# NOTE: Due to winappdbg, this script is only compatible with Python 2.7 import argparse from winappdbg import Debug, EventHandler, HexDump import warnings warnings.filterwarnings("ignore") def callback(event): print("Starting...") process = event.get_process() target_cam_uni = unicode(target_cam).encode('utf-16le') original_cam_uni = unicode(original_cam).encode('utf-16le') original_array = bytearray(original_cam) original_uni_array = bytearray(original_cam_uni) for address in process.search_bytes(original_array): try: process.write(address, target_cam) print HexDump.address(address) except: pass for address in process.search_bytes(original_uni_array): try: process.write(address, target_cam_uni) print HexDump.address(address) except: pass print("Finished!") def debug(): with Debug(EventHandler(), bKillOnExit = True) as debug: program_path = "C:\\Program Files (x86)\\WansviewCloud\\WansviewCloud.exe" debug = Debug() debug_process = debug.execl(program_path, bBreakOnEntryPoint = False) debug_pid = debug_process.get_pid() print("WansviewCloud.exe PID: " + str(debug_pid)) debug.break_at(debug_pid, 0x433fd4, callback) debug.loop() if __name__ == "__main__": arg_parser = argparse.ArgumentParser() arg_parser.add_argument("-original", type=str, help="Original device serial number", required=True) arg_parser.add_argument("-target", type=str, help="Target device serial number", required=True) parsed_args = arg_parser.parse_args() original_cam = parsed_args.original target_cam = parsed_args.target debug()