Python in Firefox proof of concept (PoC)
In this section, we will write a Python script, that will automate the exact steps that we did using Immunity Debugger. For this purpose, we will be using a Python library called winappdbg
, to automate the debugging of the Firefox process. So, let's start by installing this library. You can download the library from http://winappdbg.sourceforge.net/.
The steps mentioned in the Firefox process section, which we explained earlier can be translated into code. Let's do this step by step:
- First, we need to get the process ID and then attach it to a debugger. The code in Python to do this is as follows:
... debug = Debug(MyEventHandler()) # Create a debug object instance try: for ( process, name ) in debug.system.find_processes_by_filename( "firefox.exe" ): # Search for Firefox.exe process, if found print '[+] Found Firefox PID is ' + str (process.get_pid()) # Grab the Process ID (PID) debug.attach( process.get_pid() ) # Attach to the process...