failed to inject with not CURRENT_PROCESS

c++ / delphi package - dll injection and api hooking
Post Reply
zcecil
Posts: 22
Joined: Thu Sep 09, 2004 8:16 am

failed to inject with not CURRENT_PROCESS

Post by zcecil »

hi,
I have a program written in BCB6 Pro and latest madcollection, running as localsystem, and failed to InjectLibrary with
(ALL_SESSIONS | SYSTEM_PROCESSES) & (!CURRENT_PROCESS).

However, InjectLibrary with (ALL_SESSIONS | SYSTEM_PROCESSES) works,
is this a bug of BCB?
Top
PInvoke
Posts: 25
Joined: Sun Jan 16, 2005 4:32 am

Post by PInvoke »

In C++ isn't it &&, making that:

(ALL_SESSIONS | SYSTEM_PROCESSES) && (!CURRENT_PROCESS)
Top
madshi
Site Admin
Posts: 10764
Joined: Sun Mar 21, 2004 5:25 pm

Post by madshi »

It should be "&". That's for bit wise operation, while "&&" is for logical operations.

zcecil, could you please send me a demo project with both sources and binary files? Thanks.
Top
PInvoke
Posts: 25
Joined: Sun Jan 16, 2005 4:32 am

Post by PInvoke »

Ahhhh, this is why I code with Delphi :)
Top
zcecil
Posts: 22
Joined: Thu Sep 09, 2004 8:16 am

Post by zcecil »

Sent :)
Top
madshi
Site Admin
Posts: 10764
Joined: Sun Mar 21, 2004 5:25 pm

Post by madshi »

For whatever reason BCB calculates "!CURRENT_PROCESS -> 0". Don't ask my why. Strange enough "~((DWORD)CURRENT_PROCESS)" seems to work. But I don't really understand this. But well, after all I'm a Delphi programmer!
Top
dcsoft
Posts: 380
Joined: Sat Dec 11, 2004 2:11 am
Location: San Francisco Bay Area, CA USA
Contact:
Contact dcsoft

Post by dcsoft »

madshi wrote:For whatever reason BCB calculates "!CURRENT_PROCESS -> 0". Don't ask my why. Strange enough "~((DWORD)CURRENT_PROCESS)" seems to work. But I don't really understand this. But well, after all I'm a Delphi programmer!
The '!' is a logical NOT. CURRENT_PROCESS is 0x08, which is non-zero. Therefore, !CURRENT_PROCESS is zero.

The '~' is a bitwise NOT. That inverts all the bits, as you desire here.

C requires a good source-level debugger! :wink:

-- David
Top
madshi
Site Admin
Posts: 10764
Joined: Sun Mar 21, 2004 5:25 pm

Post by madshi »

dcsoft wrote:The '!' is a logical NOT. CURRENT_PROCESS is 0x08, which is non-zero. Therefore, !CURRENT_PROCESS is zero.
Thanks for the explanation!

Oh, how I love Delphi.
Top
PInvoke
Posts: 25
Joined: Sun Jan 16, 2005 4:32 am

Post by PInvoke »

Oh, how I love Delphi.
Ditto.

:)
Top
zcecil
Posts: 22
Joined: Thu Sep 09, 2004 8:16 am

Post by zcecil »

dcsoft wrote:
madshi wrote:For whatever reason BCB calculates "!CURRENT_PROCESS -> 0". Don't ask my why. Strange enough "~((DWORD)CURRENT_PROCESS)" seems to work. But I don't really understand this. But well, after all I'm a Delphi programmer!
The '!' is a logical NOT. CURRENT_PROCESS is 0x08, which is non-zero. Therefore, !CURRENT_PROCESS is zero.

The '~' is a bitwise NOT. That inverts all the bits, as you desire here.

C requires a good source-level debugger! :wink:

-- David
Oops, I forgot that! :oops:
Thanks.
Top
Post Reply

Return to “madCodeHook”