c++ : strcat.asm problems in visual studio

StoneIce · August 13, 2015

Morning everyone,

Mainly for educational purposes, hence I wonna discuss something like this on here, been trying to inject into chrome hence gave me some problems, but here is one of my sources I wanted pros on here to have a good look at.

Some parts of this code was gotten from rohan from msdn. Credits should be given to him.

When I inject it into chrome for instances, it opens the strcat.asm something like this

A debug view on my visual studio, doesn't give me errors, on the code, started to wonder what went wrong

Code looks like this


#include "stdafx.h"
#include <windows.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>

int main (HINSTANCE hInstance, HINSTANCE hPrevInstance, LPSTR lpCmdLine, int nCmdShow)
{
   char chrome[260];
   char *dll = "C:\\Users\\Emi\\Desktop\\akrikaht.dll";
GetEnvironmentVariable("programfiles",chrome,sizeof(chrome));
strcat(chrome,"Google\\Chrome\\Application\\chrome.exe"); //shows error at strcat, opens strcat.asm
strcpy(dll,lpCmdLine);
STARTUPINFO si;
PROCESS_INFORMATION pi;
ZeroMemory(&si,sizeof(si));
ZeroMemory(?,sizeof(pi));
HANDLE baseAddress = VirtualAllocEx (pi.hProcess,NULL, 265, MEM_COMMIT,PAGE_READWRITE) ;
WriteProcessMemory(pi.hProcess,baseAddress,dll,sizeof(dll),NULL);
CreateRemoteThread(pi.hProcess, NULL,0,(LPTHREAD_START_ROUTINE)GetProcAddress(GetModuleHandle("kernel32"),"LoadLibraryA"),baseAddress,0,NULL);
Sleep(100) ;
TerminateThread(pi.hThread,0);
printf("Injected  \n");
 getchar();

return 0;
 }

Just trying to understand what the problem really is. Someone pls help.

Nytro · August 13, 2015

Maybe overflow.

Declare the string as 1024 bytes and test.

Check the return value of GetEnvironmentVariable and the contents of the variable after the call.

StoneIce · August 13, 2015

still gives me the same access violation error. When I remove it it tells me debug failure. unknown error.

Nytro · August 13, 2015

What does "GetEnvironmentVariable" return and what is the content of the "chrome" variable after "GetEnvironmentVariable" function call?

StoneIce · August 13, 2015

it returns the path inside the IDE upon debug. c//...//(x86) Chrome //Application//chrome.exe that's what I see

MrGrj · August 13, 2015

Use dynamic memory allocation

(


malloc()

should be enough ) for your variable and it should work.

Don't forget to also

free()

to deallocate the allocated memory

Edited August 13, 2015 by MrGrj

StoneIce · August 13, 2015

@MrGrj, lemme give it a try and get back to you

Edited August 13, 2015 by StoneIce

MrGrj · August 13, 2015

You don't have to know

this type of dll injection

to be able to allocate some dynamic memory.

It's basic and I strongly reccommend you to learn how to use pointers ( also have a look at dynamic allocated memory - malloc() / calloc() / realloc() / free()) / data structures etc before starting such a project.

Now, what I think it will solve your issue:


#include "stdafx.h"
#include <windows.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>

int main (HINSTANCE hInstance, HINSTANCE hPrevInstance, LPSTR lpCmdLine, int nCmdShow)
{
   int length = strlen(argv[1]); // argv[1] it's just an example
   char *chrome = (char*)malloc(length + 1); // +1 for null terminator
   char *dll = "C:\\Users\\Emi\\Desktop\\akrikaht.dll";
   GetEnvironmentVariable("programfiles",chrome,sizeof(chrome));

   strcat(chrome,"Google\\Chrome\\Application\\chrome.exe"); //shows error at strcat, opens strcat.asm
   strcpy(dll,lpCmdLine);

   STARTUPINFO si;
   PROCESS_INFORMATION pi;
   ZeroMemory(&si,sizeof(si));
   ZeroMemory(?,sizeof(pi));

   HANDLE baseAddress = VirtualAllocEx (pi.hProcess,NULL, 265, MEM_COMMIT,PAGE_READWRITE) ;
   WriteProcessMemory(pi.hProcess,baseAddress,dll,sizeof(dll),NULL);
   CreateRemoteThread(pi.hProcess, NULL,0,      (LPTHREAD_START_ROUTINE)GetProcAddress(GetModuleHandle("kernel32"),"LoadLibraryA"),baseAddress,0,NULL);
   Sleep(100) ;
   TerminateThread(pi.hThread,0);
   printf("Injected  \n");
   getchar();

   return 0;
 }

Now obviously something is missing but I won't tell you everything. Just look up on the internet for dynamic memory allocation in c and you'll be ok.

Edited August 13, 2015 by MrGrj

Nytro · August 13, 2015

it returns the path inside the IDE upon debug. c//...//(x86) Chrome //Application//chrome.exe that's what I see

Replace char chrome[260]; with char chrome[1024]; and check again.

__self__ · August 13, 2015


#include "stdafx.h"
#include <windows.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>

int main (HINSTANCE hInstance, HINSTANCE hPrevInstance, LPSTR lpCmdLine, int nCmdShow)
{
   char chrome[260];
   char *dll = "C:\\Users\\Emi\\Desktop\\akrikaht.dll";
[B]GetEnvironmentVariable("programfiles",chrome,sizeof(chrome));[/B]
strcat(chrome,"Google\\Chrome\\Application\\chrome.exe"); //shows error at strcat, opens strcat.asm
strcpy(dll,lpCmdLine);
...

What if the call to GetEnvVar fails? and chrome is allocated on the stack and there's no zero to be taken as end-of-string?

Simplest way to test:

char chrome[256] = {};

also, test return value of GetEnvironmentVariable [0=failed, sizeof(chrome)=not enough space, # = bytes written].

StoneIce · August 13, 2015

@MrGrj, Free() I think that should be it.

StoneIce · August 13, 2015

lemme work on it and get back to you fellows. thanks a million all of you

Sign In

c++ : strcat.asm problems in visual studio

Recommended Posts

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Join the conversation