I got a problem with the function CreateRemoteThread.
I just built up a little console window asking for a specific number to exit (so that it just remains opened as long as I want it). Inside this program there is a function which memory address I figured out.
Now I wanna call this function with a second program via CreateRemoteThread, but it always says that there is an access violation. Both are compiled in the same way.
Here is the code of my remote call:
bool SetPrivileges(){
HANDLE pt; //process token
TOKEN_PRIVILEGES ptp; //process token privileges
if (OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &pt))
{
LookupPrivilegeValue(NULL, SE_DEBUG_NAME, &ptp.Privileges[0].Luid);
ptp.PrivilegeCount = 1;
ptp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
if (AdjustTokenPrivileges(pt, false, &ptp, sizeof(ptp), NULL, NULL))
{
return true;
}
}
return false;}
int _tmain(int argc, _TCHAR* argv[])
{
if (SetPrivileges())
{
cout << "Enabled custom privileges" << endl;
}
else{
cout << "Could not enable custom privileges" << endl << GetLastError() << endl;
}
CodeHelper ch;
DWORD processId = ch.GetProcessId("CallMeConsole.exe");
HANDLE proc = OpenProcess(PROCESS_ALL_ACCESS, false, processId);
DWORD Testaddress = 0x008642D0;
HANDLE thread = CreateRemoteThread(proc, NULL, 0, (LPTHREAD_START_ROUTINE)Testaddress, NULL, 0, NULL);
/*if (thread != 0)
{
WaitForSingleObject(thread, INFINITE);
CloseHandle(thread);
CloseHandle(proc);
cout << "success!" << endl;
}
else{
cout << "error" << endl;
}*/
return 0;}
If I am right, I just need VirtualAllocEx for reserving memory space if I want to inject some code. But I just want to call a program's function.
You guys got any ideas?
The search didn't help me really. Thank you!
For everybody who has got the same problem, the code provided is completely fine. Just my example address went wrong.
Anyways I hope this is a half-good example of how to execute remote functions of a selected program.
Thanks to everyone.