2 replies to this topic

[VixinG]

Hi,
I have some trouble with calling a process function:

0093F470 :: GetUIElementByHash($hash)

How exactly can I call that function with $hash parameter?
$hash is 64 bit

My script crashes every time I try to call:

$hash = 'A53AF1388A1C1CBA'

$result = DllCallAddress("INT", 0x0093F470, "HWND", $hWnd, "INT64", $hash)

I know I'm doing something wrong...

[VixinG]

Okay I got info that it should be done in some other way similar to that:

#include './[Includes]/_ProcessCreateRemoteThread.au3'
#include './[Includes]/_ProcessFunctions.au3'

$pID = WinGetProcess("Application")

$hProcess = _ProcessOpen($pID,0x043A,False)

$hash = 'A53AF1388A1C1CBA'
$address = 0x0093F470

$result = _ProcessCreateRemoteThread($hProcess,$address,$hash,False,0,False)
_ProcessCloseHandle($hProcess)

MsgBox(0,'Result',$result)

But all what I got it's "0". How to get 0x0093F470 function's return?

[Shaggi]

_ProcessCreateRemoteThread() probably returns an handle to the thread instead of the return code. If it returns 0, that probably is an error. Ensure both your and the targeted program is same bitness. If you successfully get an handle, you should call WaitForSingleObject on the handle to wait while the thread does its thing, and then close the handle afterwards.

Also, the function you're calling must be stdcall, must accept one pointer-sized parameter and return a dword.