Jump to content
StoneIce

c++ : strcat.asm problems in visual studio

Recommended Posts

Morning everyone,

Mainly for educational purposes, hence I wonna discuss something like this on here, been trying to inject into chrome hence gave me some problems, but here is one of my sources I wanted pros on here to have a good look at.

Some parts of this code was gotten from rohan from msdn. Credits should be given to him.

When I inject it into chrome for instances, it opens the strcat.asm something like this

image.png

A debug view on my visual studio, doesn't give me errors, on the code, started to wonder what went wrong

Code looks like this


#include "stdafx.h"
#include <windows.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>

int main (HINSTANCE hInstance, HINSTANCE hPrevInstance, LPSTR lpCmdLine, int nCmdShow)
{
char chrome[260];
char *dll = "C:\\Users\\Emi\\Desktop\\akrikaht.dll";
GetEnvironmentVariable("programfiles",chrome,sizeof(chrome));
strcat(chrome,"Google\\Chrome\\Application\\chrome.exe"); //shows error at strcat, opens strcat.asm
strcpy(dll,lpCmdLine);
STARTUPINFO si;
PROCESS_INFORMATION pi;
ZeroMemory(&si,sizeof(si));
ZeroMemory(?,sizeof(pi));
HANDLE baseAddress = VirtualAllocEx (pi.hProcess,NULL, 265, MEM_COMMIT,PAGE_READWRITE) ;
WriteProcessMemory(pi.hProcess,baseAddress,dll,sizeof(dll),NULL);
CreateRemoteThread(pi.hProcess, NULL,0,(LPTHREAD_START_ROUTINE)GetProcAddress(GetModuleHandle("kernel32"),"LoadLibraryA"),baseAddress,0,NULL);
Sleep(100) ;
TerminateThread(pi.hThread,0);
printf("Injected \n");
getchar();

return 0;
}

Just trying to understand what the problem really is. Someone pls help.

Link to comment
Share on other sites

  • Active Members

You don't have to know

this type of dll injection

to be able to allocate some dynamic memory.

It's basic and I strongly reccommend you to learn how to use pointers ( also have a look at dynamic allocated memory - malloc() / calloc() / realloc() / free()) / data structures etc before starting such a project.

Now, what I think it will solve your issue:


#include "stdafx.h"
#include <windows.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>

int main (HINSTANCE hInstance, HINSTANCE hPrevInstance, LPSTR lpCmdLine, int nCmdShow)
{
int length = strlen(argv[1]); // argv[1] it's just an example
char *chrome = (char*)malloc(length + 1); // +1 for null terminator
char *dll = "C:\\Users\\Emi\\Desktop\\akrikaht.dll";
GetEnvironmentVariable("programfiles",chrome,sizeof(chrome));

strcat(chrome,"Google\\Chrome\\Application\\chrome.exe"); //shows error at strcat, opens strcat.asm
strcpy(dll,lpCmdLine);

STARTUPINFO si;
PROCESS_INFORMATION pi;
ZeroMemory(&si,sizeof(si));
ZeroMemory(?,sizeof(pi));

HANDLE baseAddress = VirtualAllocEx (pi.hProcess,NULL, 265, MEM_COMMIT,PAGE_READWRITE) ;
WriteProcessMemory(pi.hProcess,baseAddress,dll,sizeof(dll),NULL);
CreateRemoteThread(pi.hProcess, NULL,0, (LPTHREAD_START_ROUTINE)GetProcAddress(GetModuleHandle("kernel32"),"LoadLibraryA"),baseAddress,0,NULL);
Sleep(100) ;
TerminateThread(pi.hThread,0);
printf("Injected \n");
getchar();

return 0;
}

Now obviously something is missing but I won't tell you everything. Just look up on the internet for dynamic memory allocation in c and you'll be ok.

Edited by MrGrj
Link to comment
Share on other sites


#include "stdafx.h"
#include <windows.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>

int main (HINSTANCE hInstance, HINSTANCE hPrevInstance, LPSTR lpCmdLine, int nCmdShow)
{
char chrome[260];
char *dll = "C:\\Users\\Emi\\Desktop\\akrikaht.dll";
[B]GetEnvironmentVariable("programfiles",chrome,sizeof(chrome));[/B]
strcat(chrome,"Google\\Chrome\\Application\\chrome.exe"); //shows error at strcat, opens strcat.asm
strcpy(dll,lpCmdLine);
...

What if the call to GetEnvVar fails? and chrome is allocated on the stack and there's no zero to be taken as end-of-string?

Simplest way to test:

char chrome[256] = {};

also, test return value of GetEnvironmentVariable [0=failed, sizeof(chrome)=not enough space, # = bytes written].

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.



×
×
  • Create New...