Hi,
I managed to code something that prevents leaks when killing active process.
In the following example I choosed to kill microsoft-windows-evil-calculator :)
Posted on 2002-09-11 05:13:43 by Axial
.386

.model flat, stdcall
option casemap:none

include \masm32\include\windows.inc
include \masm32\include\user32.inc
includelib \masm32\lib\user32.lib

.data
szTargetClassName db "SciCalc", 0

.code
start:
invoke FindWindow, addr szTargetClassName, NULL
push eax
invoke GetWindowThreadProcessId, eax, esp
invoke PostThreadMessage, eax, WM_QUIT, 0, 0
pop eax
ret
end start


I guess the above code is a bit simpler ;) to cause exiting process that has a window.
btw, CreateRemoteThread is NT (w2k, xp) specific.
Posted on 2002-09-11 10:05:45 by Four-F
Originally posted by Four-F


I guess the above code is a bit simpler ;) to cause exiting process that has a window.


Yes.


btw, CreateRemoteThread is NT (w2k, xp) specific.


Someday I heard some guy saying that CreateRemoteThread returns just NULL in win98, but MSDN says:


Windows NT: Requires version 3.1 or later.
Windows: Requires Windows 98 or later.
Windows CE: Unsupported.

They messed up with their doc or what ?:confused:
Posted on 2002-09-11 10:57:21 by Axial
I guess that guy was right. My MSDN tells me:
Windows NT/2000: Requires Windows NT 3.1 or later.
Windows 95/98: Unsupported.
Header: Declared in Winbase.h; include Windows.h.
Library: Use Kernel32.lib.

In Windows 98 CreateRemoteThread simply returns NULL.
And calling GetLastError returns ERROR_CALL_NOT_IMPLEMENTED.
Posted on 2002-09-11 11:14:02 by Four-F