Hi!
How to call a remote thread with Int32 parameter?
For example I have some native function in remote process:
void __cdecl Execute(int a)
{
wss1<<(int)a;
MessageBox(NULL, wss1.str().c_str() , NULL, MB_OK);
}
And I need to call this function.
What I do:
//declare struct
[StructLayout(LayoutKind.Sequential, Pack = 1, CharSet = CharSet.Ansi)]
struct YourStruct
{
[MarshalAs( UnmanagedType.I4, SizeConst=4)]
public Int32 a;
}
//call my func
public IntPtr RunRemoteFunc(IntPtr FuncPtr)
{
IntPtr bytesout;
YourStruct YS = new YourStruct();
YS.a = 777;
int LenWrite = 4;
IntPtr Mem = Marshal.AllocHGlobal(LenWrite);
Marshal.StructureToPtr(YS,Mem,true);
IntPtr AllocMem = (IntPtr)NativeMethods.VirtualAllocEx(hProcess, (IntPtr)null, (uint)LenWrite, 0x1000, 0x40); //allocation pour WriteProcessMemory
NativeMethods.WriteProcessMemory(hProcess, AllocMem,Mem, (UIntPtr)Mem.ToInt32(), out bytesout);
IntPtr hThread = (IntPtr)NativeMethods.CreateRemoteThread(hProcess, (IntPtr)null, 0,(UIntPtr)FuncPtr.ToInt32(), AllocMem, 0, out bytesout);
if (hThread == IntPtr.Zero)
{
MessageBox.Show(" hThread [ 1 ] Error! \n ");
return IntPtr.Zero;
}
int Result = NativeMethods.WaitForSingleObject(hThread, 0xFFFFFFFF);
if (Result == 0x00000080L || Result == 0x00000102L /*|| Result == 0xFFFFFFFF*/)
{
MessageBox.Show(" hThread [ 2 ] Error! \n ");
if (hThread != null)
{ NativeMethods.CloseHandle(hThread); }
return IntPtr.Zero;
}
IntPtr Res = IntPtr.Zero;
bool isSuccess = NativeMethods.GetExitCodeThread(hThread, out Res);
NativeMethods.VirtualFreeEx(hProcess, AllocMem, (UIntPtr)0, 0x8000);
if (hThread != null)
{ NativeMethods.CloseHandle(hThread); }
return Res;
}
But result is not '777'!
Please, help me...