| View previous topic :: View next topic |
| Author |
Message |
joonas905
Advanced Cheater
![]() Reputation: 0
Joined: 02 Jan 2008
Posts: 62
|
 Posted: Thu Oct 21, 2010 9:45 am Post subject: Access privilege issue while attaching to process |
 |
|
I have this annoying ERROR_ACCESS_DENIED (0x5) error that comes from Win32API GetLastError when I try to attach a process.
This has to be privilege issue, which can be solved with MAXIMUM_ALLOWED as OpenProcess-parameter but if I use that I can't use CreateRemoteThread cause it won't work.
How to solve this?
I have no clue how to get correct privleges.
|
|
| Back to top |
|
 |
Dark Byte
Site Admin
 Reputation: 474
Joined: 09 May 2003
Posts: 25931
Location: The netherlands
|
| Posted: Thu Oct 21, 2010 10:00 am Post subject: |
|
|
you program needs to aquire the SeDebugPrivilege
_________________
Tools give you results. Knowledge gives you control.
Like my help? Join me on Patreon so i can keep helping |
|
| Back to top |
|
|
joonas905
Advanced Cheater
![]() Reputation: 0
Joined: 02 Jan 2008
Posts: 62
|
| Posted: Thu Oct 21, 2010 12:24 pm Post subject: |
|
|
I know that I need it, my program acquires it on trainer startup and I confirmed that it has it by using Process Explorer.
Some tricks with GetSecurityInfo/SetSecurityInfo?
|
|
| Back to top |
|
|
justa_dude
Grandmaster Cheater
 Reputation: 23
Joined: 29 Jun 2010
Posts: 893
|
| Posted: Thu Oct 21, 2010 3:09 pm Post subject: |
|
|
| If "your program" is something other than CE, you should probably give us more details.
|
|
| Back to top |
|
|
Dark Byte
Site Admin
Reputation: 474
Joined: 09 May 2003
Posts: 25931
Location: The netherlands
|
| Posted: Thu Oct 21, 2010 3:09 pm Post subject: |
|
|
you must open the process with the PROCESS_CREATE_THREAD flag included
_________________
Tools give you results. Knowledge gives you control.
Like my help? Join me on Patreon so i can keep helping |
|
| Back to top |
|
|
joonas905
Advanced Cheater
![]() Reputation: 0
Joined: 02 Jan 2008
Posts: 62
|
| Posted: Thu Oct 21, 2010 3:16 pm Post subject: |
|
|
As requested, here's some code...
| Code: | procedure ThreadFunc;
var
PID: Cardinal;
ProcName: String[32];
begin
// Debug Privileges
if DebugPrivilege then
Debug( 'Debug privileges gained', [] );
// Enter infinite loop to search for target
repeat
fPID := 0;
Found := False;
Debug( 'Process is not attached', [] );
while not Found do
begin
ProcName := 'FindWindow';
PID := GetPidFromFindWin( WinTitle, WinTitle );
if PID = 0 then
begin
ProcName := 'WindowTitle';
PID := GetPidFromWinTitle( WinTitle );
end;
if PID = 0 then
begin
ProcName := 'WindowClass';
PID := GetPidFromWinClass( WinTitle );
end;
if PID = 0 then
begin
ProcName := 'EnumerateName';
PID := GetPidFromExeName( WinExename );
end;
// I've tried almost everything; MAXIMUM_ALLOWED, all flag combinations etc.
fHandle := OpenProcess( PROCESS_ALL_ACCESS, False, PID );
// Returns ERROR_ACCESS_DENIED (0x5) and fHandle is 0
if ( fHandle <> 0 ) and ( GetLastError = ERROR_SUCCESS ) then
begin
fPID := PID;
Found := True;
Debug( 'Process found via @%s procedure', [ProcName] );
end;
Sleep( 1000 );
end;
PID := STILL_ACTIVE;
Debug( 'Process (#%s) is attached', [IntToHex( PID, 4 )] );
while PID = STILL_ACTIVE do
begin
Sleep( 5000 );
GetExitCodeProcess( fHandle, PID );
end;
until 0 <> 0;
end; |
| Description: |
|
| Filesize: |
265.58 KB |
| Viewed: |
13573 Time(s) |
|
|
|
| Back to top |
|
|
Dark Byte
Site Admin
Reputation: 474
Joined: 09 May 2003
Posts: 25931
Location: The netherlands
|
| Posted: Thu Oct 21, 2010 3:40 pm Post subject: |
|
|
I assume you have confirmed that the PID is valid?
Also, try running your trainer without debugger attached, or at least force running delphi as administrator. Child processes inherit from the parent
_________________
Tools give you results. Knowledge gives you control.
Like my help? Join me on Patreon so i can keep helping |
|
| Back to top |
|
|
joonas905
Advanced Cheater
![]() Reputation: 0
Joined: 02 Jan 2008
Posts: 62
|
| Posted: Thu Oct 21, 2010 3:57 pm Post subject: |
|
|
Yes I have, I've run trainer directly without Delphi environment, but no effect.
This is very tricky, but I've read somewhere that PROCESS_ALL_ACCESS or too many flags always causes "access denied"-error
because of some changes in new operating systems, you know about this?
All my other trainers that use PROCESS_ALL_ACCESS won't work anymore too (they were about a year ago),
so if I get a solution to this trainer, I actually get solution to all my trainers.
|
|
| Back to top |
|
|
Dark Byte
Site Admin
Reputation: 474
Joined: 09 May 2003
Posts: 25931
Location: The netherlands
|
| Posted: Thu Oct 21, 2010 4:21 pm Post subject: |
|
|
Does cheat engine attach to the process without a problem? (ce uses process_all_access)
also, do you have some sort of antivirus/security program installed ?
_________________
Tools give you results. Knowledge gives you control.
Like my help? Join me on Patreon so i can keep helping |
|
| Back to top |
|
|
joonas905
Advanced Cheater
![]() Reputation: 0
Joined: 02 Jan 2008
Posts: 62
|
| Posted: Thu Oct 21, 2010 5:50 pm Post subject: |
|
|
Cheat Engine doesn't have a problem.
I have Comodo Internet Security, but I've defined my application as trusted and it won't restrict my app.
|
|
| Back to top |
|
|
justa_dude
Grandmaster Cheater
Reputation: 23
Joined: 29 Jun 2010
Posts: 893
|
| Posted: Thu Oct 21, 2010 9:04 pm Post subject: |
|
|
Either you've got the wrong PID, you've failed to secure debug privileges, or you've got the access rights wrong.
| MSDN wrote: |
Windows Server 2003 and Windows XP/2000: The size of the PROCESS_ALL_ACCESS flag increased on Windows Server 2008 and Windows Vista. If an application compiled for Windows Server 2008 and Windows Vista is run on Windows Server 2003 or Windows XP/2000, the PROCESS_ALL_ACCESS flag is too large and the function specifying this flag fails with ERROR_ACCESS_DENIED. To avoid this problem, specify the minimum set of access rights required for the operation. If PROCESS_ALL_ACCESS must be used, set _WIN32_WINNT to the minimum operating system targeted by your application (for example,
#define _WIN32_WINNT _WIN32_WINNT_WINXP
). For more information, see Using the Windows Headers.
|
|
|
| Back to top |
|
|
joonas905
Advanced Cheater
![]() Reputation: 0
Joined: 02 Jan 2008
Posts: 62
|
| Posted: Fri Oct 22, 2010 9:01 am Post subject: |
|
|
It's sure that there's no problems with PID...
Here's my Debug Privileges code:
| Code: | function DebugPrivilege: Boolean;
var
hToken, OutputLength: Cardinal;
Privileges: TOKEN_PRIVILEGES;
const
SE_DEBUG_NAME: PChar = 'SeDebugPrivilege';
begin
Result := False;
if OpenProcessToken( GetCurrentProcess, TOKEN_ALL_ACCESS, hToken ) then
begin
if LookupPrivilegeValue( nil, SE_DEBUG_NAME, Privileges.Privileges[0].Luid ) then
begin
Privileges.PrivilegeCount := 1;
Privileges.Privileges[0].Attributes := SE_PRIVILEGE_ENABLED;
if AdjustTokenPrivileges( hToken, False, Privileges,
SizeOf( TOKEN_PRIVILEGES ), nil, OutputLength ) then
begin
if GetLastError = ERROR_SUCCESS then
Result := True;
end;
end;
end;
end; |
That works like a charm.
--EDIT--
My trainer does not work on my laptop with Windows 7 Ultimate installed either.
| Description: |
|
| Filesize: |
456.25 KB |
| Viewed: |
13507 Time(s) |
|
|
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
