Recently I presented at the SteelCon conference on using Python for manipulating processes memory, using the process injection technique as an example, to demonstrate how higher level scripting languages can be used to perform tasks normally only doable from compiled, lower level languages, such as C.
The whole purpose of this talk was to show how incredibly flexible, platform independent tools could be developed rapidly, by even relatively inexperienced developers, and how we could leverage the abstraction offered by higher level languages to perform complicated, low level tasks, easily. While process injection is not a new topic, having been well covered in various papers (several Phrack articles cover the topic, and there are a number of excellent tools - written in C, or assembly, that will permit you to do it), there was very little information out there on doing it from a scripting language. In fact, the Python module I used to achieve the task, python-ptrace, was incredibly poorly documented (in my personal opinion). Despite poor documentation, it was quite easy to develop the proof of concept tools demonstrated in the talk.
more here............http://www.xiphosresearch.com/2014/08/07/Process-Injection.html
The whole purpose of this talk was to show how incredibly flexible, platform independent tools could be developed rapidly, by even relatively inexperienced developers, and how we could leverage the abstraction offered by higher level languages to perform complicated, low level tasks, easily. While process injection is not a new topic, having been well covered in various papers (several Phrack articles cover the topic, and there are a number of excellent tools - written in C, or assembly, that will permit you to do it), there was very little information out there on doing it from a scripting language. In fact, the Python module I used to achieve the task, python-ptrace, was incredibly poorly documented (in my personal opinion). Despite poor documentation, it was quite easy to develop the proof of concept tools demonstrated in the talk.
more here............http://www.xiphosresearch.com/2014/08/07/Process-Injection.html