From: Marco Atzeri <marco.atzeri@gmail.com>
To: cygwin@cygwin.com
Subject: Re: DllMain not called in CreateRemoteThread
Date: Sat, 08 Feb 2020 05:40:00 -0000 [thread overview]
Message-ID: <a723e665-7266-aafa-3578-16387903fd7c@gmail.com> (raw)
In-Reply-To: <CAJZVxR==EeX0y02Y5_ZhoFKnFCMmONg_-7jzv93pZqmrSdK-pA@mail.gmail.com>
please bottom post on this mailing list
Am 08.02.2020 um 01:12 schrieb Olivia Nelson:
> Sorry, I made a mistake. I've updated the title ..
>
> To summarize:
>
> 1. I can load the DLL compiled with cygwin with LoadLibraryA,
> but not remotely with CreateRemoteThread.
> 2. The same DLL compiled with msvc works with both LoadLibraryA and
> CreateRemoteThread
>
> Answer to Joost:
> constructor and destructor are called with LoadLibraryA, but not with
> CreateRemoteThread either
>
> Answer to Marco
> 1. I can't use mingw, it does not provide sys/XXX.h, e,g socket
> 2. I copied cygwin1.dll to system32, and it works outside cygwin environment
>
> Here's a implementation of the DLL injector in C#:
> https://codingvision.net/miscellaneous/c-inject-a-dll-into-a-process-w-createremotethread
>
Which of the sys/XXX.h are you looking for ?
$ cygcheck -l mingw64-x86_64-headers | grep "/sys/"
/usr/x86_64-w64-mingw32/sys-root/mingw/include/sec_api/sys/timeb_s.h
/usr/x86_64-w64-mingw32/sys-root/mingw/include/sys/cdefs.h
/usr/x86_64-w64-mingw32/sys-root/mingw/include/sys/fcntl.h
/usr/x86_64-w64-mingw32/sys-root/mingw/include/sys/file.h
/usr/x86_64-w64-mingw32/sys-root/mingw/include/sys/locking.h
/usr/x86_64-w64-mingw32/sys-root/mingw/include/sys/param.h
/usr/x86_64-w64-mingw32/sys-root/mingw/include/sys/stat.h
/usr/x86_64-w64-mingw32/sys-root/mingw/include/sys/time.h
/usr/x86_64-w64-mingw32/sys-root/mingw/include/sys/timeb.h
/usr/x86_64-w64-mingw32/sys-root/mingw/include/sys/types.h
/usr/x86_64-w64-mingw32/sys-root/mingw/include/sys/unistd.h
/usr/x86_64-w64-mingw32/sys-root/mingw/include/sys/utime.h
for what I know the Windows program use winsock2.h and winsock.h
for their own socket interface
$ cygcheck -l mingw64-x86_64-headers | grep "sock"
/usr/x86_64-w64-mingw32/sys-root/mingw/include/hvsocket.h
/usr/x86_64-w64-mingw32/sys-root/mingw/include/mswsock.h
/usr/x86_64-w64-mingw32/sys-root/mingw/include/psdk_inc/_socket_types.h
/usr/x86_64-w64-mingw32/sys-root/mingw/include/winsock.h
/usr/x86_64-w64-mingw32/sys-root/mingw/include/winsock2.h
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
next prev parent reply other threads:[~2020-02-08 5:40 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-02-07 8:47 DllMain not called Olivia Nelson
2020-02-07 14:49 ` Marco Atzeri
2020-02-07 15:07 ` Olivia Nelson
2020-02-07 15:46 ` Marco Atzeri
2020-02-07 18:19 ` Joost Kraaijeveld
2020-02-07 19:10 ` Joost Kraaijeveld
2020-02-08 0:12 ` DllMain not called in CreateRemoteThread Olivia Nelson
2020-02-08 5:40 ` Marco Atzeri [this message]
2020-02-09 14:52 ` Olivia Nelson
2020-02-10 18:50 ` Andrey Repin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=a723e665-7266-aafa-3578-16387903fd7c@gmail.com \
--to=marco.atzeri@gmail.com \
--cc=cygwin@cygwin.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).