Solved

Creating a TSR in Delphi

Posted on 2003-11-12
15
713 Views
Last Modified: 2010-04-05
Hello. I have been trying for quite some time now to create a TSR (Termiante and Stay Resident) program in Delphi, without using ASM.

I assume HeapCreate and HeapAlloc are required; however, I am not sure how to implement them correctly and keep my program in memory even after my exe has exited.

Any help would be greately appreciated [Just a simple example of a Delphi TSR would suffice, so I understand how it works], and I will be sure to award the points accordingly.

Thank you,

-unfunf
0
Comment
Question by:unfunf
  • 5
  • 5
  • 2
  • +1
15 Comments
 
LVL 26

Accepted Solution

by:
EddieShipman earned 63 total points
ID: 9737115
Is this for Windows? wndows does not run TSR's. Use a service instead.
0
 

Author Comment

by:unfunf
ID: 9737198
Yes tis for windows... I want to simply make a process Memory resident so it does not have to rely on the exe being running. Maybe I was being confusing by calling it a TSR.
0
 
LVL 26

Expert Comment

by:EddieShipman
ID: 9737294
well if it is memory resident in windows, it is running...<bg>
0
 
LVL 6

Expert Comment

by:GloomyFriar
ID: 9738546
I can't understand what you want to make.
TSRs was used in DOS for making "pseudo multitasking"
Windows have native multitasking.
As EddieShipman said, use a service or explain more detailed, what do you want.
0
 
LVL 6

Assisted Solution

by:GloomyFriar
GloomyFriar earned 62 total points
ID: 9738611
0
 

Author Comment

by:unfunf
ID: 9743609
I mean more along the lines of allocating actual functions in memory.

For example... To inject code into a process (in WinNT, for win9x stuff I need to use x functions by EliRt) you can use VirtualAllocEx and CreateRemoteThread to execute @ address, and such. I want to do that same thing; however, I want to do it in windows memory itself.. not the private memory of a process. Could I use the hGlobal handle from GlobalAlloc?
0
Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

 
LVL 6

Expert Comment

by:GloomyFriar
ID: 9746864
Memory is allocated (by means of an operating system) in a process context.
GlobalAlloc is obsolete
0
 

Author Comment

by:unfunf
ID: 9747234
So it's just not possible in up to date versions of windows anymore?
0
 
LVL 3

Expert Comment

by:JDuncan
ID: 9749515
How about running a dos tsr in a delphi Console application
0
 
LVL 6

Expert Comment

by:GloomyFriar
ID: 9749999
>So it's just not possible in up to date versions of windows anymore?
Yes. Any process have it's own heap. And GlobalAlloc == LocalAlloc.

Nevertheless could you explain your purposes and may be I'll can help you.
0
 

Author Comment

by:unfunf
ID: 9752087
I wanted to make a type of "test" antivirus for myself, that does not rely on definitions, but on actions to stop that I specify. I wanted to figure out a way to globally hook some apis without having to inject a dll system wide. I also wanted to make it harder for a virus to just end my process (some viruses attempt to end processes by other means, not exe name), since my process is residing in memory and not shown by any process list (it would have to be taken out of memory). Asm programs can do these things pretty easily (not sure if that is true in the more current versions of windows); however, it would take wayyyy to long to code a good asm program. I use delphi because i simply dont have the patience to sit down and figure out asm (which I do not understand very well) then write 30kb of source just to do something that would take maybe 5-7kb in delphi .dpr. Plus I can keep the delphi exe size pretty low (at least under 30 kb).

I just need an alternative to having my actual exe stay up, and keeping my code out of a DLL file.
0
 
LVL 6

Expert Comment

by:GloomyFriar
ID: 9753893
It's rather difficult to make all you've described.
And Delphi is not the best tool to such tasks.
How about MSVC?
0
 

Author Comment

by:unfunf
ID: 9755188
The only language I have a lot of experience in is delphi. So, I would probably not be able to do it (unless someone helped me a lot I suppose) with msvc.
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

A lot of questions regard threads in Delphi.   One of the more specific questions is how to show progress of the thread.   Updating a progressbar from inside a thread is a mistake. A solution to this would be to send a synchronized message to the…
Introduction The parallel port is a very commonly known port, it was widely used to connect a printer to the PC, if you look at the back of your computer, for those who don't have newer computers, there will be a port with 25 pins and a small print…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now