CreateProcess przykład

0

Może ktoś dać przykład funkcji CreateProcess??Ja mam tak i wywala appcrash w windowsie wszystko dobrze sie kompiluje.

  STARTUPINFO si;
   PROCESS_INFORMATION pi;

   ZeroMemory( &si, sizeof(si) );

   si.cb = sizeof(si);
   si.dwFlags = STARTF_USESHOWWINDOW;
   si.wShowWindow = SW_SHOWDEFAULT;
CreateProcess( "c:\\plik.exe", NULL, NULL, NULL, FALSE, 0, NULL, NULL, &si, &pi );  
0

tutaj masz pełno przykładow do tej funkcji:
http://msdn.microsoft.com/en-us/library/ms682425(VS.85).aspx

0

Ja bym prosił o przykład jak to napisać. Nie do końca rozumiem ten zapis z MSDN :/

0

a sprawdź na forach z hackami do gier, może pod hasłem "dll injection" będzie jakiś kodzik korzystający z tego?
//choć tam to pewnie będzie tylko VirtualAllocEx, WriteProcessMemory i CreateRemoteThread, ale chyba gdzieś też widziałem jakiś kod z tym CreateProcess, poszukać musisz (bardziej na zagranicznych forach)

//edit

// Based on DLLInject demonstratation by Rezmond( http://www.torry.net/authorsmore.php?id=3987 )
unit DLLInject;

interface

uses
  Windows;

// Injects DLL into running process - Needs enough permisions
function InjectDLL(const aProcHandle: THandle; const aDLLFullFileName: string): HMODULE;

// Executes an EXE and injects DLL into new instance
// Requires full path names to files
function RunAndInjectDLL(const aEXEFullFileName, aDLLFullFileName: string; out aProcInfo: PProcessInformation; const aCreateFlags: Cardinal = 0; const aWorkingDirectory: string = ''): HMODULE; overload

implementation

uses
  SysUtils;

type
  EDLLInjectError = class(Exception);

const
  KERNEL32_DLL = 'Kernel32.DLL';
  LOADLIBRARY_NAME = {$IFDEF UNICODE} 'LoadLibraryW' {$ELSE} 'LoadLibraryA' {$ENDIF UNICODE};

resourcestring
  ERR_CREATE_PROCESS = 'Unable to create process';

// Redeclared because lpBuffer should be ByRef variable
function FormatMessage(dwFlags: DWORD; lpSource: Pointer; dwMessageId: DWORD;
  dwLanguageId: DWORD; var lpBuffer: PChar; nSize: DWORD; Arguments: Pointer): DWORD; stdcall;
  external Kernel32 name {$IFDEF UNICODE} 'FormatMessageW' {$ELSE} 'FormatMessageA' {$ENDIF};

// Asks windows to format a message string from last error
function GetWindowsLastErrorMessage: string;
var
  pMessage: PChar;

begin
  FormatMessage(FORMAT_MESSAGE_ALLOCATE_BUFFER or FORMAT_MESSAGE_FROM_SYSTEM,
    nil, GetLastError, MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT),
    pMessage, 0, nil);

  Result:= pMessage;
end;

// Raise exception with a windows message
procedure Error(aMsg: string);
begin
  raise EDLLInjectError.Create(aMsg + sLineBreak + GetWindowsLastErrorMessage);
end;

// Allocs a new string buffer and returns a pointer and length of buffer.
procedure StrToPCharAndLen(const aStr: string; out aBuf: PChar; out aBufLen: Cardinal); overload;
begin
  aBufLen:= (Length(aStr) + 1) * SizeOf(Char);
  aBuf:= AllocMem(aBufLen);
  Move(aStr[1], aBuf^, aBufLen - SizeOf(Char));
end;

function InjectDLL(const aProcHandle: THandle; const aDLLFullFileName: string): HMODULE;
var
  NewMem, PDLLPath: PChar;
  DLLPathLen: Cardinal;
  BytesWritten: Cardinal;

  Kernel32Module: THandle;
  LoadLibraryPtr: Pointer;

  ThreadHandle: THandle;
  ThreadID: Cardinal;
begin
  // Get PCHar for DLL path and it's length
  StrToPCharAndLen(aDLLFullFileName, PDLLPath, DLLPathLen);

  // Alloc memory in remote process space for DLL name
  NewMem:= VirtualAllocEx(aProcHandle, nil, DLLPathLen, MEM_COMMIT, PAGE_READWRITE);
  try
    // Write DLL name into remote process memory space
    WriteProcessMemory(aProcHandle, NewMem, PDLLPath, DLLPathLen, BytesWritten);

    // Get pointer to LoadLibrary function
    Kernel32Module:= LoadLibrary(KERNEL32_DLL);
    LoadLibraryPtr:= GetProcAddress(Kernel32Module, LOADLIBRARY_NAME);

    // Create a thread using LoadLibrary as ThreadProc
    ThreadHandle:= CreateRemoteThread(aProcHandle, nil, 0, LoadLibraryPtr, NewMem, 0, ThreadID);
    // Wait for DLL initialization to finish
    WaitForSingleObject(ThreadHandle, INFINITE);
    // Get LoadLibrary result (remote handle to DLL)
    GetExitCodeThread(ThreadHandle, Cardinal(Result));
    // No need for Thread handle
    CloseHandle(ThreadHandle);
  finally
    // Free used remote and local memory
    VirtualFreeEx(aProcHandle, NewMem, 0, MEM_RELEASE);
    FreeMem(PDLLPath);
  end;
end;

function RunAndInjectDLL(const aEXEFullFileName, aDLLFullFileName: string;
  out aProcInfo: PProcessInformation; const aCreateFlags: Cardinal;
  const aWorkingDirectory: string): HMODULE;
var
  StartInfo: TStartupInfo;
  WorkingDirectory: string;

begin
  // Initialize process structures
  New(aProcInfo);
  FillChar(aProcInfo^, SizeOf(TProcessInformation), 0);
  FillChar(StartInfo, SizeOf(TStartupInfo), 0);

  // If not set, set working directory to EXE path
  if aWorkingDirectory <> '' then
    WorkingDirectory:= aWorkingDirectory
  else
    WorkingDirectory:= ExtractFilePath(aEXEFullFileName);

  // Execute process
  if not CreateProcess(PChar(aEXEFullFileName), '', nil, nil, True, //<-------------------- tutaj coś
    aCreateFlags, nil, PChar(WorkingDirectory), StartInfo, aProcInfo^)
  then
    Error(ERR_CREATE_PROCESS);

  // Inject DLL into new process
  Result:= InjectDLL(aProcInfo.hProcess, aDLLFullFileName);
end;

end.

mały burdel, ale na samym dole kodu coś tam jest, ale nie znam się na tym, zignoruj tego posta jakby co

//edit
http://www.daniweb.com/software-development/cpp/threads/238461
http://www.governmentsecurity.org/forum/index.php?showtopic=31679
http://komputery.katalogi.pl/C%2B%2B_programowanie_sieciowe_windows-t80741.html

1 użytkowników online, w tym zalogowanych: 0, gości: 1