this returns <type '_ctypes.PyCFuncPtrType'> which is what I want I assume.
>
> but when I run this code nothing happens. Maybe in how I am running it just
> by adding my_callback to the source. Any idea what I am doing wrong.
>
> *cheers in advance if you can help
>
> If not I understand
>
>
> _______________________________________________
> Users mailing list
> Users@lists.ironpython.com
> http://lists.ironpython.com/listinfo.cgi/users-ironpython.com
>
>

_______________________________________________
Users mailing list
Users@lists.ironpython.com
http://lists.ironpython.com/listinfo.cgi/users-ironpython.com

Reply via email to