File copy in RemoteExecute

delphi package - getting into other processes

File copy in RemoteExecute

Postby mitzi » Fri Nov 28, 2008 3:02 pm

i'm trying to copy any file in context of another process, but affected process crashes on remote execute.
Here's code:

Code: Select all
program RemoteTest;

uses Windows, SysUtils, madRemote, madKernel;

type
  PParameters = ^TParameters;
  TParameters = record
    Source,
    Dest: array[0..MAX_PATH] of char;
  end;

function Execute(buffer: pointer) : dword; stdcall;
var
  CopyBuffer: array[0..4095] of Byte;
  BytesCopied: Longint;
  Source,Dest: Integer;
begin
  Result:=0;
  Source:=Integer(CreateFile(PParameters(buffer)^.Source,GENERIC_READ,0,nil,OPEN_EXISTING,FILE_ATTRIBUTE_NORMAL,0));
  Dest:=Integer(CreateFile(PParameters(buffer)^.Dest,GENERIC_READ or GENERIC_WRITE,0,nil,CREATE_ALWAYS,FILE_ATTRIBUTE_NORMAL,0));
  if (Dest<>INVALID_HANDLE_VALUE) and (Source<>INVALID_HANDLE_VALUE) then
    try
      repeat
        BytesCopied:=FileRead(Source,CopyBuffer,SizeOf(CopyBuffer));
        if BytesCopied>0 then
          FileWrite(Dest,CopyBuffer,BytesCopied);
        Inc(Result,BytesCopied);
      until BytesCopied<SizeOf(CopyBuffer);
    finally
      CloseHandle(Dest);
      CloseHandle(Source);
    end;
end;

function DoRemoteExecute(processHandle: dword) : string;
var
  dummy: dword;
  params: TParameters;
begin
  StrPCopy(@params.Source,'sourcefile');
  StrPCopy(@params.Dest,'destfile');
  if RemoteExecute(processHandle, @Execute, dummy, @params, SizeOf(params)) then
    Result:=IntToStr(dummy)
  else
    Result:='';
end;

var
  ph: dword;
begin
  ph:=Process('any.exe').GetHandle(PROCESS_ALL_ACCESS).Handle;
  MessageBox(0,PChar(DoRemoteExecute(ph)),'RemoteTest',0);
end.


Where's problem? Can anybody help me?
mitzi
 
Posts: 22
Joined: Fri Apr 04, 2008 9:53 am

Postby Nico Bendlin » Fri Nov 28, 2008 3:13 pm

FileRead/FileWrite are RTL functions (in your process). You should only use API functions (ReadFile/WriteFile).

The function which you want to have executed in the other process needs to follow some rules. Please read the documentation of CopyFunction to learn more about those rules.
Nico Bendlin
 
Posts: 46
Joined: Fri Apr 28, 2006 1:17 pm

Postby mitzi » Fri Nov 28, 2008 8:21 pm

well that's it. And try..finally...end caused crash too. Thanx Nico.
mitzi
 
Posts: 22
Joined: Fri Apr 04, 2008 9:53 am

Postby mitzi » Sat Nov 29, 2008 10:17 am

Is any chance to use RemoteExecute with System (PID=4) process? I tried it but RemoteExecute returns false and code is not executed.
mitzi
 
Posts: 22
Joined: Fri Apr 04, 2008 9:53 am

Postby iconic » Sat Nov 29, 2008 11:06 am

No chance of it as this is an atypical process and will not work with madCodeHook.

--Iconic
iconic
 
Posts: 789
Joined: Wed Jun 08, 2005 5:08 am


Return to madRemote

Who is online

Users browsing this forum: No registered users and 1 guest