Process cannot atteched

Hello..
i wanna attach a process in my program,
but process wil run on background,,
but my program doesn't not detect that process,

this is my code

#include <stdio.h>
#include <windows.h>

int main()
{
int newValue = 500;
HWND hWnd = FindWindow(0, TEXT("sfrXWBJ") );

if (hWnd == 0) {
fprintf(stderr, "Cannot find window.");
} else {
DWORD pId;
GetWindowThreadProcessId(hWnd, &pId);
HANDLE hProc = OpenProcess(PROCESS_ALL_ACCESS, FALSE, pId);

if (!hProc) {
fprintf(stderr, "Cannot open process.");
} else {
int isSuccessful = WriteProcessMemory(hProc, (LPVOID)0x0177520E, &newValue, (DWORD)sizeof(newValue), NULL);

if (isSuccessful > 0) {
puts("Process memory written.");
} else {
fprintf(stderr, "Cannot write process memory.");
}

CloseHandle(hProc);
}
}
getchar();
return 0;
}



my English is not good
in 90% of the cases people have with WINAPI can be easily solved with error checking.

You should at minimum use:
https://docs.microsoft.com/en-us/windows/win32/api/errhandlingapi/nf-errhandlingapi-getlasterror
and
https://docs.microsoft.com/en-us/windows/win32/api/winbase/nf-winbase-formatmessage

problem with your current error checking is that it doesn't give you any concrete information about the error.

for example you use:
if (isSuccessful > 0) which not how you check for error.

docs say:
If the function succeeds, the return value is nonzero.
If the function fails, the return value is 0 (zero).


also you misread the docs probably, since you use PROCESS_ALL_ACCESS:

Remarks
To open a handle to another local process and obtain full access rights, you must enable the SeDebugPrivilege privilege.


For more info see:
https://docs.microsoft.com/en-us/windows/win32/secbp/changing-privileges-in-a-token

reference:
https://docs.microsoft.com/en-us/windows/win32/api/processthreadsapi/nf-processthreadsapi-openprocess

Also if (hWnd == 0) is not how you check if window handle is valid.

Instead use if(!IsWindow(hWnd))

https://docs.microsoft.com/en-us/windows/win32/api/winuser/nf-winuser-iswindow
Last edited on
Thank You For Reply Sir,,,


Sir Please Can You Share Example,

Actually i'm confuse to make
I made few projects that create a sample target window program, debug process which attempts to gain "debug" rights to the window process in order to write process memory and also a DLL which will help to tell us what the error is.

note that there is still a lot of work to do, this is only to show how this sort of stuff is done.
I don't have much time to write code for you, the rest of the work belong to you!

In short here is the most important part on how to set process priviledge, see comments and links for further information:

also note that these function can't add priviledge, only modify existing ones. you should read MSDN for more information.

If you really want to hack someones process from non administrative account it's the best to create your own process which is automatically PROCESS_ALL_ACCESS, you can then write byte code into that process memory from some executable. something similar to how crypters works.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
bool SetProcessPrivilege(
	HANDLE hToken,
	const std::wstring privilege,
	bool enable_priviledge
)
{
	TOKEN_PRIVILEGES tp;
	LUID luid;

	if (!LookupPrivilegeValueW(
		nullptr,			// lookup privilege on local system
		privilege.c_str(),	// privilege to lookup 
		&luid))				// receives LUID of privilege
	{
		ShowError(ERR_BOILER);
		return false;
	}

	tp.PrivilegeCount = 1;
	tp.Privileges[0].Luid = luid;
	if (enable_priviledge)
		tp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
	else
		tp.Privileges[0].Attributes = 0;

	// Enable the privilege or disable all privileges.
	if (!AdjustTokenPrivileges(
		hToken,
		FALSE,
		&tp,
		sizeof(TOKEN_PRIVILEGES),
		(PTOKEN_PRIVILEGES)NULL,
		(PDWORD)NULL))
	{
		ShowError(ERR_BOILER);
		return false;
	}

	if (GetLastError() == ERROR_NOT_ALL_ASSIGNED)
	{
		SetLastError(ERROR_NOT_ALL_ASSIGNED);
		ShowError(ERR_BOILER);
		return false;
	}

	return true;
}



This function on it own is does not do much work it is called by following function:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
void AttachProcess()
{
	int buff[10] = {};

	HWND hWnd = FindWindowW(L"DebuggableWindow", L"TestWindow");

	if (!IsWindow(hWnd))
	{
		SetLastError(ERROR_INVALID_HANDLE);
		ShowError(ERR_BOILER);
		return;
	}

	DWORD pId;
	GetWindowThreadProcessId(hWnd, &pId);

	// for a list of access rights see:
	// https://docs.microsoft.com/en-us/windows/win32/procthread/process-security-and-access-rights
	HANDLE hProc = OpenProcess(PROCESS_VM_WRITE | PROCESS_VM_READ | PROCESS_QUERY_INFORMATION | PROCESS_SET_INFORMATION, TRUE, pId);
	if (!hProc)
	{
		ShowError(ERR_BOILER);
		return;
	}

	// The OpenProcessToken function opens the access token associated with a process.
	// for a list of access tokens see:
	// https://docs.microsoft.com/en-us/windows/win32/secauthz/access-rights-for-access-token-objects
	HANDLE hTokenHandle = nullptr;
	if (!OpenProcessToken(hProc,  TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hTokenHandle)
		|| !hTokenHandle)
	{
		ShowError(ERR_BOILER);
		return;
	}

	// set debug priviledge, for a list of priviledges see
	// https://docs.microsoft.com/en-us/windows/win32/secauthz/privilege-constants
	if (!SetProcessPrivilege(&hTokenHandle, SE_DEBUG_NAME, true))
		return;

	SIZE_T bytes_written = 0;
	const int isSuccessful = WriteProcessMemory(hProc, (LPVOID)0x0177520E, buff, static_cast<SIZE_T>(10 * sizeof(int)), &bytes_written);

	if (isSuccessful)
	{
		MessageBoxW(hWnd, (std::to_wstring(bytes_written) + L" bytes were written to process memory").c_str(), L"Info", MB_OK | MB_ICONINFORMATION);
	}
	else
	{
		ShowError(ERR_BOILER);
	}

	CloseHandle(hProc);
	CloseHandle(hTokenHandle);
}



You can download complete sample code on below link, with error checking DLL and 2 more projects just make sure you launch both programs in same time, you can set this option in solution.

if you do not use VS, then you're on you own, please don't ask me to help you configure some crappy IDE.


hopefully you learn something out from this!
http://s000.tinyupload.com/index.php?file_id=06235139145522649778
Registered users can post here. Sign in or register to post.