CreateRemoteThread with string argument example

0
votes

Can anyone give me an example of how to call an injected dll's function with a string argument? I have tried to do it in the ways I know to do it but have gotten the wrong result. I allocate memory with VirtualAllocEx, then write string argument to it with WriteProcessMemory and after that call CreateRemoteThread passing that string argument as lpParameter parameter. The DLL function I call has following prototype:

DWORD TestFunction(LPVOID str);

From what I understand when this function is called by CreateRemoteThread, str contains a pointer to the passed string. But it doesn't; it contains some trash. It looks like str parameter points to the wrong address. What am I doing wrong?

Here are the whole project files:
http://pastebin.com/gh4SnhmV
http://pastebin.com/Sq7hpSVx
http://pastebin.com/dvgXpUYz

1
c++windowswinapicode-injectioncreateremotethread
Might help if you show the code instead of describing the function calls you made.John

1 Answers

0
votes

You're probably getting the VA spaces mixed up, and passing a pointer in your address space instead of the target's.

Also, please don't ship software that tries to inject threads into other processes, it is extremely difficult to get right in the general sense, it's like trying to operate on someone while they're running a marathon.