winapi - C# Call win api in external process -

-

i'm trying call win api function in external process.

basic rundown:

  • get base address of user32.dll putty.exe (or 32 bit proc)
  • get base address of messageboxa user32.dll
  • populate messageboxa struct data, , allocate data locally.
  • allocate struct in putty
  • write struct putty.
  • createremotethread execute messageboxa.

all winapi calls succeed, , no error thrown, nor putty process crash. not show messagebox.

any appreciated.
thanks!

using system; using system.collections.generic; using system.diagnostics; using system.linq; using system.runtime.interopservices; using system.text;  namespace remote_api_call {     class program     {         #region api         [dllimport("kernel32.dll", charset = charset.auto)]         public static extern intptr getmodulehandle(string lpmodulename);          [dllimport("kernel32", charset = charset.ansi, exactspelling = true, setlasterror = true)]         static extern intptr getprocaddress(intptr hmodule, string procname);          [dllimport("kernel32.dll", setlasterror = true, exactspelling = true)]         static extern intptr virtualallocex(intptr hprocess, intptr lpaddress,             uint dwsize, uint flallocationtype, uint flprotect);          [dllimport("kernel32.dll", setlasterror = true)]         static extern bool writeprocessmemory(intptr hprocess, intptr lpbaseaddress, byte[] lpbuffer, uint nsize, out uintptr lpnumberofbyteswritten);          [dllimport("kernel32.dll")]         static extern intptr createremotethread(intptr hprocess,             intptr lpthreadattributes, uint dwstacksize, intptr lpstartaddress, intptr lpparameter, uint dwcreationflags, intptr lpthreadid);         #endregion         [dllimport("kernel32.dll", setlasterror = true)]         static extern bool writeprocessmemory(intptr hprocess, intptr lpbaseaddress, intptr lpbuffer, uint nsize, out uintptr lpnumberofbyteswritten);         // privileges         const int process_create_thread = 0x0002;         const int process_query_information = 0x0400;         const int process_vm_operation = 0x0008;         const int process_vm_write = 0x0020;         const int process_vm_read = 0x0010;          // used memory allocation         const uint mem_commit = 0x00001000;         const uint mem_reserve = 0x00002000;         const uint page_readwrite = 4;           [structlayout(layoutkind.sequential)]         struct messageboxa         {             public intptr hwnd;             [marshalas(unmanagedtype.lpstr)]             public string lptext;             [marshalas(unmanagedtype.lpstr)]             public string lpcaption;             [marshalas(unmanagedtype.u4)]             public uint type;         }          [dllimport("kernel32.dll")]         public static extern intptr openprocess(int dwdesiredaccess, bool binherithandle, int dwprocessid);         static void main(string[] args)         {             process putty = process.getprocessesbyname("putty")[0];              intptr user32calc = moduleaddr(calc, "user32.dll");             console.writeline("user32.dll addr putty.exe: " + user32calc.toint32());              intptr messageboxa = getprocaddress(user32calc, "messageboxa");             console.writeline("messageboxa addr putty.exe: " + messageboxa.toint32());              intptr prochandle = openprocess(process_create_thread | process_query_information | process_vm_operation | process_vm_write | process_vm_read, false, putty.id);               messageboxa rtp = new messageboxa();             rtp.hwnd = intptr.zero;             rtp.lptext = "hey mate!";             rtp.lpcaption = "caption";             rtp.type = 16;             uintptr byteswritten;              // allocate mem locally             intptr iptrtoparams = marshal.allochglobal(marshal.sizeof(rtp));              // copy data structure             marshal.structuretoptr(rtp, iptrtoparams, false);              // allocate mem in other process params             intptr allocmemaddress = virtualallocex(prochandle, intptr.zero, (uint)marshal.sizeof(rtp), mem_commit | mem_reserve, page_readwrite);             if (allocmemaddress != intptr.zero)                 console.writeline("allocmem success");             if (writeprocessmemory(prochandle, allocmemaddress, iptrtoparams, (uint)marshal.sizeof(rtp), out byteswritten))                 console.writeline("wpm success");             //   marshal.freehglobal(iptrtoparams);             if (createremotethread(prochandle, intptr.zero, 0, messageboxa, allocmemaddress, 0, intptr.zero) != intptr.zero)                 console.writeline("createremotethread success");               console.read();         }          private static intptr moduleaddr(process p, string modulename)         {             foreach (processmodule pmod in p.modules)             {                 if (pmod.modulename.tolower() == modulename.tolower())                     return pmod.baseaddress;             }             return intptr.zero;         }      } }


Comments

Post a Comment

Popular posts from this blog

sql - VB.NET Operand type clash: date is incompatible with int error -

-
i trying display records table named staffpresentee database using clause... i using visual studio 2010... the table design follows- .......fieldname..................datatype........allownull 1......staff_id (fk).............numeric(18,0)......yes 2.......date........................date.............no 3......present.....................char(1)..........yes note type of 2nd field date , not datetime... i want display records table have today's date int 'date' field... current query is- cmd = new sqlclient.sqlcommand("select * staffpresentee date=" & date.now.date, cn) dr = cmd.executereader for dr = cmd.executereader error "operand type clash: date incompatible int" i tried select * staffpresentee query without clause runs correctly. try putting date value in sigle quotes maybe. cmd = new sqlclient.sqlcommand("select * staffpresentee date='" & _
Read more

SVG stroke-linecap doesn't work for circles in Firefox? -

-
i've got problem svg stroke-linecap attribute. i've got circular progress bar in angularjs , set outer circle (blue one) have rounded "ends". @ fiddle . <svg ... height="130" width="130"> <!-- ngif: background --> <circle ... ng-if="background" fill="#fff" class="ng-scope" stroke-width="13" stroke="#cc3399" r="57.5" cy="65" cx="65" stroke-linecap="round" /> <!-- end ngif: background --> <circle ... fill="none" stroke-dashoffset="36.12831551628261" stroke-dasharray="361.28315516282623" stroke-width="13" stroke="#432db3" stroke-linecap="round" r="57.5" cy="65" cx="65" transform="rotate(-89.9, 65, 65)" /> </svg> how can that?
Read more

python - TypeError: Scalar value for argument 'color' is not numeric in openCV -

-
here code im = cv2.imread('luffy.jpg') gray = cv2.cvtcolor(im,cv2.color_bgr2gray) ret,thresh = cv2.threshold(gray,127,255,0) contours,h = cv2.findcontours(thresh,cv2.retr_tree,cv2.chain_approx_simple) cnt in contours: moment = cv2.moments(cnt) c_y = moment['m10']/(moment['m00']+0.01) c_x = moment['m01']/(moment['m00']+0.01) centroid_color = im[c_x,c_y] centroid_color = np.array((centroid_color[0],centroid_color[1],centroid_color[2])) print type(centroid_color) cv2.fillpoly(im,cnt,centroid_color) i getting error on last line try , pass centroid_color color argument. <type 'numpy.ndarray'> , have been able pass data type cv2.fillpoly color in other instances, not sure why having problem here. fillpoly() expects iterable, i.e. put cnt in brackets. believe duplicate of https://stackoverflow.com/a/17582850/5818240 . moreover, centroid color variable contains strings. need convert them i
Read more