Hooking Shell32.Shell32ExecuteA

Mazinger · Post by **Mazinger** » Tue Jan 19, 2010 12:36 pm

Hi forum,

I'm trying to hook the Shell32ExecuteA function, and inside, change the value for "parameters" variable. My code is like this:

Code: Select all

Function ShellExecuteA_API(hWnd: HWND; Operation, FileName, Parameters, Directory: PAnsiChar; ShowCmd: Integer): HINST; stdcall;
Var nParameters:PAnsiChar;
Begin

  GetMem(nParameters,255);
  ZeroMemory(nParameters,255);
  nParameters:=PAnsiChar('NEWPARAM');

  Result:=ShellExecuteA_Next(hWnd,Operation,FileName,nParameters,Directory,ShowCmd);

  FreeMem(nParameters);


End;

but when this function is called I receive an Access violation error.

Any idea about how to do this?

Thanks in advance.

Post by **iconic** » Wed Jan 20, 2010 1:43 am

Don't have time to test this myself but if FileName points to an executable application, only then can you pass parameters (refer to MSDN or Win32 API Help File). You need to make sure that this is not a document, not sure if you'd receive an AV or just have the OS ignore parameters because when it's not an executable it mentions how parameters should be set to Nil. I'd do a sanity check on this first. If you do pass a parameter string to the executable, it needs to be quoted in your string

i.e> lpCstr := PAnsiChar('"-some_param"');

--Iconic

Mazinger · Post by **Mazinger** » Wed Jan 20, 2010 1:13 pm

Hi, thanks for your answer.

I've solved the problem with AV by changing GetMem for localAlloc ...

Post by **madshi** » Fri Jan 22, 2010 10:20 am

Your code is really bad. First you're allocating memory, then instead of using the allocated memory, you're changing the buffer pointer to a contant string. Finally, you're freeing the buffer pointer, which is the constant string. Basically your code has a memory leak and then tries to free a constant string. VERY bad code.

I think you need to learn about pointer programming before you even start thinking about doing API hooking...