Click here to Skip to main content
       

C / C++ / MFC

 
GeneralRe: can i use mem_fun like this? PinmemberFalconapollo4-Dec-12 14:43 
Questionclient server for running the program Pinmemberdanielsutopo1-Dec-12 15:09 
AnswerRe: client server for running the program PinmemberAlbert Holguin1-Dec-12 17:22 
QuestionLimiting selected checkbox items in a CListCtrl Pinmembersoftwaremonkey1-Dec-12 1:40 
SuggestionRe: Limiting selected checkbox items in a CListCtrl PinmemberDavidCrow1-Dec-12 3:51 
AnswerRe: Limiting selected checkbox items in a CListCtrl PinmemberJochen Arndt1-Dec-12 23:56 
GeneralRe: Limiting selected checkbox items in a CListCtrl Pinmembersoftwaremonkey2-Dec-12 22:45 
QuestionUsing VISUAL C++ 6.0 with OLE PinmemberForNow30-Nov-12 9:06 
AnswerRe: Using VISUAL C++ 6.0 with OLE Pinmemberjschell30-Nov-12 10:46 
SuggestionRe: Using VISUAL C++ 6.0 with OLE PinmemberDavidCrow30-Nov-12 14:24 
GeneralRe: Using VISUAL C++ 6.0 with OLE PinmemberForNow4-Dec-12 13:48 
AnswerRe: Using VISUAL C++ 6.0 with OLE PinmemberStephen Hewitt2-Dec-12 4:54 
AnswerRe: Using VISUAL C++ 6.0 with OLE PinmemberCristian Amarie3-Dec-12 8:52 
QuestionDll injection and hooking Pinmemberminiman0630-Nov-12 7:47 
Hello once again,I have been working on some project for a while now and I needed to hook a creation of processes,I have that code(hook/detour)
BOOL WINAPI CreateProcH::CreateProcessInternalW	(	HANDLE 	hToken,
												 LPCWSTR 	lpApplicationName,
												 LPWSTR 	lpCommandLine,
												 LPSECURITY_ATTRIBUTES 	lpProcessAttributes,
												 LPSECURITY_ATTRIBUTES 	lpThreadAttributes,
												 BOOL 	bInheritHandles,
												 DWORD 	dwCreationFlags,
												 LPVOID 	lpEnvironment,
												 LPCWSTR 	lpCurrentDirectory,
												 LPSTARTUPINFOW 	lpStartupInfo,
												 LPPROCESS_INFORMATION 	lpProcessInformation,
												 PHANDLE 	hNewToken 
												 )
	clogf("start %x ref: %x",realCreateProcessInternalW,&realCreateProcessInternalW);
	BOOL res = FALSE;
	res = realCreateProcessInternalW(hToken,lpApplicationName,lpCommandLine,lpProcessAttributes,lpThreadAttributes,bInheritHandles,dwCreationFlags,lpEnvironment,lpCurrentDirectory,lpStartupInfo,lpProcessInformation,hNewToken);
	if(res == FALSE)
		return res;
 
	Sleep(100);//let it load

	vector<wchar_t*> ::iterator it;
	for(it = pubvPaths.begin(); it < pubvPaths.end(); it++)
	{	
		if(!CDetour::InjectDll(lpProcessInformation->hProcess,*it))
			clogf("InjectDll(lpProcessInformation->hProcess,*it) FAILED!");
		clogf("Strlen %d Injecting dll: %ls",lstrlenW(*it),*it);
	}
	clogf("hThread: %d hProcess: %d dwThreadId: %d dwProcessId: %d",lpProcessInformation->hThread,lpProcessInformation->hProcess,lpProcessInformation->dwThreadId,lpProcessInformation->dwProcessId);
	return res;
};
LOG:
[Fri Nov 30 20:22:20 2012] CreateProcH::CreateProcessInternalW reported: start 7d843e8 ref: 741285ac
[Fri Nov 30 20:22:20 2012] CreateProcH::CreateProcessInternalW reported: Strlen 103 Injecting dll: C:/Users/JEAN/SplitPLayGUI-build-desktop-Qt_4_8_1_for_Desktop_-_MSVC2010__Qt_SDK__Debug/CreateProcH.dll
[Fri Nov 30 20:22:20 2012] CreateProcH::CreateProcessInternalW reported: hThread: 5360 hProcess: 5376 dwThreadId: 8376 dwProcessId: 1388
 
but the process fails to create or crashes not sure what is wrong,
So I just commented out
if(!CDetour::InjectDll(lpProcessInformation->hProcess,*it))
    clogf("InjectDll(lpProcessInformation->hProcess,*it) FAILED!");
 
and everything logged the same way but the process actually created and ran, here is CDetour::InjectDll
bool CDetour::InjectDll(HANDLE hProcess ,wchar_t * pwstrDll)
{
	LPVOID RemoteString, LoadLibAddy;
 
	if(!hProcess)
		return false;
 
	LoadLibAddy = (LPVOID)GetProcAddress(GetModuleHandle(L"kernel32.dll"), "LoadLibraryW");
	if(!LoadLibAddy)
	{
		clogf("GetProcAddress(GetModuleHandle(L\"kernel32.dll\"), \"LoadLibraryW\") FAILED WITH %d!",GetLastError());
		return false;
	}
	RemoteString = (LPVOID)VirtualAllocEx(hProcess, NULL, (lstrlenW(pwstrDll)*2)+2, MEM_RESERVE|MEM_COMMIT, PAGE_READWRITE);
	if(!RemoteString)
	{
		clogf("VirtualAllocEx(hProcess, NULL, lstrlenW(pwstrDll)+2, MEM_RESERVE|MEM_COMMIT, PAGE_READWRITE); FAILED WITH %d!",GetLastError());
		return false;
	}
	if(WriteProcessMemory(hProcess, (LPVOID)RemoteString, pwstrDll,(lstrlenW(pwstrDll)*2)+2, NULL) == 0)
	{
		clogf("WriteProcessMemory(hProcess, (LPVOID)RemoteString, pwstrDll,lstrlenW(pwstrDll)+2, NULL) FAILED WITH %d!",GetLastError());
		return false;
	}
	if(CreateRemoteThread(hProcess, NULL, NULL, (LPTHREAD_START_ROUTINE)LoadLibAddy, (LPVOID)RemoteString, NULL, NULL) == NULL)
	{
		clogf("CreateRemoteThread(hProcess, NULL, NULL, (LPTHREAD_START_ROUTINE)LoadLibAddy, (LPVOID)RemoteString, NULL, NULL) FAILED WITH %d!",GetLastError());
		return false;
	}
 
	return true;
}
I hope someone else could figure it out ,thanks in advance Smile | :)
AnswerRe: Dll injection and hooking Pinmemberminiman061-Dec-12 19:01 
Questionsimple program in linux doesnt work Pinmembera1_shay29-Nov-12 22:59 
AnswerRe: simple program in linux doesnt work PinmemberGraham Breach30-Nov-12 0:24 
GeneralRe: simple program in linux doesnt work Pinmembera1_shay30-Nov-12 1:43 
AnswerRe: simple program in linux doesnt work Pinmemberjschell30-Nov-12 10:49 
QuestionRead binary File Pinmemberyogeshs28-Nov-12 23:05 
AnswerRe: Read binary File PinmvpRichard MacCutchan28-Nov-12 23:14 
AnswerRe: Read binary File PinmemberFreak3028-Nov-12 23:18 
GeneralRe: Read binary File Pinmemberyogeshs28-Nov-12 23:41 
QuestionRe: Read binary File PinmemberDavidCrow29-Nov-12 2:37 
Questionextracting resources from an exe for translation Pinmemberchronodekar28-Nov-12 21:28 
AnswerRe: extracting resources from an exe for translation PinmemberMattias G3-Dec-12 22:24 
Questioncompile code twice,why the two result is differrent Pinmemberyingkou28-Nov-12 21:10 
AnswerRe: compile code twice,why the two result is differrent PinmemberStefan_Lang28-Nov-12 22:31 
AnswerRe: compile code twice,why the two result is differrent PinmemberStephen Hewitt29-Nov-12 0:42 
AnswerRe: compile code twice,why the two result is differrent Pinmembersajeesh.c30-Nov-12 18:28 
AnswerRe: compile code twice,why the two result is differrent PinmemberCristian Amarie3-Dec-12 8:55 
QuestionCListCtrl Pinmembersarfaraznawaz28-Nov-12 21:07 
AnswerRe: CListCtrl PinmemberJochen Arndt28-Nov-12 21:30 
QuestionLong pointer to character C++ Pinmemberpix_programmer28-Nov-12 4:41 
GeneralRe: Long pointer to character C++ PinmemberDavidCrow28-Nov-12 5:19 
AnswerRe: Long pointer to character C++ PinmvpRichard MacCutchan28-Nov-12 5:20 
AnswerRe: Long pointer to character C++ PinmemberStefan_Lang28-Nov-12 6:07 
GeneralRe: Long pointer to character C++ PinmemberDavidCrow28-Nov-12 7:56 
GeneralRe: Long pointer to character C++ PinmemberStefan_Lang28-Nov-12 22:03 
AnswerRe: Long pointer to character C++ PinmvpCPallini28-Nov-12 7:48 
AnswerRe: Long pointer to character C++ Pinmembersajeesh.c30-Nov-12 18:35 
AnswerRe: Long pointer to character C++ [modified] PinmemberApril Fans13-Dec-12 18:06 
Questionproblem in c with linux Pinmembera1_shay28-Nov-12 2:23 
AnswerRe: problem in c with linux PinmvpCPallini28-Nov-12 3:07 
SuggestionRe: problem in c with linux PinmvpRichard MacCutchan28-Nov-12 3:11 
GeneralRe: problem in c with linux Pinmembera1_shay28-Nov-12 21:35 
GeneralRe: problem in c with linux PinmvpRichard MacCutchan28-Nov-12 23:04 
AnswerRe: problem in c with linux Pinmembersajeesh.c30-Nov-12 18:40 
QuestionMerging Arrays Pinmemberpix_programmer27-Nov-12 21:57 
AnswerRe: Merging Arrays PinmemberAndy41127-Nov-12 22:48 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.


Advertise | Privacy | Mobile
Web01 | 2.8.140709.1 | Last Updated 10 Jul 2014
Copyright © CodeProject, 1999-2014
All Rights Reserved. Terms of Service
Layout: fixed | fluid