Re: InjCode.cpp
From: Simon (NOsimbilSPAM_at_THANKSbtinternet.CoM)
Date: 01/16/04
- Next message: Kurt Barthelmess: "Re: GetMenuInfo & SetMenuInfo not works"
- Previous message: Paul Mayer: "Re: InjCode.cpp"
- In reply to: Paul Mayer: "Re: InjCode.cpp"
- Next in thread: Paul Mayer: "Re: InjCode.cpp"
- Reply: Paul Mayer: "Re: InjCode.cpp"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Fri, 16 Jan 2004 11:28:55 -0000
> Im a little new to this so please bear with me. Why would it matter if
> user32.dll was remapped?
>
>
> hUser32 := GetModuleHandle('user32');
> DataLocal.fnSendMessage := TSendMessage(GetProcAddress( hUser32,
> 'SendMessageA') );
>
> Surely this would always get us the valid start address of the sendmesage
> function in process (a). If I have understood correctly you are saying we
> should get the start address of the sendmesage function from the target
> process (b). Why does it matter?
>
Because the addresses could be different. A process can not call an address
in another processes address space - that will produce an access violation.
> When you talk of sufficient rights, would that be the security attributes
> parameter in CreateRemoteThread?
>
The security attribute in the CreateRemoteThread is for processes that want
to use that handle (hThread), not for the injection itself.
IIRC, the application that does the injection normally inherits security
attributes from the logged on user - this security must have rights for the
injection process.
You can make the app use another account by LogonUser and
ImpersonateLoggedOnUser - check the Windows SDK help for descriptions.
Good luck, Simon
- Next message: Kurt Barthelmess: "Re: GetMenuInfo & SetMenuInfo not works"
- Previous message: Paul Mayer: "Re: InjCode.cpp"
- In reply to: Paul Mayer: "Re: InjCode.cpp"
- Next in thread: Paul Mayer: "Re: InjCode.cpp"
- Reply: Paul Mayer: "Re: InjCode.cpp"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
|
