i want to call shfileoperation from shel32.dll to copy a file with delphi
but my code dosen't work and the reason is the format of paths,I didn't find any solution for the problem.any one can help me? here is my code and the image of RemoteInfo value while debugging
here is link of the image
but my code dosen't work and the reason is the format of paths,I didn't find any solution for the problem.any one can help me? here is my code and the image of RemoteInfo value while debugging
here is link of the image
Code:
program InjectCode;
uses
Windows,
shellapi, injectmemory,dialogs, strutils, sysutils, classes;
type
LPSHFILEOPSTRUCT = ^SHFILEOPSTRUCT;
SHFILEOPSTRUCT = packed record
Wnd: HWND;
wFunc: UINT;
pFrom: PAnsiChar;
pTo: PAnsiChar;
fFlags: FILEOP_FLAGS;
fAnyOperationsAborted: BOOL;
hNameMappings: Pointer;
lpszProgressTitle: PAnsiChar;
end;
type
TRemoteInfo = record
LoadLibrary: function(lpLibFileName: PChar): HMODULE; stdcall;
GetProcAddress: function(hModule: HMODULE;
lpProcName: LPCSTR): FARPROC; stdcall;
shf: SHFILEOPSTRUCT;
Kernel32: array[0..20] of Char;
shell32: array[0..20] of Char;
SHFileOperationA: array[0..20] of Char;
Fromlpbuff: array[0..20] of char; //Source path
Tolpbuff: array[0..20] of Char; //Des Path
end;
procedure RemoteThread(RemoteInfo: pointer); stdcall;
var
SHFileOperation: function(lpFileOp: LPSHFILEOPSTRUCT): Integer; stdcall;
begin
with TRemoteInfo(Remoteinfo^) do
begin
@SHFileOperation := GetProcAddress(LoadLibrary(shell32), SHFileOperationA);
SHFileOperation(@shf);
end;
end;
procedure RemoteThreadEnd;
begin
end;
var
RemoteInfo: TRemoteInfo;
s2: string;
s1: string;
i: integer;
pInfo, CodeAdr: pointer;
TID: dword;
Process: dword;
StartInfo: TStartupInfo;
ProcInfo: TProcessInformation;
begin
ZeroMemory(@StartInfo, SizeOf(TStartupInfo));
StartInfo.cb := SizeOf(TStartupInfo);
CreateProcess(nil, 'calc.exe', nil, nil, False, 0,
nil, nil, StartInfo, ProcInfo);
Process := ProcInfo.hProcess;
ZeroMemory(@RemoteInfo.fromlpbuff, sizeof(RemoteInfo.fromlpbuff));
ZeroMemory(@RemoteInfo.Tolpbuff, sizeof(RemoteInfo.Tolpbuff));
ZeroMemory(@RemoteInfo, SizeOf(RemoteInfo));
lstrcpy(RemoteInfo.shell32, 'shell32.dll');
lstrcpy(RemoteInfo.Kernel32, 'kernel32.dll');
lstrcpy(RemoteInfo.SHFileOperationA, 'SHFileOperationA');
RemoteInfo.shf.Wnd := 0;
RemoteInfo.shf.wFunc := FO_COPY;
RemoteInfo.shf.pFrom := @remoteInfo.Fromlpbuff;
RemoteInfo.shf.pto := @remoteInfo.tolpbuff;
lstrcpy(RemoteInfo.shf.pFrom, 'e:\1.jpg' + #0#0);
lstrcpy(RemoteInfo.shf.pto, 'f:\1.jpg' + #0#0);
RemoteInfo.shf.fFlags := FOF_ALLOWUNDO;
RemoteInfo.shf.fAnyOperationsAborted := false;
@RemoteInfo.LoadLibrary := GetProcAddress(GetModuleHandle('kernel32.dll'),
'LoadLibraryA');
@RemoteInfo.GetProcAddress := GetProcAddress(GetModuleHandle('kernel32.dll'),
'GetProcAddress');
pInfo := InjectMemory(Process, @RemoteInfo, SizeOf(TRemoteInfo));
CodeAdr := InjectMemory(Process, @RemoteThread,
dword(@RemoteThreadEnd) - dword(@RemoteThread));
Sleep(2000);
CreateRemoteThread(Process, nil, 0, CodeAdr, pInfo, 0, TID);
end.