Calling functions externally

[ninjakinja]

I understand what I'm asking is much easier done with DLL injection, however I wanted to try something new.

Okay, so I'm trying to call functions externally (hence the thread title). If I understand correctly, I can accomplish this with CreateRemoteThread. However I don't know how to exactly do this.

Here's what i'm thinking:

• In our host process, we create a function that we will inject into the target process
  
• Inside that function will contain our instructions that declare and assign to where the function we want to call now that we are inside the target address space.

Does anyone have an example code that does something similar to this?

[Alainx277]

1. find the function you want to call (address)
2. createremotethread with that address
3. ???
4. profit!

[Nimboso]

1. find the function you want to call (address)
2. createremotethread with that address
3. ???
4. profit!

You can't add multiple parameters using CreateRemoteThread thread.

You can define a structure, allocate with VirtualAllocEx and then write the parameters with WriteProcessMemory, then at CreateRemoteThread you pass the address of the structure. This means you have to do code injection, which is just a bit more complicated than DLL injection. Better, DLL injection it's a quicker solution of Code Injection.

just coppied from a relevant thread on rohitab

[Alainx277]

You can't add multiple parameters using CreateRemoteThread thread.

just coppied from a relevant thread on rohitab

Yeah, sorry. I forgot that you can only pass one argument. And your solution is also correct, I would recommend a DLL injection over code injection. If you want to know how to do a code injection I recommend this video: