Author Topic: [vb] OpenProcess always returning 0 - problem with constants?  (Read 4312 times)

0 Members and 1 Guest are viewing this topic.

Offline warz

  • Hero Member
  • *****
  • Posts: 1134
    • View Profile
    • chyea.org
Hey, I'm trying to convert some of my c++ code for dll injection to visual basic, for a buddy of mine. Having to define all the API calls is annoying, but I've done them correctly using API Viewer. I'm thinking the problem is how I've got my constant defined (possibly). Anyone mind checkin this code out and seeing if you can tell my why it's always returning 0.

Code: [Select]
Private Const PROCESS_ALL_ACCESS& = &H1F0FFF

Private Declare Function OpenProcess Lib "kernel32" _
    (ByVal dwDesiredAccess As Long, ByVal bInheritHandle As Long, ByVal dwProcessId As Long) As Long


    Call GetWindowThreadProcessId(procInfo.hTargetHwnd, procInfo.dwProcessId)
   
    If ((procInfo.hProcess = OpenProcess(PROCESS_ALL_ACCESS, False, procInfo.dwProcessId)) = 0) Then
        Inject = False
        Exit Function
    End If
http://www.chyea.org/ - web based markup debugger

Offline warz

  • Hero Member
  • *****
  • Posts: 1134
    • View Profile
    • chyea.org
Re: [vb] OpenProcess always returning 0 - problem with constants?
« Reply #1 on: May 14, 2006, 11:24:42 pm »
Actually, the above problem was fixed due to visual basic syntax errors. Darn C++ messing up my Visual Basic. :-P
Anyways, the following error is what I believe to be a true problem with the call to CreateRemoteThread. It is being passed all correct data, and should work. It returns false, though. Anyone know why, maybe?

Code: [Select]
    procInfo.hThread = CreateRemoteThread(procInfo.dwProcessId, 0, 0, GetProcAddress(procInfo.hLibrary, "LoadLibraryA"), procInfo.rAddress, 0, 0)
    If procInfo.hThread = 0 Then
        Call VirtualFreeEx(procInfo.hProcess, ByVal procInfo.rAddress, Len(procInfo.szLibrary), MEM_RELEASE Or MEM_DECOMMIT)
        Inject = False
        Exit Function
    End If
    Debug.Print "CreateRemoteThread OK (" & procInfo.hThread & ")"
http://www.chyea.org/ - web based markup debugger

Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
Re: [vb] OpenProcess always returning 0 - problem with constants?
« Reply #2 on: May 15, 2006, 09:25:38 am »
Although I can't help you because I don't remember, tonight I can post some C++ code that runs CreateRemoteProcess, if that'll help.

Offline warz

  • Hero Member
  • *****
  • Posts: 1134
    • View Profile
    • chyea.org
Re: [vb] OpenProcess always returning 0 - problem with constants?
« Reply #3 on: May 15, 2006, 05:19:39 pm »
Although I can't help you because I don't remember, tonight I can post some C++ code that runs CreateRemoteProcess, if that'll help.

Ah, that's alright. I wrote this thing in C++ originally, and it works. I'm just trying to convert it to visual basic for a buddy of mine.
http://www.chyea.org/ - web based markup debugger

Offline warz

  • Hero Member
  • *****
  • Posts: 1134
    • View Profile
    • chyea.org
Re: [vb] OpenProcess always returning 0 - problem with constants?
« Reply #4 on: May 15, 2006, 05:37:27 pm »
Anyways, I managed to fix it. I was passing the process id to CreateRemoteThread instead of the handle to the process. Big problem :-)

Here's the working source code, binary and my basic stats hack (unfinished) bwlib.dll: Download
http://www.chyea.org/ - web based markup debugger

Offline warz

  • Hero Member
  • *****
  • Posts: 1134
    • View Profile
    • chyea.org
Re: [vb] OpenProcess always returning 0 - problem with constants?
« Reply #5 on: May 17, 2006, 12:42:31 am »
I went ahead and forced myself to not be lazy. I finished my GUI version of BWLoader, my C++ version of the dll injector.

This one supports:

    * Utilizes the registry to save dll and game paths (HKEY_CURRENT_USER\Software\BroodwarThreat\BWLoader)
    * automatically starting sc/bw
    * injecting dll's into target processes via LoadLibrary

It's fairly idiot proof. If you're dumb it will not allow you to press Inject!. :-P The source code to this, just like my visual basic one, is available to the public also. It provides a decent demo of win32 programming without MFC. You can find both source code zips at www.rafm.org as well as the zip containing only the dll injector if you want to use it. I think it's pretty neat. ;-)
http://www.chyea.org/ - web based markup debugger

Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
Re: [vb] OpenProcess always returning 0 - problem with constants?
« Reply #6 on: May 17, 2006, 07:59:59 am »
I made a program exactly like that.  I don't know where my source is, but it's available upon request.  The binary can be found at http://www.valhallalegends.com/iago/Injector.rar

Offline Blaze

  • x86
  • Hero Member
  • *****
  • Posts: 7136
  • Canadian
    • View Profile
    • Maide
Re: [vb] OpenProcess always returning 0 - problem with constants?
« Reply #7 on: June 14, 2006, 12:17:49 am »
You sent me the source before, it's very messy.  It does the job though, I had some fun with it and Starcraft... :)
And like a fool I believed myself, and thought I was somebody else...