Launching an app with CreateProcess

Ask questions about cheating in any games you would like. Does not need to pertain to MicroMacro.
Post Reply
Message
Author
Exempt
Posts: 197
Joined: Wed Jan 20, 2010 9:55 am

Launching an app with CreateProcess

#1 Post by Exempt » Thu Aug 09, 2012 2:57 pm

I'm trying to make a new DLL injector and thought this would be the easy part... Everytime I try to launch the game it crashes shortly after. I just need to start the program like this so I can auto inject a DLL to detour the d3d functions I need.

Code: Select all

#include <windows.h>
	
int main() 
{
	//ShellExecute( NULL, NULL, "C:\\Program Files (x86)\\Xenimus\\Xenimus.exe", NULL, NULL, SW_SHOW );	
    STARTUPINFO siStartupInfo; 
    PROCESS_INFORMATION piProcessInfo; 
    memset(&siStartupInfo, 0, sizeof(siStartupInfo)); 
    memset(&piProcessInfo, 0, sizeof(piProcessInfo)); 
    siStartupInfo.cb = sizeof(siStartupInfo); 
	LPTSTR lpCommandLine = "C:/Program Files (x86)/Xenimus/Xenimus.exe";

	int i = CreateProcess(NULL, lpCommandLine, NULL, NULL, TRUE, CREATE_NO_WINDOW, NULL, NULL, &siStartupInfo, &piProcessInfo);
}

User avatar
Administrator
Site Admin
Posts: 5306
Joined: Sat Jan 05, 2008 4:21 pm

Re: Launching an app with CreateProcess

#2 Post by Administrator » Thu Aug 09, 2012 7:05 pm

You can try using the code from the injector plugin.

Code: Select all

int injectDll(HWND hwnd, const char *dll)
{
    DWORD pId;
    GetWindowThreadProcessId(hwnd, &pId);
    HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, pId);
    if( hProcess == NULL )
        return GetLastError();

    LPVOID lpRemoteAddress = VirtualAllocEx(hProcess, NULL, strlen(dll),
        MEM_RESERVE|MEM_COMMIT, PAGE_READWRITE);
    if( lpRemoteAddress == NULL )
        return GetLastError();

    if( !WriteProcessMemory(hProcess, lpRemoteAddress, (LPVOID)dll,
        strlen(dll), NULL) )
        return GetLastError();

    if( CreateRemoteThread(hProcess, NULL, 0,
        (LPTHREAD_START_ROUTINE)GetProcAddress(GetModuleHandle("Kernel32"),
        "LoadLibraryA"), lpRemoteAddress, 0, NULL) == NULL )
        return GetLastError();

    return 0;
}

int startInjectDll(const char *dll, const char *target, const char *cmd)
{
    //char *execname;
    char execpath[2048];

    getFilePath(execpath, (char*)target, 2048);

    STARTUPINFO si; ZeroMemory(&si, sizeof(si));
    PROCESS_INFORMATION pi; ZeroMemory(&pi, sizeof(pi));
    si.cb = sizeof(si);

    bool createok = CreateProcess( (CHAR*)target, (CHAR*)cmd, NULL, NULL, false,
        CREATE_NEW_CONSOLE | CREATE_SUSPENDED, NULL, execpath, &si, &pi);

    if( !createok )
        return GetLastError();

    HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, pi.dwProcessId);
    if( hProcess == NULL )
        return GetLastError();


    LPVOID lpRemoteAddress = VirtualAllocEx(hProcess, NULL, strlen(dll),
        MEM_RESERVE|MEM_COMMIT, PAGE_READWRITE);
    if( lpRemoteAddress == NULL )
        return GetLastError();

    if( !WriteProcessMemory(hProcess, lpRemoteAddress, (LPVOID)dll,
        strlen(dll), NULL) )
        return GetLastError();

    if( CreateRemoteThread(hProcess, NULL, 0,
        (LPTHREAD_START_ROUTINE)GetProcAddress(GetModuleHandle("Kernel32"),
        "LoadLibraryA"), lpRemoteAddress, 0, NULL) == NULL )
        return GetLastError();

    ResumeThread(pi.hThread);

    return 0;
}

Exempt
Posts: 197
Joined: Wed Jan 20, 2010 9:55 am

Re: Launching an app with CreateProcess

#3 Post by Exempt » Thu Aug 09, 2012 8:23 pm

Is getFilePath() an existing functions somewhere or is that a homemade one? That would be handy to have later on.

User avatar
Administrator
Site Admin
Posts: 5306
Joined: Sat Jan 05, 2008 4:21 pm

Re: Launching an app with CreateProcess

#4 Post by Administrator » Thu Aug 09, 2012 10:24 pm

Code: Select all

void getFilePath(char *dest, char *src, int destlen)
{
    int copypos = 0;
    int len = strlen(src);
    for(int i = 0; i < len; i++)
    {
        if( src[i] == '/' || src[i] == '\\' )
            copypos = i + 1;

		if( i >= destlen )
			break;
    }

	if( copypos > destlen )
		copypos = destlen;

    strncpy(dest, src, copypos);
	dest[copypos] = 0;
}

Exempt
Posts: 197
Joined: Wed Jan 20, 2010 9:55 am

Re: Launching an app with CreateProcess

#5 Post by Exempt » Thu Aug 09, 2012 11:13 pm

Ah, I thought your function was something else. :) I honestly have no idea why it works with your code and not mine. I tried using both the first and second params to run the app both ways it wouldn't work right. Your code is fine though, I'm gonna have to figure that one out. Thanks for the help. D3D fun time now. :D

User avatar
Administrator
Site Admin
Posts: 5306
Joined: Sat Jan 05, 2008 4:21 pm

Re: Launching an app with CreateProcess

#6 Post by Administrator » Thu Aug 09, 2012 11:18 pm

Since you would need to have hooked all the D3D functions before the creation of the D3D device, you will need to use the startWithDll() function instead of injectDll(). I'm guessing you're probably doing this, but I thought I would make sure.

Exempt
Posts: 197
Joined: Wed Jan 20, 2010 9:55 am

Re: Launching an app with CreateProcess

#7 Post by Exempt » Fri Aug 10, 2012 5:54 pm

Yup, thanks. I ended up with a pretty nice Inject I may add a gui to it later on. Really in this case it's going to be a launcher for the game and inject my dll.

Post Reply

Who is online

Users browsing this forum: No registered users and 2 guests