Hello brothers and sisters!

I - Bubu-Boy - is realy get off with some nasty functions.
It seems that everyone have no problems with them, but I'm realy end of my nervs.
I will ask my question agein - and it would very kind, when someone give me some instaction:



mov item.iItem,0
mov item.iSubItem, 0
mov item.imask,LVIF_TEXT
mov item.pszText,offset buffer
mov item.cchTextMax,256



INVOKE GetWindowThreadProcessId, hWnd, ADDR PID
INVOKE OpenProcess, PROCESS_ALL_ACCESS or PROCESS_QUERY_INFORMATION or PROCESS_VM_READ, 0, PID
MOV hProcess, eax

INVOKE VirtualAllocEx, hProcess, 0, sizeof buffer , MEM_COMMIT,PAGE_EXECUTE_READWRITE
MOV memory, EAX
INVOKE WriteProcessMemory, hProcess, memory, ADDR buffer, sizeof buffer, ADDR written
INVOKE VirtualLock, OFFSET buffer, sizeof buffer

INVOKE VirtualAllocEx, hProcess, 0, sizeof item , MEM_COMMIT,PAGE_EXECUTE_READWRITE
MOV memory, EAX
INVOKE WriteProcessMemory, hProcess, memory, ADDR item, sizeof item, ADDR sm_written
INVOKE VirtualLock, OFFSET item, sizeof item

INVOKE SendMessage, hWnd, LVM_GETITEMTEXT, 0, ADDR item
INVOKE MessageBox, 0, ADDR buffer, ADDR buffer,0



And this code - a very soft one - should check, whether the soccket connected or not:stupid:



MOV fdsetvalue.fd_array, EAX
MOV fdsetvalue.fd_count, 0
MOV timevalv.tv_sec, 5

PUSH OFFSET timevalv
PUSH 0
PUSH 0
PUSH 0
PUSH ScokettClient
CALL select
OR EAX, EAX
JZ notconnecetanymore


But NOTHING runs how i want it, rather i get depressed.:alright:

Greets Bubu-Boy with a big Bussi :cool:
Posted on 2003-10-04 01:25:18 by Bubu-Boy
he VirtualLock function locks the specified region of the process's virtual address space into memory, ensuring that subsequent access to the region will not incur a page fault.

just incase you dont know to get the process try GetCurrentProcess will return the handle you nee
Posted on 2003-10-04 01:34:45 by devilsclaw
i did, but when i want to get a item, he other programm chrashes. *cry*

*seufzzzzz*

What now ?
Posted on 2003-10-04 05:17:55 by Bubu-Boy
your trying to write something into another programs memory... that just does not work that way... you have to learn how to hook the other program first.. then if you patching the code section you have to learn how to unprotect it..
Posted on 2003-10-04 05:33:01 by devilsclaw
thanks for the quick answer.

which art of hook do i need?

mousehook?:grin:

greetes!
Posted on 2003-10-04 05:39:42 by Bubu-Boy
Hi, Bubu-Boy.

If what you want is to inject code in another app on runtime, any hook will do. The point of it is to get your hook dll into the tagret app's memory space, and execute some code (you could use the dll entry point).

Another way of writing to a process memory would be to CreateProcess it (suspended), then WriteProcessMemory should so the trick. Resume the new process main thread when done.

Greets
Posted on 2003-10-04 11:15:16 by QvasiModo
Hi, thanks for the answer.
My english is not that good. - Could you emphasize your idea with a little code ?
ie i didn't understand what you meaned with hook. Should I use a global dll and write the adresse if the liviitem from the dll? - Bot how when I'm not able to write in the process.
Why a hook can help me further ? - I dont want to programm a macro-prog *hihih*

Greets Bubu-Boy:alright:
Posted on 2003-10-04 11:21:19 by Bubu-Boy
I have a skeleton of a code injector somewhere, but you'll have to give me some time to dig it up. :)

The theory is somewhat like this: a global hook monitors messages of different types in other apps. To do this, one must have some code run by this apps (since a process can't access other processes memory or messages), so Windows forces the target programs to load a DLL you specify. That's your opportunity - the target app will execute the DLL's entry point...

For more information on how DLLs work, there is one of Iczelion's tutorials about it:

http://www.asmcommunity.net/board/showthread.php?threadid=19

For a sample hook DLL, I posted some code here:

http://www.asmcommunity.net/board/showthread.php?threadid=14463

Enjoy :)
Posted on 2003-10-04 11:46:20 by QvasiModo
Sorry, I could not find that code injector... :(
So I coded this in about 15 minutes, it's very crude but I hope you'll understand... I don't have all the time to code I'de like nowadays.
I tried to make it straight-forward, and there are even a few comments. :)
Enjoy,

QvasiModo
Posted on 2003-10-09 21:48:06 by QvasiModo
thanks for the cute example, i will look to it later.

thanks!
Posted on 2003-10-10 05:39:33 by Bubu-Boy