I am trying to do code injection into one of my dialog application exe.
The remote application crashed when CreateRemoteThread is called. I couldn't find the reason..Code:#define cbInjectFunc 192 HANDLE hProcess = 0; HANDLE hThread = 0; // The handle and ID of the thread executing DWORD dwThreadId = 0; // the remote InjectFunc. DWORD dwNumBytesXferred = 0; // Number of bytes written to the remote process. static DWORD WINAPI InjectFunc () { //How to invoke the following function in the remote process once InjectFunc is copied into the remote process? //GetModuleHandle(__TEXT("kernel32")); return 0; } //hWnd is the handle to the dialog application exe ::GetWindowThreadProcessId( hWnd, (DWORD*)&PID ); hProcess = ::OpenProcess( PROCESS_CREATE_THREAD | PROCESS_QUERY_INFORMATION | PROCESS_VM_OPERATION | PROCESS_VM_WRITE | PROCESS_VM_READ,FALSE, PID); DWORD *pCodeRemote; pCodeRemote = (PDWORD) VirtualAllocEx( hProcess, 0, cbInjectFunc, MEM_COMMIT, PAGE_EXECUTE_READWRITE ); WriteProcessMemory( hProcess, pCodeRemote, &InjectFunc, cbInjectFunc, &dwNumBytesXferred ); hThread = CreateRemoteThread(hProcess, NULL, 0, (LPTHREAD_START_ROUTINE)pCodeRemote, 0, 0 , &dwThreadId);
What went wrong?
Reply With Quote
