English 中文(简体)
在遥远的地方,我如何称其参数包含点的人的职能? [闭门]
原标题:In a remote thread, how do I call functions whose parameters contain pointers? [closed]

I want to call SHFileOperation using code injection. My code works fine while calling simple functions like MessageBox from user32.dll, but won t while calling ShFileOperation from shell32.dll.

我要说一下我认为存在问题的那部分法典。 我知道这个问题正在分阶段实施。

这里是遥感信息价值的形象:

http://www.freeimagehosting.net/uploads/219d79fc30.jpg

//Structure
type
  LPSHFILEOPSTRUCT = ^SHFILEOPSTRUCT;
  SHFILEOPSTRUCT = packed record
    Wnd: HWND;
    wFunc: UINT;
    pFrom: PAnsiChar;
    pTo: PAnsiChar;
    fFlags: FILEOP_FLAGS;
    fAnyOperationsAborted: BOOL;
    hNameMappings: Pointer;
    lpszProgressTitle: PAnsiChar;
  end;

//Remote Info
type
  TRemoteInfo = record
    LoadLibrary: function(lpLibFileName: PChar): HMODULE; stdcall;
    GetProcAddress: function(hModule: HMODULE;
      lpProcName: LPCSTR): FARPROC; stdcall;
    shf: SHFILEOPSTRUCT; ;
    Kernel32: array[0..20] of Char;
    shell32: array[0..20] of Char;
    SHFileOperationA: array[0..20] of Char;
    Fromlpbuff: array[0..20] of char; //Source path
    Tolpbuff: array[0..20] of Char;   //Des Path
  end;

//Initialize                      
                      ....
ZeroMemory(@RemoteInfo, SizeOf(RemoteInfo));
  RemoteInfo.shf.Wnd := 0;
  RemoteInfo.shf.wFunc := FO_COPY;
  RemoteInfo.shf.pFrom := @remoteInfo.Fromlpbuff;
  RemoteInfo.shf.pto := @remoteInfo.tolpbuff;
  lstrcpy(RemoteInfo.shf.pFrom,  e:1.jpg  + #0#0);
  lstrcpy(RemoteInfo.shf.pto,  f:1.jpg  + #0#0);
  RemoteInfo.shf.fFlags := FOF_ALLOWUNDO;
  RemoteInfo.shf.fAnyOperationsAborted := false;
                      ....
最佳回答

该法典的眼前问题是,你把点重新放在你记录中阐述的参数上。 这些要点在您的main进程中得到了处理;这些要点在目标过程中并不有效。 你应该把这些价值储存在你记录中的固定阵列中,就像你已经重复模块和功能名称一样。 然后,在边远功能内启动点田。

但是,你真的认为它比它更复杂。 您无需在远距离功能中使用<代码>GetProcAddress。 页: 1 各位可以打电话给你想要的任何职能,德尔菲联系人和特别协调员将确保他们能够随时待命。 您也不必用<代码>VirtualAllocEx来分配你们的所有变量;你可以在你的当地普通变量中应用。

您在方案过程中三次使用<代码>CreateRemoteThread。 第一次向<代码>LoadLibrary发出电话,使你的DLL进入目标过程的空间。 第二次是援引您的注入职能,第三次是在你完成学业后打电话FreeLibrary。 trick尽了你在目标进程中的注入功能。 Alexey Kurakin s article on Code Project,通过找到relative你本人工作功能地址来证明如何做到这一点,以及将这一论点应用到你的第二个打电话到的遥控程序上来。 建立RemoteThread

最后,没有必要宣布<代码>ShFileOperation yourself>的支持记录。 Delphi已在ShellAPI单位向您宣布。 在座各位还发现了你所需要的各种旗帜的名号,如<编码>fo_Copy,而不是0002

问题回答

暂无回答




相关问题
determining the character set to use

my delphi 2009 app has a basic translation system that uses GNUGetText. i had used some win API calls to prepare the fonts. i thought it was working correctly until recently when someone from Malta ...

Help with strange Delphi 5 IDE problems

Ok, I m going nuts here. For the last (almost) four years, I ve been putting up with some extremely bad behavior from my Delphi 5 IDE. Problems include: Seemingly random errors in coride50.bpl ...

How to write a Remote DataModule to run on a linux server?

i would like to know if there are any solution to do this. Does anyone? The big picture: I want to access data over the web, using my delphi thin clients. But i´would like to keep my server/service ...

How convert string to integer in Oxygene

In Delphi, there is a function StrToInt() that converts a string to an integer value; there is also IntToStr(), which does the reverse. These functions doesn t appear to be part of Oxygene, and I can ...

Quick padding of a string in Delphi

I was trying to speed up a certain routine in an application, and my profiler, AQTime, identified one method in particular as a bottleneck. The method has been with us for years, and is part of a "...

热门标签