In this section, we will write a Python script, that will automate the exact steps that we did using Immunity Debugger. For this purpose, we will be using a Python library called winappdbg, to automate the debugging of the Firefox process. So, let's start by installing this library. You can download the library from http://winappdbg.sourceforge.net/.
The steps mentioned in the Firefox process section, which we explained earlier can be translated into code. Let's do this step by step:
- First, we need to get the process ID and then attach it to a debugger. The code in Python to do this is as follows:
...
debug = Debug(MyEventHandler()) # Create a debug object instance
try:
for ( process, name ) in debug.system.find_processes_by_filename( "firefox.exe" ): # Search for Firefox.exe process, if found
print ...