Home > Back-end >  D7 upgrade to XE2 error function
D7 upgrade to XE2 error function

Time:10-08

 function charu (const HostFile, GuestFile: string; Const PID: DWORD=0) : DWORD;//thread insert 
Var
HRemoteProcess: THandle;
DwRemoteProcessId: DWORD;
Cb: DWORD;
PszLibFileRemote: Pointer;
IReturnCode: Boolean;
TempVar: DWORD;
PfnStartAddr: TFNThreadStartRoutine;
PszLibAFilename: PwideChar;
The begin
Result:=0;
The Debugger (True);
Getmem (pszLibAFilename, Length (GuestFile) * 2 + 1);
StringToWideChar (GuestFile pszLibAFilename, Length (GuestFile) * 2 + 1);
If PID & gt; 0 then
DwRemoteProcessID: PID=
The else
FindAProcess (HostFile, False, dwRemoteProcessID);
HRemoteProcess:=OpenProcess (PROCESS_CREATE_THREAD + {allow remote create a thread}
PROCESS_VM_OPERATION + {allow remote VM operating}
PROCESS_VM_WRITE, {allow remote VM write}
FALSE, dwRemoteProcessId);
Cb:=(1 + lstrlenW (pszLibAFilename)) * sizeof (WCHAR);
PszLibFileRemote:=PWIDESTRING (VirtualAllocEx (hRemoteProcess, nil, cb, MEM_COMMIT, PAGE_READWRITE));
TempVar:=0;
IReturnCode:=WriteProcessMemory (hRemoteProcess, pszLibFileRemote pszLibAFilename, cb, TempVar);
If iReturnCode then
The begin
PfnStartAddr:=GetProcAddress call (GetModuleHandle (' Kernel32 '), 'LoadLibraryW');
TempVar:=0;
Result:=CreateRemoteThread (hRemoteProcess, nil, 0, pfnStartAddr, pszLibFileRemote, 0, TempVar);
end;
Freemem (pszLibAFilename);
end;


This sentence is wrong in the XE2 iReturnCode:=WriteProcessMemory (hRemoteProcess, pszLibFileRemote pszLibAFilename, cb, TempVar);

That can greatly help to modify

CodePudding user response:

TempVar: THandle;

CodePudding user response:

 
IReturnCode:=WriteProcessMemory (hRemoteProcess,
PszLibFileRemote pszLibAFilename, cb, SIZE_T (TempVar));

CodePudding user response:

Thank you two, to compile, but D7 can be successful in the injected DLL, injection XE2 act.

CodePudding user response:

 unit Unit1; 

Interface

USES the
Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
Dialogs, TlHelp32 StdCtrls;

Type
TForm1=class (TForm)
Btn1: TButton;
Procedure btn1Click (Sender: TObject);
Private
{Private declarations}
Public
{Public declarations}
end;

Var
Form1: TForm1;

Implementation

{$R *. DFM}

Procedure FindAProcess (const AFilename: string; Const PathMatch: Boolean; Var ProcessID: DWORD);//lookup process
Var
Lppe: TProcessEntry32;
SsHandle: Thandle;
FoundAProc FoundOK: Boolean;
The begin
ProcessID:=0;
SsHandle:=CreateToolHelp32SnapShot (TH32CS_SnapProcess, 0);
FoundAProc:=Process32First (Sshandle lppe);
While FoundAProc do
The begin
If PathMatch then
FoundOK:=AnsiStricomp (lppe szExefile, PChar (AFilename))=0
The else
FoundOK:=AnsiStricomp (PChar (ExtractFilename (lppe. SzExefile)), PChar (ExtractFilename (AFilename)))=0.
If FoundOK then
The begin
ProcessID:=lppe. Th32ProcessID;
break;
end;
FoundAProc:=Process32Next (SsHandle lppe);
end;
The CloseHandle (SsHandle);
end;

The function the Debugger (const bEnabled: Boolean) : Boolean;//improve the DeBug
Var
HToken: THandle;
Tp: TOKEN_PRIVILEGES;
A: dwords.
Const
SE_DEBUG_NAME='SeDebugPrivilege';
The begin
Result:=False;
If (OpenProcessToken (GetCurrentProcess (), TOKEN_ADJUST_PRIVILEGES hToken)) then
The begin
Tp. PrivilegeCount:=1;
LookupPrivilegeValue (nil, SE_DEBUG_NAME, tp Privileges. [0] Luid);
If bEnabled then
Tp. Privileges [0]. Attributes:=SE_PRIVILEGE_ENABLED
The else
Tp. Privileges [0]. Attributes:=0;
A:=0;
AdjustTokenPrivileges (hToken, False, tp, SizeOf (tp), nil, a);
The Result: GetLastError==ERROR_SUCCESS;
The CloseHandle (hToken);
end;
end;

The function charu (const HostFile GuestFile: string; Const PID: DWORD=0) : DWORD;//thread insert
Var
HRemoteProcess: THandle;
DwRemoteProcessId: DWORD;
Cb: DWORD;
PszLibFileRemote: Pointer;
IReturnCode: Boolean;
TempVar: DWORD;
Tempvar2: THandle;
PfnStartAddr: TFNThreadStartRoutine;
PszLibAFilename: PwideChar;
The begin
Result:=0;
The Debugger (True);
Getmem (pszLibAFilename, Length (GuestFile) * 2 + 1);
StringToWideChar (GuestFile pszLibAFilename, Length (GuestFile) * 2 + 1);
If PID & gt; 0 then
DwRemoteProcessID: PID=
The else
FindAProcess (HostFile, False, dwRemoteProcessID);
HRemoteProcess:=OpenProcess (PROCESS_CREATE_THREAD + {allow remote create a thread}
PROCESS_VM_OPERATION + {allow remote VM operating}
PROCESS_VM_WRITE, {allow remote VM write}
FALSE, dwRemoteProcessId);
Cb:=(1 + lstrlenW (pszLibAFilename)) * sizeof (WCHAR);
PszLibFileRemote:=PWIDESTRING (VirtualAllocEx (hRemoteProcess, nil, cb, MEM_COMMIT, PAGE_READWRITE));
TempVar:=0;
Tempvar2:=0;
nullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnull
  • Related