Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


Failed to initialize function inside target virtual memory

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> General programming
View previous topic :: View next topic  
Author Message
iPromise
Grandmaster Cheater
Reputation: -1

Joined: 27 Jun 2009
Posts: 529
Location: Canada
PostPosted: Fri May 13, 2011 3:56 pm    Post subject: Failed to initialize function inside target virtual memory Reply with quote
Hey guys,

I know i've been asking for a lot of help these days, i'm sorry if i'm annoying you all.

I'm trying to initialize my own function which creates a message box inside my target memories address space. I'm using CreateRemoteThread to do the job, and for some reason, no matter how much I tried to fix it or diagnose the problem, it won't work? Please help, am I doing anything incorrect for it to not initialize the function correctly?

Code:

#include <Windows.h>
#include <TlHelp32.h>
#include <iostream>

using namespace std;

// Testing Purposes
#define THREAD PROCESS_CREATE_THREAD  | PROCESS_QUERY_INFORMATION | PROCESS_VM_OPERATION | PROCESS_VM_WRITE | PROCESS_VM_READ

DWORD getProcessID ( string processName )
{
   while ( true )
   {
      PROCESSENTRY32 PE;
      PE.dwSize = sizeof ( PROCESSENTRY32 );

      HANDLE hSnapshot = CreateToolhelp32Snapshot ( TH32CS_SNAPALL, 0 );

      if ( Process32First ( hSnapshot, &PE ) )
      {
         while ( Process32Next ( hSnapshot, &PE) )
         {
            if ( !strcmp ( PE.szExeFile, processName.c_str () ) )
            {
               return PE.th32ProcessID;
            }
         }
      }

      Sleep ( 100 );
   }
   
   return 0;
}

HANDLE getHandle ( DWORD dwProcessID )
{
   return OpenProcess ( THREAD, false, dwProcessID );
}

DWORD WINAPI ThreadProc ( LPVOID lpParameter )
{
   MessageBoxA ( 0, "remote thread", 0, 0 );

   return 0;
}

int main ()
{
   // Get ProcessID
   DWORD dwProcessID = ::getProcessID ( "tutorial.exe" );

   // Begin the injection
   if ( dwProcessID )
   {
      HANDLE hHandle = ::getHandle ( dwProcessID );

      if ( hHandle )
      {
         HANDLE hThread = ::CreateRemoteThread ( hHandle, NULL, 0, (LPTHREAD_START_ROUTINE) &ThreadProc, NULL, 0, NULL );

         if ( hThread )
         {
            cout << "Reached this point." << endl;
         }
         else
         {
            cout << "Failed to reach this point." << endl;
         }         
      }
      else
      {
         cout << "Failed to open handle." << endl;
      }
   }
   else
   {
      cout << "Failed to get correct process id." << endl;
   }
   // Fin.

   cin.get ();
   return EXIT_SUCCESS;
}
Back to top
View user's profile Send private message MSN Messenger
Dark Byte
Site Admin
Reputation: 471

Joined: 09 May 2003
Posts: 25831
Location: The netherlands
PostPosted: Fri May 13, 2011 4:25 pm    Post subject: Reply with quote
The target process most likely doesn't have the function ThreadProc at the same address as in your program (if it has it at all)

First you have to get that function over there. You could parse the pe header and adjust the relocations and function table and write them accordingly, or you can use the easily detected loadlibrary method
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.

Like my help? Join me on Patreon so i can keep helping
Back to top
View user's profile Send private message MSN Messenger
Slugsnack
Grandmaster Cheater Supreme
Reputation: 71

Joined: 24 Jan 2007
Posts: 1857
PostPosted: Fri May 13, 2011 4:58 pm    Post subject: Reply with quote
make the function an exported one. inject the dll to the target. inject it into yours. on the one in yours, use getprocaddress to get address. then subtract baseaddress to get offset of the function from the base. add that offset onto the base of dll injected into the target then createremotethread there
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> General programming All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites