Click here to Skip to main content
       

C / C++ / MFC

 
GeneralRe: can i use mem_fun like this? PinmemberFalconapollo4-Dec-12 15:43 
Questionclient server for running the program Pinmemberdanielsutopo1-Dec-12 16:09 
AnswerRe: client server for running the program PinmemberAlbert Holguin1-Dec-12 18:22 
QuestionLimiting selected checkbox items in a CListCtrl Pinmembersoftwaremonkey1-Dec-12 2:40 
SuggestionRe: Limiting selected checkbox items in a CListCtrl PinmemberDavidCrow1-Dec-12 4:51 
AnswerRe: Limiting selected checkbox items in a CListCtrl PinmemberJochen Arndt2-Dec-12 0:56 
GeneralRe: Limiting selected checkbox items in a CListCtrl Pinmembersoftwaremonkey2-Dec-12 23:45 
QuestionUsing VISUAL C++ 6.0 with OLE PinmemberForNow30-Nov-12 10:06 
AnswerRe: Using VISUAL C++ 6.0 with OLE Pinmemberjschell30-Nov-12 11:46 
SuggestionRe: Using VISUAL C++ 6.0 with OLE PinmemberDavidCrow30-Nov-12 15:24 
GeneralRe: Using VISUAL C++ 6.0 with OLE PinmemberForNow4-Dec-12 14:48 
AnswerRe: Using VISUAL C++ 6.0 with OLE PinmemberStephen Hewitt2-Dec-12 5:54 
AnswerRe: Using VISUAL C++ 6.0 with OLE PinmemberCristian Amarie3-Dec-12 9:52 
QuestionDll injection and hooking Pinmemberminiman0630-Nov-12 8:47 
Hello once again,I have been working on some project for a while now and I needed to hook a creation of processes,I have that code(hook/detour)
BOOL WINAPI CreateProcH::CreateProcessInternalW	(	HANDLE 	hToken,
												 LPCWSTR 	lpApplicationName,
												 LPWSTR 	lpCommandLine,
												 LPSECURITY_ATTRIBUTES 	lpProcessAttributes,
												 LPSECURITY_ATTRIBUTES 	lpThreadAttributes,
												 BOOL 	bInheritHandles,
												 DWORD 	dwCreationFlags,
												 LPVOID 	lpEnvironment,
												 LPCWSTR 	lpCurrentDirectory,
												 LPSTARTUPINFOW 	lpStartupInfo,
												 LPPROCESS_INFORMATION 	lpProcessInformation,
												 PHANDLE 	hNewToken 
												 )
	clogf("start %x ref: %x",realCreateProcessInternalW,&realCreateProcessInternalW);
	BOOL res = FALSE;
	res = realCreateProcessInternalW(hToken,lpApplicationName,lpCommandLine,lpProcessAttributes,lpThreadAttributes,bInheritHandles,dwCreationFlags,lpEnvironment,lpCurrentDirectory,lpStartupInfo,lpProcessInformation,hNewToken);
	if(res == FALSE)
		return res;
 
	Sleep(100);//let it load

	vector<wchar_t*> ::iterator it;
	for(it = pubvPaths.begin(); it < pubvPaths.end(); it++)
	{	
		if(!CDetour::InjectDll(lpProcessInformation->hProcess,*it))
			clogf("InjectDll(lpProcessInformation->hProcess,*it) FAILED!");
		clogf("Strlen %d Injecting dll: %ls",lstrlenW(*it),*it);
	}
	clogf("hThread: %d hProcess: %d dwThreadId: %d dwProcessId: %d",lpProcessInformation->hThread,lpProcessInformation->hProcess,lpProcessInformation->dwThreadId,lpProcessInformation->dwProcessId);
	return res;
};
LOG:
[Fri Nov 30 20:22:20 2012] CreateProcH::CreateProcessInternalW reported: start 7d843e8 ref: 741285ac
[Fri Nov 30 20:22:20 2012] CreateProcH::CreateProcessInternalW reported: Strlen 103 Injecting dll: C:/Users/JEAN/SplitPLayGUI-build-desktop-Qt_4_8_1_for_Desktop_-_MSVC2010__Qt_SDK__Debug/CreateProcH.dll
[Fri Nov 30 20:22:20 2012] CreateProcH::CreateProcessInternalW reported: hThread: 5360 hProcess: 5376 dwThreadId: 8376 dwProcessId: 1388
 
but the process fails to create or crashes not sure what is wrong,
So I just commented out
if(!CDetour::InjectDll(lpProcessInformation->hProcess,*it))
    clogf("InjectDll(lpProcessInformation->hProcess,*it) FAILED!");
 
and everything logged the same way but the process actually created and ran, here is CDetour::InjectDll
bool CDetour::InjectDll(HANDLE hProcess ,wchar_t * pwstrDll)
{
	LPVOID RemoteString, LoadLibAddy;
 
	if(!hProcess)
		return false;
 
	LoadLibAddy = (LPVOID)GetProcAddress(GetModuleHandle(L"kernel32.dll"), "LoadLibraryW");
	if(!LoadLibAddy)
	{
		clogf("GetProcAddress(GetModuleHandle(L\"kernel32.dll\"), \"LoadLibraryW\") FAILED WITH %d!",GetLastError());
		return false;
	}
	RemoteString = (LPVOID)VirtualAllocEx(hProcess, NULL, (lstrlenW(pwstrDll)*2)+2, MEM_RESERVE|MEM_COMMIT, PAGE_READWRITE);
	if(!RemoteString)
	{
		clogf("VirtualAllocEx(hProcess, NULL, lstrlenW(pwstrDll)+2, MEM_RESERVE|MEM_COMMIT, PAGE_READWRITE); FAILED WITH %d!",GetLastError());
		return false;
	}
	if(WriteProcessMemory(hProcess, (LPVOID)RemoteString, pwstrDll,(lstrlenW(pwstrDll)*2)+2, NULL) == 0)
	{
		clogf("WriteProcessMemory(hProcess, (LPVOID)RemoteString, pwstrDll,lstrlenW(pwstrDll)+2, NULL) FAILED WITH %d!",GetLastError());
		return false;
	}
	if(CreateRemoteThread(hProcess, NULL, NULL, (LPTHREAD_START_ROUTINE)LoadLibAddy, (LPVOID)RemoteString, NULL, NULL) == NULL)
	{
		clogf("CreateRemoteThread(hProcess, NULL, NULL, (LPTHREAD_START_ROUTINE)LoadLibAddy, (LPVOID)RemoteString, NULL, NULL) FAILED WITH %d!",GetLastError());
		return false;
	}
 
	return true;
}
I hope someone else could figure it out ,thanks in advance Smile | :)
AnswerRe: Dll injection and hooking Pinmemberminiman061-Dec-12 20:01 
Questionsimple program in linux doesnt work Pinmembera1_shay29-Nov-12 23:59 
AnswerRe: simple program in linux doesnt work PinmemberGraham Breach30-Nov-12 1:24 
GeneralRe: simple program in linux doesnt work Pinmembera1_shay30-Nov-12 2:43 
AnswerRe: simple program in linux doesnt work Pinmemberjschell30-Nov-12 11:49 
QuestionRead binary File Pinmemberyogeshs29-Nov-12 0:05 
AnswerRe: Read binary File PinmvpRichard MacCutchan29-Nov-12 0:14 
AnswerRe: Read binary File PinmemberFreak3029-Nov-12 0:18 
GeneralRe: Read binary File Pinmemberyogeshs29-Nov-12 0:41 
QuestionRe: Read binary File PinmemberDavidCrow29-Nov-12 3:37 
Questionextracting resources from an exe for translation Pinmemberchronodekar28-Nov-12 22:28 
AnswerRe: extracting resources from an exe for translation PinmemberMattias G3-Dec-12 23:24 
Questioncompile code twice,why the two result is differrent Pinmemberyingkou28-Nov-12 22:10 
AnswerRe: compile code twice,why the two result is differrent PinmemberStefan_Lang28-Nov-12 23:31 
AnswerRe: compile code twice,why the two result is differrent PinmemberStephen Hewitt29-Nov-12 1:42 
AnswerRe: compile code twice,why the two result is differrent Pinmembersajeesh.c30-Nov-12 19:28 
AnswerRe: compile code twice,why the two result is differrent PinmemberCristian Amarie3-Dec-12 9:55 
QuestionCListCtrl Pinmembersarfaraznawaz28-Nov-12 22:07 
AnswerRe: CListCtrl PinmemberJochen Arndt28-Nov-12 22:30 
QuestionLong pointer to character C++ Pinmemberpix_programmer28-Nov-12 5:41 
GeneralRe: Long pointer to character C++ PinmemberDavidCrow28-Nov-12 6:19 
AnswerRe: Long pointer to character C++ PinmvpRichard MacCutchan28-Nov-12 6:20 
AnswerRe: Long pointer to character C++ PinmemberStefan_Lang28-Nov-12 7:07 
GeneralRe: Long pointer to character C++ PinmemberDavidCrow28-Nov-12 8:56 
GeneralRe: Long pointer to character C++ PinmemberStefan_Lang28-Nov-12 23:03 
AnswerRe: Long pointer to character C++ PinmvpCPallini28-Nov-12 8:48 
AnswerRe: Long pointer to character C++ Pinmembersajeesh.c30-Nov-12 19:35 
AnswerRe: Long pointer to character C++ [modified] PinmemberApril Fans13-Dec-12 19:06 
Questionproblem in c with linux Pinmembera1_shay28-Nov-12 3:23 
AnswerRe: problem in c with linux PinmvpCPallini28-Nov-12 4:07 
SuggestionRe: problem in c with linux PinmvpRichard MacCutchan28-Nov-12 4:11 
GeneralRe: problem in c with linux Pinmembera1_shay28-Nov-12 22:35 
GeneralRe: problem in c with linux PinmvpRichard MacCutchan29-Nov-12 0:04 
AnswerRe: problem in c with linux Pinmembersajeesh.c30-Nov-12 19:40 
QuestionMerging Arrays Pinmemberpix_programmer27-Nov-12 22:57 
AnswerRe: Merging Arrays PinmemberAndy41127-Nov-12 23:48 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.


Advertise | Privacy | Mobile
Web03 | 2.8.141220.1 | Last Updated 22 Dec 2014
Copyright © CodeProject, 1999-2014
All Rights Reserved. Terms of Service
Layout: fixed | fluid