在下面的代码中,我想读取由CreateRemoteThread创建的LoadLibrayA的结果.

我将非常感谢你的帮助,
因为这似乎是不可能的

也许结果是及时阅读,
任何建议都将获得幸福

procedure InjectDLL(hProcess : Cardinal; ADllPath : String);
var
  lSize : Cardinal;

  hThread : Cardinal;
  szLibPath : array [0..MAX_PATH] of char;

  pLibRemote : Pointer;
  hLibModule : DWORD  ;

  hKernel32 : HMODULE;
begin
  hKernel32 := GetModuleHandle('Kernel32.dll');

  FillMemory(@szLibPath, sizeOf(szLibPath), 0);
  CopyMemory(@szLibPath, Pointer(ADllPath), length(ADllPath));

  pLibRemote :=
    VirtualAllocEx(
      hProcess,
      nil,
      sizeOf(szLibPath),
      MEM_COMMIT,
      PAGE_READWRITE
    );

  try
    WriteProcessMemory(
      hProcess,
      pLibRemote,
      @szLibPath,
      sizeOf(szLibPath),
      lSize
    );

    hThread :=
      CreateRemoteThread(
        hProcess,
        nil,
        0,
        GetProcAddress(hKernel32, 'LoadLibraryA'),
        pLibRemote,
        0,
        lSize
      );

    try
      WaitForSingleObject(hThread, INFINITE);

//------------> HERE I WANT TO READ LoadLibraryA RESULT

      GetExitCodeThread(hThread, hLibModule);
    finally
      // Clean up
      CloseHandle(hThread);
    end;

  finally
    VirtualFreeEx(hProcess, pLibRemote, sizeof(szLibPath), MEM_RELEASE);
  end;

最佳答案 您的线程过程是LoadLibrary.线程过程的返回值是线程的退出代码.因此,可以通过调用GetExitCodeThread来读取对LoadLibrary的调用的返回值.你已经做了什么.