Process.NET
Process.NET copied to clipboard
lolp1
Remote Function Call
Hi,
I am currently trying to call a Game Function from my external process. Is that even possible? I only know of the CreateRemoteThread way which is messy and totally unreliable.
I have for sure the correct function pointer to the function I want to call. Also the function I want to call is a member function wihtout arguments so I put the RCX as the only argument as the this pointer. I guess that should becorrect like that?
Can this even work like that? Or did I misunderstood what the RemoteFunction is supposed to be doing?
Because when I execute that I get a InvalidFunctionPointerInDelegate exception
Edit: This only works for functions in the remote process that are exported right?
@johmarjac It is possible. However, you need to consider a few things. The first being you need to use (likely) an unmanaged function pointer attribute. You can find information about that here.
Secondly, you only have two options.
The first -- which while messy Process.NET (and of course, MemorySharp) make this task much, much easier and very clean.
The library takes care of allocating the space, assembling the correct bytes to inject based on parameters and convention passed to the Execute code, and even does the CRT and returning of the threads exit code which contains EAX/RAX.
The main code responsible for this, is here:
/// <returns>The return value is the exit code of the thread created to execute the assembly code.</returns>
public T Execute<T>(IntPtr address, Native.Types.CallingConventions callingConvention,
params dynamic[] parameters)
{
// Marshal the parameters
var marshalledParameters =
parameters.Select(p => MarshalValue.Marshal(Process, p)).Cast<IMarshalledValue>().ToArray();
// Start a transaction
AssemblyTransaction t;
using (t = BeginTransaction())
{
// Get the object dedicated to create mnemonics for the given calling convention
var calling = CallingConventionSelector.Get(callingConvention);
// Push the parameters
t.AddLine(calling.FormatParameters(marshalledParameters.Select(p => p.Reference).ToArray()));
// Call the function
t.AddLine(calling.FormatCalling(address));
// Clean the parameters
if (calling.Cleanup == CleanupTypes.Caller)
t.AddLine(calling.FormatCleaning(marshalledParameters.Length));
// Add the return mnemonic
t.AddLine("retn");
}
// Clean the marshalled parameters
foreach (var parameter in marshalledParameters)
parameter.Dispose();
// Return the exit code
return t.GetExitCode<T>();
}
For this to work, you must set the IAssembler instance inside and the IAssemblyFactory instance. Default implementation for the factory is provided, and an example of default IAssembler implementation is provided in the readme (as well as using the above method example).
The second way -- is to load your C# process into the target game process using my domain project inside of my github repos or googling how to inject C# dll/host CLR, using the unmanaged function pointer attribute to define the delegate, and using the below method found on msdn here
Marshal.GetDelegateForFunctionPointer<TDelegate>(IntPtr address)
Please feel free can ask any questions.
Thank you for letting me know that it works from remotely... That makes it very interesting for me now! I will ask if I need any further help. Thanks
Oh, I just saw that Fasm.NET is not available for 64 bit. Is there a known alternative which supports 64 bit assembling?
On x32 it worked with Fasm.NET, for x64 I used Reloaded.Assembler which supports x64. However when executing in 64 bit library is not able to create a thread.. any idea?
Oh, I just saw that Fasm.NET is not available for 64 bit. Is there a known alternative which supports 64 bit assembling?
On x32 it worked with Fasm.NET, for x64 I used Reloaded.Assembler which supports x64. However when executing in 64 bit library is not able to create a thread.. any idea?
I can fix the CRT code for this version. Do you have a link to the assembler?
Yes of course I tried this one: https://github.com/Reloaded-Project/Reloaded.Assembler
Yes of course I tried this one: https://github.com/Reloaded-Project/Reloaded.Assembler I only see one example of it using x64 assembly in the test and it is via .asm file. Any idea if it works? https://github.com/Reloaded-Project/Reloaded.Assembler/blob/master/Source/Reloaded.Assembler.Tests/Assemble.cs
I cannot test it out right now as I am at work, but when I remember correctly it has a NuGet Package as well which I used b4 and it assembled.. Whether it was correct assembly i dont know sorry. It was working tho same like FASM... Just created a new instance of Assembler class and then called Assemble() function with the asssembly string on it.
@johmarjac I will update the code to fix a few major issues with this project in the next few days to at least let us know if there is an issue aside from process.net or not and reply here when I issue a commit.
@lolp1 Any news on this? Meanwhile I found another x64 assembler https://github.com/0xd4d/iced
@lolp1 Any news on this? Meanwhile I found another x64 assembler https://github.com/0xd4d/iced
Sorry I've forgotten and not had a great deal of time. I'll look to fix this and various other issues haunting this project, mainly the proper addition of complete working x64 support including patches, detours, etc this coming first week of May.
@johmarjac I'm trying to use iced as well but I don't think I'm doing it right. Could you paste your implementation of IAssembler? It would be a huge help.
