Member Avatar for shea279

ok, so i essentially have a .c file from anubis' process injection code, that i need converted to c++, which is the format of the rest of my product.

on compiling, i am getting one annoying error error (when i compile as a .cpp file):

1>.\inject.cpp(27) : error C2440: '=' : cannot convert from 'LPVOID' to 'HMODULE'
1>        Conversion from 'void*' to pointer to non-'void' requires an explicit cast

the problem code

BOOL InjectExecutable(DWORD dwPid, LPTHREAD_START_ROUTINE lpStartProc, LPVOID lpParam)
{
	HMODULE hModule, hNewModule;
	DWORD dwSize;
	HANDLE hProcess;

	IMAGE_DOS_HEADER ImageDosHeader;
	IMAGE_OPTIONAL_HEADER32 ImageOptionalHeader;

	hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, dwPid);
	
	if (hProcess == NULL)
	{
		return FALSE;
	}

	hModule = GetModuleHandle(NULL);

	CopyMemory(&ImageDosHeader, hModule, sizeof(ImageDosHeader));

	CopyMemory(&ImageOptionalHeader, ((BYTE *)hModule + sizeof(DWORD) + ImageDosHeader.e_lfanew + sizeof(IMAGE_FILE_HEADER)), sizeof(ImageOptionalHeader));

	dwSize = ImageOptionalHeader.SizeOfImage;

	hNewModule = VirtualAllocEx(hProcess, hModule, dwSize, MEM_COMMIT, PAGE_EXECUTE_READWRITE);
	
	if (hNewModule == NULL)
	{
		return FALSE;
	}
		
	WriteProcessMemory(hProcess, hNewModule, hModule, dwSize, NULL);

	CreateRemoteThread(hProcess, 0, 0, lpStartProc, lpParam,	 0, NULL);

	return TRUE;
}

help?

  • 3 Contributors
  • 5 Replies
  • 257 Views
  • 12 Hours Discussion Span
  • Latest Post Latest Post by shea279

Recommended Answers

All 5 Replies

Member Avatar for StuXYZ

Sorry but anubis' process injection code, is normally used to put code into running windows processes for the purpose of running a rootkit. As far as I can tell.

So why should we help given the site rules and likely purpose. The only good news is you don't seem to know much.

If that isn't the case, then please explain further or we are all very unlikely to help. Please note the last section in:
http://www.daniweb.com/forums/faq.php?faq=daniweb_policies.

Member Avatar for Ancient Dragon

c++ is a lot stricter about typcasting than C. For example, in C it is not necessary to typecase the return value of malloc(), but in C++ it is required.

Which one of the lines you posted is line 27?

Member Avatar for shea279

um well i don't see what part of "keep it legal" a process injection script is breaking. this section talks about copyrights, pornography, and not posting pirated software.

windows.h can be used to create a program like firefox, or it can be used to make a virus. that doesn't mean that we shouldn't be allowed to talk about it.

I don't care what people are "usually" doing with anubis' process injection code, but I have a completely legal use for it. I'm making a script for the network I administer which prevents the computers from disconnecting from network, and this code gives it persistence from being killed (this is none of your business but I have no reason not to share). that way a user can't just go into taskmgr and kill it. when a user disconnects, the script gives them 30 seconds to reconnect (with a warning), then shuts down the computer.

and no i can't just make the users limited accounts because they have to be able to install software on the machines.

and line 27 would be
hNewModule = VirtualAllocEx(hProcess, hModule, dwSize, MEM_COMMIT, PAGE_EXECUTE_READWRITE);

Member Avatar for Ancient Dragon

um well i don't see what part of "keep it legal" a process injection script is breaking. this section talks about copyrights, pornography, and not posting pirated software.

Don't worry -- IMO you are not violating that rule (yet).

and line 27 would be
hNewModule = VirtualAllocEx(hProcess, hModule, dwSize, MEM_COMMIT, PAGE_EXECUTE_READWRITE);

As I stated previously, just typecast the return value to HMODULE and it will compile just fine.

Member Avatar for shea279

im stupid. i just added a typcast (hmodule) by the problem code.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.