Question about how to use a thread to insert a function

How to Use the thread-inserted function Delphi/Windows SDK/API
Http://www.delphi2007.net/DelphiAPI/html/delphi_20061207182656107.html
I have mastered it now, without using DLL. Code Injection Technology

There is an inject function that adds "@" before the handle of the process to be inserted and the name of the function to be inserted "@"
Pass it as a parameter, as shown in the following code:
Procedure inject (processhandle: longword; entrypoint: pointer );

It was easy to use.

But here I have a copy with a form Program Code to insert it into a PID
The original DPR file is as follows:

Program server;

Uses
Forms,
Mainserve in 'mainserve. pa' {serverform };

Begin
Application. initialize;
Application. createform (tserverform, serverform );
Application. Run;
End.

I changed it:

Program server;

Uses
Forms, windows,
Mainserve in 'mainserve. pa' {serverform };

Procedure main ();

Begin
Application. initialize;
Application. createform (tserverform, serverform );
Application. Run;
End;


VaR
Processhandle, PID: longword;

Begin

PID: = 1252; // The PID of an IE currently running
Processhandle: = OpenProcess (process_all_access, false, pid); // open the process
Inject (processhandle, @ main); // insert Code
Closehandle (processhandle); // closes the thread handle
End.



The mainserve. PAS has not been modified.

If the compilation is correct, an error occurs. It means that a memory referenced by a memory cannot be writen, and IE is disabled.


Is my change correct ??

I suspect that this error is related to a form in the program, but cannot be removed when timer is used ??

Are my doubts true ????

It indicates that the inject definition was added during the modification, but the above Code was not reflected.

I also want to know the method without DLL injection ..
Aphex remote injection without DLL is
Getwindowthreadprocessid (findwindow ('Shell _ traywnd', nil), @ PID );
// Obtain the PID code of the exp process. shell_traywnd is the class name. You need to view the relevant code using spy ++.

Processhandle: = OpenProcess (process_all_access, false, pid); // open the process

Hmodule: = pointer (getmodulehandle (NiL ));
// The value obtained here is a pointer variable that points to the content including the base address and length of the image.

Extent: = pimageoptionalheader (pointer (INTEGER (hmodule) + pimagedosheader (hmodule). _ lfanew + sizeof (DWORD) + sizeof (timagefileheader). sizeofimage;
// Get the memory image Length

Virtualfreeex (processhandle, hmodule, 0, mem_release );
// Allocate a sufficient memory length within the memory range of the exp Process

Hmodule_news: = virtualallocex (processhandle, hmodule, extent, mem_commit or mem_reserve, page_execute_readwrite );
// Determine the starting base address and memory image base address

Writeprocessmemory (processhandle, hmodule_news, hmodule, extent, size );
// Confirm the data above and start the operation here

Createremotethread (processhandle, nil, 0, @ download, hmodule, 0, threadid );
// Create a remote thread. The injection process has been completed.

Closehandle (processhandle );


I define my program as a process and inject it in this way. The result is the same as that of lx...
Let's talk about it in detail ..

Upstairs is the person in the same path

In fact, we can insert a small process to successfully call other custom processes.

However, if you define the main program in the DPR file in the original code of a program as a process and insert it again, an error will be reported.

Why ??

Show experts

Follow

Please devote yourself

Please devote yourself

Manual pin

Haven't anyone come yet?
I also have a piece of code. The process injection defined by him is okay. I wrote a process injection error myself. I'm depressed.

Manual pin

Manual pin