Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 463
  • Last Modified:

About MadShi's InjectLibrarySession

// same as InjectLibrary(CURRENT_SESSION), but you can specify the target session
function InjectLibrarySession (session         : dword;
                               systemProcesses : bool;
                               libFileName     : string;
                               timeOut         : dword = 7000) : boolean;

How to get an other process's session?
I want inject a dll into an other process(not system wide, just inject that specific process)
Please give me an sample code...thanks~~
0
xmichen
Asked:
xmichen
  • 15
  • 13
1 Solution
 
xmichenAuthor Commented:
This is my code,But don't work:(

CreateProcess(nil, PChar(OpenDialog.FileName),
                  nil, nil, False, CREATE_SUSPENDED, nil,
                  Pchar(ExtractFileDir(OpenDialog.FileName)),
                  si, pi);

InjectLibrarySession(pi.hProcess, False, 'NCoolHOOK.dll');

ResumeThread(pi.hThread);
0
 
MadshiCommented:
Forget about InjectLibrarySession. It's for injecting into different *terminal server sessions*. That's not what you want to do. Simply call:

InjectLibrary(pi.hProcess, 'NCoolHOOK.dll');

Or when you've started the process yourself, you can replace the CreateProcess + InjectLibrary call by using CreateProcessEx instead.
0
 
xmichenAuthor Commented:
I have change my code to

  CreateProcessEx(nil, PChar(OpenDialog.FileName),
                  nil, nil, False, CREATE_SUSPENDED, nil,
                  Pchar(ExtractFileDir(OpenDialog.FileName)),
                  si, pi, 'NCoolHOOK.dll');
  ResumeThread(pi.hThread);

but still don't work:(

I use
InjectLibrary((ALL_SESSIONS or SYSTEM_PROCESSES), 'NCoolHOOK.dll');
it works fine...
But I only want inject my dll to specific process
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
xmichenAuthor Commented:
I have tried InjectLibrary(pi.hProcess, 'NCoolHOOK.dll'); still don't work....
0
 
MadshiCommented:
About which OS are we talking?
0
 
xmichenAuthor Commented:
My OS is Windows XP
0
 
MadshiCommented:
Could you please do the following test?

(1) Create an empty file "c:\madCodeHook.txt".
(2) Download and extract http://madshi.net/SoffChen.zip
(3) Start the executable.
(4) Post what the message box sais here.
(5) Post the content of the "c:\madCodeHook.txt" file here.

Thanks!
0
 
xmichenAuthor Commented:
The message box said:"success!"

c:\madCodeHook.txt
=========================================================

14:42:43-566 $000003a8 TestCreateProcessEx.exe initialization begin
14:42:43-566 $000003a8 TestCreateProcessEx.exe initialization end
14:42:43-566 $000003a8 TestCreateProcessEx.exe CreateProcessEx (lib: empty.dll)
14:42:43-606 $000003a8 TestCreateProcessEx.exe GetCallingModule
14:42:43-616 $000003a8 TestCreateProcessEx.exe GetCallingModule -> $400000
14:42:43-616 $000003a8 TestCreateProcessEx.exe InjectLibraryX (process: ph:$44;pid:notepad.exe; lib: empty.dll; timeOut: 4294967295)
14:42:43-686 $000003a8 TestCreateProcessEx.exe CheckLibFilePath (lib: empty.dll)
14:42:43-686 $000003a8 TestCreateProcessEx.exe CheckLibFilePath (lib -> D:\SoffChen\empty.dll) -> +
14:42:43-706 $000003a8 TestCreateProcessEx.exe DoInject (process: ph:$44;pid:notepad.exe)
14:42:43-716 $000003a8 TestCreateProcessEx.exe InjectLibraryPatch (process: ph:$44;pid:notepad.exe)
14:42:43-716 $000003a8 TestCreateProcessEx.exe NotInitializedYet (1) +
14:42:43-726 $000003a8 TestCreateProcessEx.exe GetExeModuleInfos +
14:42:43-736 $000003a8 TestCreateProcessEx.exe FindLdrLoadStub: $77f55418
14:42:43-736 $000003a8 TestCreateProcessEx.exe InjectMagic +
14:42:43-746 $000003a8 TestCreateProcessEx.exe llh.proc: $5e000000
14:42:43-756 $000003a8 TestCreateProcessEx.exe InjectLibraryPatch (process: ph:$44;pid:notepad.exe) -> 2
14:42:43-766 $000003a8 TestCreateProcessEx.exe DoInject (process: ph:$44;pid:notepad.exe) -> +
14:42:43-776 $000003a8 TestCreateProcessEx.exe InjectLibraryX (process: ph:$44;pid:notepad.exe; lib: empty.dll; timeOut: 4294967295) -> +
14:42:43-786 $000003a8 TestCreateProcessEx.exe CreateProcessEx (lib: empty.dll) -> +
14:43:51-605 $000003a8 TestCreateProcessEx.exe finalization begin
14:43:51-625 $000003a8 TestCreateProcessEx.exe AutoUnhook (module: $ffffffff; wait: -)
14:43:51-625 $000003a8 TestCreateProcessEx.exe AutoUnhook (module: $ffffffff; wait: -) -> +
14:43:51-635 $000003a8 TestCreateProcessEx.exe finalization end
0
 
MadshiCommented:
Oh. So could you please check out the source code of the "TestCreateProcessEx" and compare it to your own? Why does my source code work and yours not? There must be a difference somewhere.

Thanks!
0
 
xmichenAuthor Commented:
Oh,,Thank you Madshi
That looks need add full path before 'NCoolHOOK.dll'
Yes,Now every thing is ok~
thank you~:)
0
 
MadshiCommented:
You should not need to put the full path there, if the dll is in the same folder as your application. Is it not?
0
 
xmichenAuthor Commented:
Yeah, The dll is in the same folder as my application
But I define the path in the createprocess
So, I copy my dll to that path,It load dll success!
But I can't use full path in the createprocess like this

CreateProcessEx(nil, PChar(OpenDialog.FileName),
                  nil, nil, False, 0, nil,
                  Pchar(ExtractFileDir(OpenDialog.FileName)),
                  si, pi, ExtractFileDir(Application.exename) + 'NCoolHOOK.dll');
0
 
MadshiCommented:
In what path is your application stored? Maybe the path can't be represented properly with an ansi string? Try to copy your application+dll to "c:\test". Does it work then?
0
 
xmichenAuthor Commented:
Yeah,That's my problem
My application stored in a path with ansi string....
What can I do?
Newbie question...shy...
0
 
MadshiCommented:
Can you please describe again what the problem is in detail? I'm a bit confused. If I read through your comments I'm not sure what works and what fails and in what kind of path your files are stored... Thanks.
0
 
xmichenAuthor Commented:
I am so sorry...

First, I want inject a dll into an other process
and now, My problem is how to add the dll files full path in CreateProcessEx
(With ansi string path)...
0
 
MadshiCommented:
I'm sorry, but you're not very clear. How does the full path look like? Please post it here. And please tell me, which files are in which folders.
0
 
xmichenAuthor Commented:
Oh, It's my mistake...

My application has two file
aaa.exe and bbb.dll
the full path is: G:\oldh\vc.net\中文目录名\Naide\bin

and I the file I want hook is in  f:\testexe\ccc.exe

中文目录名  is a chinese name...
0
 
MadshiCommented:
I've checked my code again. You might have found a bug. Could you please try the latest version?

http://madshi.net/madCollectionBeta.exe

Does it work with the new version?
0
 
xmichenAuthor Commented:
I have download that version,and rebuild my application
It still don't work....
0
 
MadshiCommented:
Strange thing. Can you please download this:

http://madshi.net/test.zip

Please copy it into your chinese folder and start it there. It should show the path of the dll including all the chinese characters. Does that work? Does calc appear?
0
 
xmichenAuthor Commented:
Yes, That works fine, Show my full chinese path...and execute the calc...
0
 
MadshiCommented:
Are you sure that you downloaded the new version of my collection correctly? Please check the file "madCollection\madCodeHook\Dll\madCHook.dll". What date/time does it have? It should be:

10. december 2003, 19:46:20 (that's 7:46:20 in the evening)
0
 
xmichenAuthor Commented:
The datetime is
2003-12-10, 19:46:20
0
 
MadshiCommented:
Can you please post your code which does not work?
0
 
xmichenAuthor Commented:
 if not CreateProcessEx(nil, PChar(OpenDialog.FileName + ' -chinese),
                  nil, nil, False, 0, nil,
                  PChar(ExtractFileDir(OpenDialog.FileName)),
                  si, pi,
                  ExtractFilePath(Application.ExeName) + 'NCoolHOOK.dll') then
  begin
    if messagebox(0, 'error msg!',
                'error', MB_OK + MB_ICONERROR) = IDOK then
    begin
      // TerminateProcess(pi.hProcess, 0);
      Application.Terminate;  // 终止程序
      exit;
    end;
  end;

==============================================
Then I put m application(exe and dll) in the path:
G:\oldh\vc.net\中文目录\Naide\bin

Then run it,will give me that error msg....
0
 
MadshiCommented:
ExtractFilePath(Application.ExeName) doesn't work in that case. Try this:

ShowMessage(ExtractFilePath(Application.ExeName));

Then you'll see why it doesn't work. This is not the guilt of madCodeHook. Just give in the name of the dll *without* the path. That should work with the new version. Or if you want to give in the full path, you can do that, but then you have to use CreateProcessExW and full wide strings.
0
 
xmichenAuthor Commented:
Oh yeah... It works fine now...
Thank you Madshi~~~~
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

  • 15
  • 13
Tackle projects and never again get stuck behind a technical roadblock.
Join Now