Hi to all....
/////开发者_如何转开发///////////////////////////////////////
PUSH 214D84DD // thread id address out
PUSH 0
PUSH 0
PUSH 214D84CD // my function address to run in the thread
PUSH 0
PUSH 0
CALL DWORD PTR DS:[4EBD1204] // KERNEL32.CreateThread
waiting_label:
NOP
JMP waiting_label
////////////////////////////////////////////
I have put a breakpoint on my function (214D84CD), but after the CreateThread, in the "waiting loop" my function is not invoked. Otherwise, if I call after CreateThread my application (and not the waiting loop) with many others threads, my function is invoked.
Why? There is some "DoEvents" api to force in my loop to call my thread function?
The thread id (214D84DD) and the return value EAX are not null. I'm run my application in a debugger (OllyDbg). And I'm not using any compiler.
Many thanks, Riccardo
HANDLE WINAPI CreateThread(
__in_opt LPSECURITY_ATTRIBUTES lpThreadAttributes,
__in SIZE_T dwStackSize,
__in LPTHREAD_START_ROUTINE lpStartAddress,
__in_opt LPVOID lpParameter,
__in DWORD dwCreationFlags,
__out_opt LPDWORD lpThreadId
);
you are passing them wrong. Since in stdcall, you have to push the argument in a reverse order, lpThreadId should be pushed first. Thus 214D84CD and 214D84DD should be flipped.
You have to manually switch to the newly created thread via the 'threads' window.
Is because the CreateThread is in the initialization routine of a DLL.... :(
"During process startup and DLL initialization routines, new threads can be created, but they do not begin execution until DLL initialization is done for the process."
http://msdn.microsoft.com/en-us/library/windows/desktop/ms682453%28v=vs.85%29.aspx
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论