在带参数的远程进程中调用函数(注入的DLL)
[英]Calling a function in a remote process with parameters (injected DLL)
问题描述
I've been trying to call a function which resides in an injected DLL using the DLL injector process. 
我一直在尝试使用DLL injector进程调用驻留在注入的DLL的函数。 The code from this answer works fine with no arguments but passing an argument causes random (non-initialized) gibberish like -1733099520 to be passed to the function instead of the desired DWORD : 此答案中的代码可以在没有参数的情况下正常工作,但传递参数会导致将随机(未初始化)乱码(如-1733099520 )传递给函数,而不是所需的DWORD :
DWORD speed_up = 1;
RemoteLibraryFunction(hProcess, targetDll, "set_speedup", &speed_up, sizeof speed_up, &lpReturn);
The DLL function I'm calling is defined as: 我正在调用的DLL函数定义为:
#define DLL_EXPORT extern "C" __declspec(dllexport)
DLL_EXPORT void set_speedup(const DWORD new_speed)
{
sprintf_s(debug_message_buffer, "Setting new speed to: %i\n", new_speed);
OutputDebugStringA(debug_message_buffer);
speed = new_speed;
}
Note that I'm using DebugView++ to observe the output of OutputDebugStringA() . 请注意,我正在使用DebugView++观察OutputDebugStringA()的输出。
What am I doing wrong? 我究竟做错了什么? It seems like the parameters are not set/passed correctly but the code seems correct and no functions failed. 似乎参数设置/传递不正确,但是代码似乎正确,没有函数失败。
1 个解决方案
解决方案1
0 2019-08-07 00:31:36
It turns out the passed parameter was passed in as address of the DWORD instead of the DWORD . 事实证明,传递的参数作为DWORD而不是DWORD地址传入。 This can be fixed by changing the called function's signature to something like the following: 可以通过将调用函数的签名更改为以下内容来解决此问题:
#define DLL_EXPORT extern "C" __declspec(dllexport)
DLL_EXPORT void set_speedup(const LPVOID acceleration_pointer)
{
const auto acceleration = *static_cast<DWORD*>(acceleration_pointer);
speed = acceleration;
}
The calling convention did not matter. 调用约定无所谓。 Now the call works as expected. 现在,该呼叫将按预期工作。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.