| View previous topic :: View next topic |
| Author |
Message |
*CandyShop*
Grandmaster Cheater
![]() Reputation: 0
Joined: 03 Apr 2007
Posts: 865
Location: Israel
|
 Posted: Wed Apr 09, 2008 2:01 pm Post subject: [Q] CreateRemoteThread |
 |
|
Hi,
I want to CreatRemoteThread to a process and actually run my function in the process(thread...)
Anyway, I want something like this:
| Code: | //Thread function
int __stdcall threadProc(LPVOID lpParameter){
MessageBox(0, _T("Hello world"), _T("Caption"), MB_OK);
}
//...
//...CreateRemoteThread with threadProc so when it will executed
//(when thread will be created, it will do a messagebox with the threadProc code). |
Thanks for helpers 
|
|
| Back to top |
|
 |
samuri25404
Grandmaster Cheater
 Reputation: 7
Joined: 04 May 2007
Posts: 955
Location: Why do you care?
|
| Posted: Wed Apr 09, 2008 2:18 pm Post subject: |
|
|
Decl:
| Code: |
HANDLE WINAPI CreateRemoteThread(
__in HANDLE hProcess,
__in LPSECURITY_ATTRIBUTES lpThreadAttributes,
__in SIZE_T dwStackSize,
__in LPTHREAD_START_ROUTINE lpStartAddress,
__in LPVOID lpParameter,
__in DWORD dwCreationFlags,
__out LPDWORD lpThreadId
);
|
Figure it out yourself.
_________________
|
|
| Back to top |
|
|
atom0s
Moderator
 Reputation: 205
Joined: 25 Jan 2006
Posts: 8587
Location: 127.0.0.1
|
| Posted: Thu Apr 10, 2008 12:02 am Post subject: |
|
|
| Code: | | __in LPTHREAD_START_ROUTINE lpStartAddress |
lpStartAddress param is the function address that holds the thread routine, pass it the address to your function you listed above, other params can just be NULL.
CreateRemoteThread( hProcess, NULL, NULL, (LPTHREAD_START_ROUTINE)&threadProc, NULL, NULL, NULL );
You can obtain the thread handle and ID if you wish, most of the time you don't really need it unless you wish to terminate the thread manually before closing the full program.
(Although you should always clean up the memory you create.)
_________________
- Retired. |
|
| Back to top |
|
|
*CandyShop*
Grandmaster Cheater
![]() Reputation: 0
Joined: 03 Apr 2007
Posts: 865
Location: Israel
|
| Posted: Thu Apr 10, 2008 7:28 am Post subject: |
|
|
I know all these...
Wiccan, is that CreateRemoteThread example works? Or do I need to VirtualAllocEx for my thread before?
|
|
| Back to top |
|
|
atom0s
Moderator
Reputation: 205
Joined: 25 Jan 2006
Posts: 8587
Location: 127.0.0.1
|
| Posted: Thu Apr 10, 2008 7:56 pm Post subject: |
|
|
| *CandyShop* wrote: | I know all these...
Wiccan, is that CreateRemoteThread example works? Or do I need to VirtualAllocEx for my thread before? |
You would need to allocate memory and write your thread function into the processes memory space. So yes, you would need to use VirtualAllocEx(), then WriteProcessMemory to write the function to the programs memory, then create the remote thread to call that function.
_________________
- Retired. |
|
| Back to top |
|
|
*CandyShop*
Grandmaster Cheater
![]() Reputation: 0
Joined: 03 Apr 2007
Posts: 865
Location: Israel
|
| Posted: Fri Apr 11, 2008 10:46 am Post subject: |
|
|
| Wiccaan wrote: | | *CandyShop* wrote: | I know all these...
Wiccan, is that CreateRemoteThread example works? Or do I need to VirtualAllocEx for my thread before? |
You would need to allocate memory and write your thread function into the processes memory space. So yes, you would need to use VirtualAllocEx(), then WriteProcessMemory to write the function to the programs memory, then create the remote thread to call that function. |
Thanks
Do I need to write my function as an aobs? Is there any other method?
Ty
|
|
| Back to top |
|
|
rapion124
Grandmaster Cheater Supreme
![]() Reputation: 0
Joined: 25 Mar 2007
Posts: 1095
|
| Posted: Fri Apr 11, 2008 8:53 pm Post subject: |
|
|
| Write the function in your own program and then use WriteProcessMemory to write it to the process you want to invoke CreateRemoteThread in.
|
|
| Back to top |
|
|
*CandyShop*
Grandmaster Cheater
![]() Reputation: 0
Joined: 03 Apr 2007
Posts: 865
Location: Israel
|
| Posted: Mon Apr 14, 2008 2:33 pm Post subject: |
|
|
| rapion124 wrote: | | Write the function in your own program and then use WriteProcessMemory to write it to the process you want to invoke CreateRemoteThread in. |
| Code: | //Thread function
int __stdcall threadProc(LPVOID lpParameter){
MessageBox(0, _T("Hello world"), _T("Caption"), MB_OK);
}
//Writing the function?:
WriteProcessMemory(hProcess,VirtualAllocEx(hProcess,...),(LPVOID)threadProc, ..., NULL); |
I know that VirtualAllocEx isn't completed but the thing is...
will work? I think it won't...
Do I need to make my own array of byte to do it? Is there any other method?
ty
|
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
