Results 1 to 7 of 7

Thread: RtlCreateUserThread best practices

Threaded View

  1. #1

    Question RtlCreateUserThread best practices

    Hi guys
    I have a shell code, used VirtualAlloc with MEM_COMMIT and PAGE_EXECUTE_READWRITE, then RtlCreateUserThread
    the code is executed successfully but then the process crash with C000005 excption

    I read aboud DEP, but I already used PAGE_EXECUTE_READWRITE !
    I also tried calling ExitThread
    How to avoid crashing the process ?
    Here is the code
        cin >>pid;
        HANDLE hProc=OpenProcess(PROCESS_ALL_ACCESS,false,pid);
    	HANDLE code=VirtualAllocEx(hProc, NULL, 508 ,MEM_COMMIT , PAGE_EXECUTE_READWRITE);
    	void * hex =	"\xe9\xff\x00\x00\x00\xe8\x1b\x01"
    DWORD sizeofHex = 509;
    	__try {
    		RtlCreateUserThread(hProc,NULL,false,0,0,0, code,0,&hThd,&cid);
    	__except (GetExceptionCode() ){
    		return -1;
    Last edited by capadleman; June 18th, 2013 at 12:59. Reason: added the source code
    I promise that I have read the FAQ and tried to use the Search to answer my question.

Similar Threads

  1. Replies: 11
    Last Post: September 7th, 2009, 15:26
  2. ntdll.RtlCreateUserThread problem
    By vadimpo in forum OllyDbg Support Forums
    Replies: 4
    Last Post: September 5th, 2009, 22:29
  3. Cant attach blocked by RtlCreateUserThread
    By Refund in forum OllyDbg Support Forums
    Replies: 1
    Last Post: January 17th, 2009, 15:50

Tags for this Thread


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts