-1
#include <Windows.h>
HANDLE h = OpenProcess(PROCESS_CREATE_THREAD, FALSE, 34808); //Creating a remote thread 
int main() {
    LPVOID path = "MessageBoxDLL.dll";
    CreateRemoteThread(h, NULL, 0, (LPTHREAD_START_ROUTINE)LoadLibraryA, path, 0, NULL);
}

When I try to run my code it returns the error "cannot convert from const char to lpvoid" Im a bit lost with why its not letting me give it a vaild path or even why it needs to convert my value. I played around a bit more but couldn't find any viable solutions. https://i.stack.imgur.com/Ne0bp.png <---Image of error

Jimmy Hankey
  • 25
  • 1
  • 6
  • Apparently the function (you don't tell which one it is) wants to change your `const char`. Is the `const char`important to you or would you mind making it mutable? – Ted Lyngmo Mar 06 '20 at 04:26
  • @TedLyngmo Its mutable – Jimmy Hankey Mar 06 '20 at 04:27
  • No, it's not according to the compiler. Show the full error message and point at the exact line in the code you show. – Ted Lyngmo Mar 06 '20 at 04:27
  • @TedLyngmo https://i.stack.imgur.com/Ne0bp.png sorry – Jimmy Hankey Mar 06 '20 at 04:33
  • "_When I try to run my code it returns the error "cannot convert from const char to lpvoid"_" - now, that's confusing. I actually don't think that's true. - That looks like a compiler error to me. – Ted Lyngmo Mar 06 '20 at 04:33
  • Btw, I glanced at your pictures of code (don't - just put the code here as text). Don't use the `Ansi` versions of the Windows API). It's not as good as the "Wide" API. – Ted Lyngmo Mar 06 '20 at 04:37
  • possible duplicate: https://stackoverflow.com/questions/6589776/createremotethread-with-string-argument-example – selbie Mar 06 '20 at 04:47
  • The fact that you have to explicitly cast the `LoadLibraryA` to `LPTHREAD_START_ROUTINE` is a solid indication that your implementation is busted. If you have to cast the thread function, it's likely not going to work. – selbie Mar 06 '20 at 04:57
  • @TedLyngmo any solutions to fix it then? – Jimmy Hankey Mar 06 '20 at 05:08
  • @JimmyHankey I'm not sure if you've covered everything in the API yet. If you haven't - read up on it. But for the question: "_cannot convert from const char to lpvoid_" it's easy. Don't send a `const char`when a `void*` is expected. – Ted Lyngmo Mar 06 '20 at 05:35
  • @TedLyngmo yes I know im not trying initialize it as a const char im trying to do just LPVOID* – Jimmy Hankey Mar 06 '20 at 05:43
  • @JimmyHankey Look at the error message.and what I wrote. You can't (or shouldn't) convert a pointer to a constant to something pointing at a mutable, like a `LPVOID*`. Also, `const char` is not a pointer. – Ted Lyngmo Mar 06 '20 at 05:48
  • 1
    What Ted is trying to say is that a string literal is considered "const" and it's contents are not to be passed to function who's signature can't guarantee it won't change it. Hence, `CreateThread` expects a `void*` with the expectation that the thread function can do what it wants. Hence, the compiler forbids a cast from `const char*` to a non-const `void*`. You can certainly cast away the constness with `const_cast`, but that;s not your only issue. What do you think the remote process will do with an address variable from another process? It won't be pointing to the string you think it is! – selbie Mar 06 '20 at 05:52
  • @selbie Thanks :-) – Ted Lyngmo Mar 06 '20 at 05:53
  • Further, golden rule of spawning threads. If you have to explicitly cast your thread entry point function to the expected type, it's only going to be undefined behavior. Hence, LoadLibrary can't be a thread entry point. But you could wrap it... – selbie Mar 06 '20 at 05:54
  • Could we the get purpose of your excercise into the question? There are probably one or two Windows-ninjas out there who'd ace this. – Ted Lyngmo Mar 06 '20 at 06:01
  • @selbie and Ted first off thank you for your patience, I'm really trying to grasp basic DLL injection and keep getting caught on trying to properly inject. I feel kind've stupid right now because I don't know where to ask for help. I read the documentation and I think I understand it however when i try to actually apply it, it ends up like this. – Jimmy Hankey Mar 06 '20 at 06:07

1 Answers1

1

Why is it converting to LPVOID? Because you told it to. Let's trim this down and notice the error remains:

int main() {
    void* x = "characters";
}

error C2440: 'initializing': cannot convert from 'const char [11]' to 'void *'

I want to be clear, I'm just answering the question. I make no claims about the rest of the code.

Normally, old style casts are considered poor practice, but for an old style function that's expecting void*, go for it:

#include <Windows.h>
int main() {
    const char *path = "MessageBoxDLL.dll";
    HANDLE h = OpenProcess(PROCESS_CREATE_THREAD, FALSE, 34808); //Creating a remote thread 
    CreateRemoteThread(h, NULL, 0, (LPTHREAD_START_ROUTINE)LoadLibraryA, (LPVOID)path, 0, NULL);
}

Since the function doesn't do any type checking, you're on your own for passing it the right arguments. Documentation and example code should help. Casting to void* makes sense for an OS thread function, since the OS doesn't know what you're going to pass.

Kenny Ostrom
  • 5,639
  • 2
  • 21
  • 30