MarioVilas/winappdbg

Access denied when attaching to process

Elizaveta239 opened this issue · 1 comments

Elizaveta239 commented

Hi! Thank you very much for your library, we're using it in PyDev.Debugger and PyCharm for attaching to process: https://github.com/fabioz/PyDev.Debugger/tree/master/pydevd_attach_to_process

One of our users reported this exception (https://youtrack.jetbrains.com/issue/PY-29932):

Attaching to a process with PID=15044
C:\virtualenvs\weboptions\Scripts\python.exe "C:\Program Files\JetBrains\PyCharm 2018.1.1\helpers\pydev\pydevd_attach_to_process\attach_pydevd.py" --port 54765 --pid 15044
Traceback (most recent call last):
  File "C:\Program Files\JetBrains\PyCharm 2018.1.1\helpers\pydev\pydevd_attach_to_process\attach_pydevd.py", line 64, in <module>
    main(process_command_line(sys.argv[1:]))
  File "C:\Program Files\JetBrains\PyCharm 2018.1.1\helpers\pydev\pydevd_attach_to_process\attach_pydevd.py", line 61, in main
    setup['pid'], python_code, connect_debugger_tracing=True, show_debug_info=show_debug_info_on_target_process)
  File "C:\Program Files\JetBrains\PyCharm 2018.1.1\helpers\pydev\pydevd_attach_to_process\add_code_to_python_process.py", line 395, in run_python_code_windows
    thread, _thread_address = process.inject_code(code, 0)
  File "C:\Program Files\JetBrains\PyCharm 2018.1.1\helpers\pydev\pydevd_attach_to_process\winappdbg\process.py", line 3576, in inject_code
    bSuspended = False)
  File "C:\Program Files\JetBrains\PyCharm 2018.1.1\helpers\pydev\pydevd_attach_to_process\winappdbg\thread.py", line 1916, in start_thread
    hProcess, 0, 0, lpStartAddress, lpParameter, dwCreationFlags)
  File "C:\Program Files\JetBrains\PyCharm 2018.1.1\helpers\pydev\pydevd_attach_to_process\winappdbg\win32\kernel32.py", line 3796, in CreateRemoteThread
    raise ctypes.WinError()
PermissionError: [WinError 5] Zugriff verweigert

Could you please help us to understand reasons of the problem? Does it happen, because user doesn't have enough permissions? He reported that running the same code as administrator didn't fix the problem.
Thank you!

MarioVilas commented

Hi! Thanks for your kind words :)

This looks strange indeed, especially since at the point the exception is thrown the debugger is already attached to the process. What seems to be failing is starting a new thread to run the injected code.

Does this work when using plain winappdbg? Is the user running an antivirus?