File copy in RemoteExecute

delphi package - getting into other processes
Post Reply
mitzi
Posts: 22
Joined: Fri Apr 04, 2008 9:53 am

File copy in RemoteExecute

Post by mitzi »

i'm trying to copy any file in context of another process, but affected process crashes on remote execute.
Here's code:

Code: Select all

program RemoteTest;

uses Windows, SysUtils, madRemote, madKernel;

type
  PParameters = ^TParameters;
  TParameters = record
    Source,
    Dest: array[0..MAX_PATH] of char;
  end;

function Execute(buffer: pointer) : dword; stdcall;
var
  CopyBuffer: array[0..4095] of Byte;
  BytesCopied: Longint;
  Source,Dest: Integer;
begin
  Result:=0;
  Source:=Integer(CreateFile(PParameters(buffer)^.Source,GENERIC_READ,0,nil,OPEN_EXISTING,FILE_ATTRIBUTE_NORMAL,0));
  Dest:=Integer(CreateFile(PParameters(buffer)^.Dest,GENERIC_READ or GENERIC_WRITE,0,nil,CREATE_ALWAYS,FILE_ATTRIBUTE_NORMAL,0));
  if (Dest<>INVALID_HANDLE_VALUE) and (Source<>INVALID_HANDLE_VALUE) then
    try
      repeat
        BytesCopied:=FileRead(Source,CopyBuffer,SizeOf(CopyBuffer));
        if BytesCopied>0 then
          FileWrite(Dest,CopyBuffer,BytesCopied);
        Inc(Result,BytesCopied);
      until BytesCopied<SizeOf(CopyBuffer);
    finally
      CloseHandle(Dest);
      CloseHandle(Source);
    end;
end;

function DoRemoteExecute(processHandle: dword) : string;
var
  dummy: dword;
  params: TParameters;
begin
  StrPCopy(@params.Source,'sourcefile');
  StrPCopy(@params.Dest,'destfile');
  if RemoteExecute(processHandle, @Execute, dummy, @params, SizeOf(params)) then
    Result:=IntToStr(dummy)
  else
    Result:='';
end;

var
  ph: dword;
begin
  ph:=Process('any.exe').GetHandle(PROCESS_ALL_ACCESS).Handle;
  MessageBox(0,PChar(DoRemoteExecute(ph)),'RemoteTest',0);
end.
Where's problem? Can anybody help me?
Nico Bendlin
Posts: 46
Joined: Fri Apr 28, 2006 1:17 pm

Post by Nico Bendlin »

FileRead/FileWrite are RTL functions (in your process). You should only use API functions (ReadFile/WriteFile).
The function which you want to have executed in the other process needs to follow some rules. Please read the documentation of CopyFunction to learn more about those rules.
mitzi
Posts: 22
Joined: Fri Apr 04, 2008 9:53 am

Post by mitzi »

well that's it. And try..finally...end caused crash too. Thanx Nico.
mitzi
Posts: 22
Joined: Fri Apr 04, 2008 9:53 am

Post by mitzi »

Is any chance to use RemoteExecute with System (PID=4) process? I tried it but RemoteExecute returns false and code is not executed.
iconic
Site Admin
Posts: 1064
Joined: Wed Jun 08, 2005 5:08 am

Post by iconic »

No chance of it as this is an atypical process and will not work with madCodeHook.

--Iconic
Post Reply