Below is my code. The function is called, but it does not work. It dont call the exe. Why?
int Createprocesslogon()
{
STARTUPINFOW su_info;
ZeroMemory(&su_info, sizeof(STARTUPINFOW));
su_info.cb = sizeof(STARTUPINFOW);
PROCESS_INFORMATION pi;
ZeroMemory(&pi, sizeof(PROCESS_INFORMATION));
CreateProcessWithLogonW(L"xxx", L"localhost", L"123456", 0, L"C:\\Program Files\\app\\IECapt.exe" ,L" --url=http://www.facebook.com/ --out=test.png --min-width=1024", 0, NULL, NULL, &su_info, &pi);
cout << "testt";
return 0;
}
Did you mean CreateProcessAsUser, or CreateProcessWithToken after a call to LogonUser?
EDIT:
Try this (embedding argument in one):
CreateProcessWithLogonW(L"xxx", L"localhost", L"123456", 0, 0,
L"\"C:\\Program Files\\app\\IECapt.exe\" \" --url=http://www.facebook.com/ --out=test.png --min-width=1024\"", 0, NULL, NULL, &su_info, &pi);
lpCommandLine is supposed to be the entire command line, starting with the executable (properly quoted). Otherwise your first argument ends up in argv[0] and is ignored by the program.
Related
I'm trying to use Go to call the sendmmsg syscall to send a datagram multiple times over a link layer socket. I've used Gopacket to build the datagram, and when I send it using unix.Sendto() it works as expected. When I use sendmmsg the program panics and returns an error message too long. Here's what I've tried so far (error handling removed for brevity):
// Open an AF_PACKET type socket
fd, _ := unix.Socket(unix.AF_PACKET, unix.SOCK_RAW, unix.ETH_P_ALL)
// Create a link layer Sockaddr
sockaddr := &unix.SockaddrLinklayer{
Protocol: unix.ETH_P_ALL,
Ifindex: 5,
Hatype: 803,
Pkttype: 0,
Halen: 0,
}
sendmmsg takes a file descriptor (fd), a pointer to an array of mmsghdr structures, an unsigned int vlen which is the length of the array of mmsghdr structs, and a flags value. So using Go, assuming I'm not passing any flags and that I have an array of mmsghdr structs of length 2 called mymsgvec, I should be able to send my datagram with:
unix.Syscall6(unix.SYS_SENDMMSG,
uintptr(fd),
(uintptr)(unsafe.Pointer(mymsgvec)),
uintptr(2),
0, 0, 0)
To create mymsgvec I first define a mmsghdr type following its description in the sendmmsg manpage:
type mmsghdr struct {
msghdr unix.Msghdr
msglen uint32
}
I then create a msghdr from my buffer buf:
msghdr := &unix.Msghdr {
Name: (*byte)(unsafe.Pointer(sockaddr)),
Namelen: uint32(unsafe.Sizeof(*sockaddr)),
Iov: &unix.Iovec {
Base: &buf[0],
Len: uint64(len(buf)),
},
Iovlen: uint64(1),
}
Then finally I create mymsgvec with
mymsgvec := &[]mmsghdr{
{msghdr: *msghdr, msglen: uint32(len(msg))},
{msghdr: *msghdr, msglen: uint32(len(msg))},
}
When I try to send this using unix.Syscall6 as described above it fails with the error message too long, although the message is only 44 bytes. I assume the issue is something to do with how I'm constructing mmsghdrs, but I'm not sure. Could someone please point to where I'm going wrong here? Thanks!
Update on 2019/11/19:
I search google and find a lib to do this(I can't remember which is it now), and it works fine.
Update on 2019/6/19:
My env is win10, the reason is this code is not work on win10?
Origin:
I use this code to just inject int foo() {return 0} to a target process. But It cause target process crash.
The entire vs solution is here: https://github.com/huhuang03/test/tree/master/win/InjectHelloWorld. Include the InjectMe and InjectByCode.
char hand_asm[100] = {0xC3}; // 0xc3 is the retn assembly
if (!WriteProcessMemory(h_target, targetFuncSpace, &hand_asm, CODE_SPACE_SIZE, NULL)) {
showError(L"Cna't write targetFuncSpace");
return EXIT_FAILURE;
}
InjectFuncParam param;
LPVOID injectFuncParamSpace = VirtualAllocEx(h_target, NULL, sizeof(param), MEM_COMMIT | MEM_RESERVE, PAGE_EXECUTE_READWRITE);
if (!injectFuncParamSpace) {
showError(L"Can't alloc injectFuncParamSpace");
return EXIT_FAILURE;
}
system("pause");
DWORD remoteThreadId = 0;
HANDLE h_remoteThread = CreateRemoteThread(h_target, NULL, 0, (LPTHREAD_START_ROUTINE)targetFuncSpace, injectFuncParamSpace, 0, &remoteThreadId);
if (!h_remoteThread) {
VirtualFreeEx(h_target, injectFuncParamSpace, 0, MEM_RELEASE);
VirtualFreeEx(h_target, targetFuncSpace, 0, MEM_RELEASE);
showError(L"Cant' create rmeote Thread");
return EXIT_FAILURE;
this cause InjectMe crash, I can't find a way to debug this.
By the way, I use ollydbg to set a breakpoint at targetFuncSpace, but the ollydbg says it's not code segment... Why, I had use the PAGE_EXECUTE_READWRITE to alloc the space.
One problem I see is you can't VirtualFree targetFuncSpace until the remote thread in the target process has finished executing.
Also WriteProcessMemory is copying CODE_SPACE_SIZE (4096) bytes from hand_asm which is only 100 bytes.
I'm creating a program that uses glutin, and I want to provide a command-line flag to make the window override-redirect so it can be used as a desktop wallpaper for certain window managers that don't support the desktop window type.
I've done a lot of research and managed to cobble together a block of code that I thought would work, using the provided xlib display and window from glutin. Here is my existing code:
unsafe {
use glutin::os::unix::WindowExt;
let x_connection = std::sync::Arc::<glutin::os::unix::x11::XConnection>::into_raw(display.gl_window().get_xlib_xconnection().unwrap());
((*x_connection).xlib.XChangeWindowAttributes)(
display.gl_window().get_xlib_display().unwrap() as *mut glutin::os::unix::x11::ffi::Display,
display.gl_window().get_xlib_window().unwrap() as glutin::os::unix::x11::ffi::XID,
glutin::os::unix::x11::ffi::CWOverrideRedirect,
&mut glutin::os::unix::x11::ffi::XSetWindowAttributes {
background_pixmap: 0,
background_pixel: 0,
border_pixmap: 0,
border_pixel: 0,
bit_gravity: 0,
win_gravity: 0,
backing_store: 0,
backing_planes: 0,
backing_pixel: 0,
save_under: 0,
event_mask: 0,
do_not_propagate_mask: 0,
override_redirect: 1,
colormap: 0,
cursor: 0,
}
);
}
It doesn't give me any errors, and compiles and runs fine with the rest of the code, but it doesn't make the window override-redirect like I want to.
I figured it out. The override-redirect only takes place when the window is mapped, so if I unmap it and map it again then it works!
Here is the code now:
unsafe {
use glutin::os::unix::WindowExt;
use glutin::os::unix::x11::XConnection;
use glutin::os::unix::x11::ffi::{Display, XID, CWOverrideRedirect, XSetWindowAttributes};
let x_connection = std::sync::Arc::<XConnection>::into_raw(display.gl_window().get_xlib_xconnection().unwrap());
let x_display = display.gl_window().get_xlib_display().unwrap() as *mut Display;
let x_window = display.gl_window().get_xlib_window().unwrap() as XID;
((*x_connection).xlib.XChangeWindowAttributes)(
x_display,
x_window,
CWOverrideRedirect,
&mut XSetWindowAttributes {
background_pixmap: 0,
background_pixel: 0,
border_pixmap: 0,
border_pixel: 0,
bit_gravity: 0,
win_gravity: 0,
backing_store: 0,
backing_planes: 0,
backing_pixel: 0,
save_under: 0,
event_mask: 0,
do_not_propagate_mask: 0,
override_redirect: 1,
colormap: 0,
cursor: 0,
}
);
((*x_connection).xlib.XUnmapWindow)(x_display, x_window);
((*x_connection).xlib.XMapWindow)(x_display, x_window);
}
i just need a simple way to import a .reg key into the registery hive
how can i do this?
my current code looks like this:
#include<Windows.h>
int main()
{
STARTUPINFO STARTINFO = { sizeof(STARTUPINFO) };
STARTINFO.cb = sizeof(STARTINFO);
STARTINFO.dwFlags = STARTF_USESHOWWINDOW;
STARTINFO.wShowWindow = SW_HIDE;
PROCESS_INFORMATION ProcessInfo;
CreateProcess("regedit.exe /S C:\\folder\\dd.reg", NULL , NULL, NULL, FALSE, CREATE_NO_WINDOW , NULL, NULL, &STARTINFO, &ProcessInfo);
from the commmand line C:\\Windows\regedit.exe /S C:\\folder\\dd.regworks perfectly fine, what i am doing wrong?
PS: i dont want to use system
Read the documentation for CreateProcess. The first parameter is just the name/path of the executable; the second one is the command line.
CreateProcess(L"regedit.exe", L"/S whatever.reg", ...)
Hello i' need to use a pop-up menu, witch is created dynamically.
OSErr err = GetBevelButtonMenuHandle(m_pRecallAOptionalButton, &m_pRecallAMenuRef);
for (countitem)
{
String szItem (List.GetAt(i));
CFStringRef sz = ToCFStringRef(szItem);
AppendMenuItemTextWithCFString(m_pRecallAMenuRef, sz, 0, 0, 0);
}
short sCount = CountMenuItems(m_pRecallAMenuRef);
SetControl32BitMaximum(m_pRecallAOptionalButton, sCount);
This is ok, menu show the correct number of items. I set maximum value.
My problem occur when i want to get the selected item index.
For this, i use the kEventClassMenu event & kEventMenuClosed kind
case kEventClassMenu:
{
MenuRef Menu;
GetEventParameter( inEvent, kEventParamDirectObject, typeMenuRef, NULL, sizeof(Menu), NULL, &Menu );
if (Menu && (Menu == pMainForm->m_pRecallAMenuRef))
{
SInt32 nIndex = GetControl32BitMaximum(m_pRecallAOptionalButton); // return the correct items count
nIndex = GetControl32BitValue(m_pRecallAOptionalButton); // always return 0 !!!!!
}
}
Did i missed something ? is it the right event to attach ?
Many thanks for help.
You probably want to handle kEventClassCommand/kEventProcessCommand, and use the command id from the menu item.
HICommand command;
GetEventParameter( inEvent, kEventParamDirectObject, typeHICommand, NULL,
sizeof( HICommand ), NULL, &command );
switch (command.commandID) {
case 1:
... etc ...
Note that the commandID is one of the parameters to AppendMenuItemTextWithCFString; that's how you can give each item a unique commandID as you generate the menu. commandID's are conventionally 4-char codes (like 'open' or 'save'), but there's no reason you couldn't use simple ints for your dynamically-generated commands.