Lets say the process 1 is the main process and the process 2 is the target process(i can't edit it by the way), i want to be able to call a function from the process 2 in the process 1, anyone have a nice way to do that?I was thinking in inject a dll with exports that calls that function and use GetProcAddress externally...Is that possible?Is that the best way to do it?
让我们说过程1是主要过程,过程2是目标过程(我不能顺便编辑它),我希望能够从过程1中的过程2调用一个函数,任何人都有一个这样做的好方法?我正在考虑使用导出来调用该函数的dll并在外部使用GetProcAddress ...这可能吗?这是最好的方法吗?
Thanks for the time.
谢谢你的时间。
1 个解决方案
#1
4
The title and body of your question ask two subtly different questions.
你问题的标题和正文提出了两个微妙不同的问题。
Having one executable call a function that's contained in another executable is quite easy, at least if the name of the function in question has been exported. You can use LoadLibrary to load an executable just like you would a DLL, then use GetProcAddress to get the address of the function you want to call, and call it normally. Keep in mind, however, that the function may not work correctly without other initialization that happens before it's called inside its own executable.
让一个可执行文件调用包含在另一个可执行文件中的函数非常简单,至少如果已导出有问题的函数的名称。您可以使用LoadLibrary加载可执行文件,就像使用DLL一样,然后使用GetProcAddress获取要调用的函数的地址,并正常调用它。但请记住,如果没有在其自己的可执行文件中调用之前发生的其他初始化,该函数可能无法正常工作。
Calling a function in the context of another process (not just in another executable) is considerably more work. The basic idea is to have a function that makes the call and (for example) writes a result to some memory shared with the process making the call. You then use CreateRemoteThread to have that function execute in the context of the process containing the function you need to call.
在另一个进程(不仅仅是在另一个可执行文件)的上下文中调用函数是相当多的工作。基本思想是有一个函数使调用和(例如)将结果写入与调用进程共享的某个内存。然后使用CreateRemoteThread使该函数在包含您需要调用的函数的进程的上下文中执行。
If the target process has been written to support it there are other methods such as COM that are intended to support this type of capability much more cleanly. They're generally preferable if available.
如果编写了目标进程以支持它,那么还有其他方法(如COM)可以更加干净地支持这种类型的功能。如果可以的话,它们通常是优选的。
#1
4
The title and body of your question ask two subtly different questions.
你问题的标题和正文提出了两个微妙不同的问题。
Having one executable call a function that's contained in another executable is quite easy, at least if the name of the function in question has been exported. You can use LoadLibrary to load an executable just like you would a DLL, then use GetProcAddress to get the address of the function you want to call, and call it normally. Keep in mind, however, that the function may not work correctly without other initialization that happens before it's called inside its own executable.
让一个可执行文件调用包含在另一个可执行文件中的函数非常简单,至少如果已导出有问题的函数的名称。您可以使用LoadLibrary加载可执行文件,就像使用DLL一样,然后使用GetProcAddress获取要调用的函数的地址,并正常调用它。但请记住,如果没有在其自己的可执行文件中调用之前发生的其他初始化,该函数可能无法正常工作。
Calling a function in the context of another process (not just in another executable) is considerably more work. The basic idea is to have a function that makes the call and (for example) writes a result to some memory shared with the process making the call. You then use CreateRemoteThread to have that function execute in the context of the process containing the function you need to call.
在另一个进程(不仅仅是在另一个可执行文件)的上下文中调用函数是相当多的工作。基本思想是有一个函数使调用和(例如)将结果写入与调用进程共享的某个内存。然后使用CreateRemoteThread使该函数在包含您需要调用的函数的进程的上下文中执行。
If the target process has been written to support it there are other methods such as COM that are intended to support this type of capability much more cleanly. They're generally preferable if available.
如果编写了目标进程以支持它,那么还有其他方法(如COM)可以更加干净地支持这种类型的功能。如果可以的话,它们通常是优选的。