远程DLL注入
2011-03-30 23:32
239 查看
DLL部分:
Main部分:
#include <windows.h> BOOL WINAPI DllMain(HINSTANCE hInstDll,DWORD dwReason,LPVOID lpReserved) { if(DLL_PROCESS_ATTACH == dwReason) MessageBox(NULL,"Entry","tip",MB_OK); else if(DLL_PROCESS_DETACH == dwReason) MessageBox(NULL,"Leave","tip",MB_OK); return TRUE; } extern "C" _declspec(dllexport) bool Inject(HWND hWnd = NULL) { if(hWnd) { ::SendMessage(hWnd,WM_SETTEXT,0,(LPARAM)"郭文艳"); return true; } return false; }
Main部分:
#include <windows.h> #include <iostream> using namespace std; bool Inject(HWND hWnd = NULL,char* pName = NULL) { HANDLE hProcess = NULL; HANDLE hThread = NULL; LPVOID lpMem = NULL; HINSTANCE hInstDll = NULL; bool bSucceed = false; __try { DWORD dwProcessID = -1; GetWindowThreadProcessId(hWnd,&dwProcessID); hProcess = OpenProcess(PROCESS_ALL_ACCESS,FALSE,dwProcessID); if(NULL == hProcess) __leave; lpMem = VirtualAllocEx(hProcess,NULL,strlen(pName),MEM_RESERVE|MEM_COMMIT,PAGE_READWRITE); if(NULL == lpMem) __leave; DWORD dwWrite; if(WriteProcessMemory(hProcess,lpMem,(LPVOID)pName,strlen(pName),&dwWrite)) { hInstDll = LoadLibrary("Dll1.dll"); if(NULL == hInstDll) __leave; typedef bool (*INJECT)(HWND); INJECT lpInject = (INJECT)GetProcAddress(hInstDll,"Inject"); if(NULL == lpInject) __leave; bSucceed == lpInject(hWnd); hThread = CreateRemoteThread(hProcess,NULL,0,(LPTHREAD_START_ROUTINE)GetProcAddress(GetModuleHandle("KERNEL32.dll"),"LoadLibraryA"),lpMem,0,NULL); if(NULL == hThread) __leave; } //bSucceed = true; } __finally { if(lpMem) VirtualFreeEx(hProcess,NULL,strlen(pName),MEM_RESERVE|MEM_COMMIT); if(hInstDll) FreeLibrary(hInstDll); if(hThread) CloseHandle(hThread); if(hProcess) CloseHandle(hProcess); } return bSucceed; } void main(int argc,TCHAR*argv[]) { HWND hWnd = FindWindow("NotePad",NULL); if(NULL == hWnd) { cout<<"Fail to find window."<<endl; return; } char chName[] = "F://Win32Dll.dll"; if(Inject(hWnd,chName)) cout<<"Inject Succeed"<<endl; else cout<<"Inject Failed"<<endl; }
相关文章推荐
- 远程DLL注入C#
- 远程线程模板(DLL注入)
- 远程DLl注入
- Windows核心编程Dll注入之远程线程
- 远程线程插入(DLL注入)
- 远程DLL注入
- 远程DLL注入、卸载
- 【windows核心编程】远程线程DLL注入
- 远程注入代码,一些过时的ring3技术(ASM、VC++、Delphi) (非Dll注入)
- Dll注入:X86/X64 远程线程CreateRemoteThread 注入
- Dll注入技术之远程线程注入
- windows下 远程DLL注入
- Delphi利用CreateRemoteThread远程注入 详细 (非dll注入,是代码注入)
- 实战DELPHI:远程线程插入(DLL注入)
- 远程dll注入 C#
- 远程线程dll注入
- 远程线程DLL注入
- 拦截API-通过远程线程dll注入目标进程
- 远程进程的Dll注入[黑防]
- 实战DELPHI:远程线程插入(DLL注入)