qt - C++ DLL Injection: path with special characters -


i'm trying solve situation. have win32 program, waiting until specific process started "example.exe", program inject "my.dll" process "example.exe"

it works fine until user have program under folder specific, allowed characters, example in country default folder name "nová složka" (new folder)

i tried use relative path 

"//my.dll" "/my.dll" "\\my.dll" "\my.dll"

unsuccessfully... tried different ways convert string(qstring) char array.

developed in qt 5.1.1

here code program finding path of .dll

qstring actualpath(qdir::currentpath() + "/my.dll"); ui->lbldebug->settext(actualpath); const char* mychar = qstring(actualpath.toutf8()).tostdstring().c_str(); qstring q = qstring::fromstdstring(mychar); ui->lbldebug->settext(q);

here injection part

hprocess = openprocess(process_all_access, false, pe32.th32processid); hmodule = (lpvoid)virtualallocex(hprocess, null, 512, mem_reserve | mem_commit, page_readwrite); writeprocessmemory(hprocess, hmodule, (lpvoid)mychar, 512, null); createremotethread(hprocess, null, null, (lpthread_start_routine)getprocaddress(getmodulehandle(l"kernel32"), "loadlibrarya"), hmodule, null, null); closehandle(hprocess); closehandle(hsnapshot); qdebug() << "inject:done!"; return true; exitprocess(0); break;

do have ideas, how pass function writeprocessmemory right path correct characters? thanks.

you're using ansi version of loadlibrary. should using local 8 bit encoding, not utf-8. gyrations go through ansi version of path unnecessary. shouldn't using fixed buffer size.

qstring const actualpath(qdir::currentpath() + "/my.dll"); // byte array must exist until `writeprocessmemory` call. qbytearray const path = actualpath.tolocal8bit(); int const buflen = path.size() + 1;  hprocess = openprocess(process_all_access, false, pe32.th32processid); hmodule = virtualallocex(hprocess, null, buflen,                           mem_reserve | mem_commit, page_readwrite); writeprocessmemory(hprocess, hmodule, (lpvoid)path.constdata(), buflen, null); createremotethread(hprocess, null, null, (lpthread_start_routine)   getprocaddress(getmodulehandle(l"kernel32"), "loadlibrarya"),   hmodule, null, null); closehandle(hprocess);

what should doing, though, using ucs-2 encoding loadlibraryw:

qstring const path(qdir::currentpath() + "/my.dll"); int const buflen = (path.length()+1) * 2;  hprocess = openprocess(process_all_access, false, pe32.th32processid); hmodule = virtualallocex(hprocess, null, buflen,                          mem_reserve | mem_commit, page_readwrite); writeprocessmemory(hprocess, hmodule, (lpvoid)path.constdata(), buflen, null); createremotethread(hprocess, null, null, (lpthread_start_routine)   getprocaddress(getmodulehandle(l"kernel32"), "loadlibraryw"),   hmodule, null, null); closehandle(hprocess);

Comments

Post a Comment

Popular posts from this blog

android - Get AccessToken using signpost OAuth without opening a browser (Two legged Oauth) -

i using signpost oauth access data magento server. have read various tutorials on same , reach point open browser user can enter credentials. however, per requirement have automate part. hence, user should not browser page. have set-up done on server side ( magento ), hit url , returned call page. same through program in android. i have tried below, consumer = new commonshttpoauthconsumer(key, secret); provider = new commonshttpoauthprovider(oauth_init_url,access_token_url, authorize_url); try { provider.retrieverequesttoken(consumer, oauth.out_of_band); log.d("tokens" , consumer.gettoken() + " -- " + consumer.gettokensecret()); } and request tokens. dont know how bypass next step. tried directly accessing accesstoken (stupid of me) provider.retrieveaccesstoken(consumer, "mycallback://callback"); no luck, ends in oauth.signpost.exception.oauthnotauthorizedexception: authorization failed (server replied 401). ...
Read more

org.mockito.exceptions.misusing.InvalidUseOfMatchersException: mockito -

getting error org.mockito.exceptions.misusing.invaliduseofmatchersexception: invalid use of argument matchers! 1 matchers expected, 2 recorded. exception may occur if matchers combined raw values: //incorrect: somemethod(anyobject(), "raw string"); when using matchers, arguments have provided matchers. example: //correct: somemethod(anyobject(), eq("string matcher")); at when( getprogramservice .callservice(any(getprogramtype.class))) .thenreturn(jaxbresponse); please explain error , possible resolution the code posted looks fine; don't see problem it. code before or above causing exception. key here: invalid use of argument matchers! 1 matchers expected, 2 recorded. any , used above, doesn't return "special kind of null" or "special kind of getprogramtype"; don't exist. instead, returns null , side effect puts matcher on stack. whe...
Read more

google shop client API returns 400 bad request error while adding an item -

i'm working on solution add items in google shopping market java application. following tutorial real mess because of missing classes of laste release, after setting 1.5-beta maven managed make base example typecheck correctly classes. still can make simple task of adding 1 item. instead of posting whole code i'm posting part creates product feed. private product createproduct(string id) { product product = new product(); product.title = "red wool sweater"; product.content = new content( "text", "comfortable , soft, sweater keep warm on " + "cold winter nights. red , blue stripes."); product.appcontrol = new appcontrol(); product.appcontrol.addrequireddestination("productads"); product.externalid = id; product.lang = "it"; product.country = "it"; product.condition = "nuovo"; product.price = new price("eu...
Read more