远程DLL注入
2014-02-11 11:34
477 查看
界面如下:
关键部分代码如下:
下载地址:
http://pan.baidu.com/s/1xk7Jw
关键部分代码如下:
void CInjectDllDlg::OnBnClickedButtonInject()
{
// TODO: 在此添加控件通知处理程序代码
UpdateData(TRUE);
int iBufSize = WideCharToMultiByte(CP_ACP, 0, m_strPathName.GetBuffer(0), -1, NULL, 0, NULL, NULL);
char *pszBuffer = new char[iBufSize];
WideCharToMultiByte(CP_ACP, 0, m_strPathName.GetBuffer(0), -1, pszBuffer, iBufSize, NULL, NULL);
InjectDll(m_dwPid, pszBuffer);
delete []pszBuffer;
pszBuffer = NULL;
}
void CInjectDllDlg::OnBnClickedButtonUnload()
{
// TODO: 在此添加控件通知处理程序代码
UpdateData(TRUE);
int iBufSize = WideCharToMultiByte(CP_ACP, 0, m_strPathName.GetBuffer(0), -1, NULL, 0, NULL, NULL);
char *pszBuffer = new char[iBufSize];
WideCharToMultiByte(CP_ACP, 0, m_strPathName.GetBuffer(0), -1, pszBuffer, iBufSize, NULL, NULL);
UnInjectDll(m_dwPid, pszBuffer);
delete []pszBuffer;
pszBuffer = NULL;
}
void CInjectDllDlg::InjectDll(DWORD dwPid, char* szDllName)
{
if (dwPid == 0 || strlen(szDllName) == 0)
{
return;
}
char *pFunName = "LoadLibraryA";
HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, dwPid);
if (NULL == hProcess)
{
return;
}
int iDllLen = strlen(szDllName) + sizeof(char);
PVOID pDllAddr = VirtualAllocEx(hProcess, NULL, iDllLen, MEM_COMMIT, PAGE_READWRITE);
if (NULL == pDllAddr)
{
CloseHandle(hProcess);
return;
}
DWORD dwWriteNum = 0;
WriteProcessMemory(hProcess, pDllAddr, szDllName, iDllLen, &dwWriteNum);
FARPROC pFunAddr = GetProcAddress(GetModuleHandleA("kernel32.dll"), pFunName);
HANDLE hThread = CreateRemoteThread(hProcess, NULL, 0, (LPTHREAD_START_ROUTINE)pFunAddr, pDllAddr, 0, NULL);
WaitForSingleObject(hThread, INFINITE);
CloseHandle(hThread);
CloseHandle(hProcess);
}
void CInjectDllDlg::UnInjectDll(DWORD dwPid, char* szDllName)
{
HANDLE hSnap = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, dwPid);
MODULEENTRY32 Me32 = {0};
Me32.dwSize = sizeof(MODULEENTRY32);
BOOL bRet = Module32First(hSnap, &Me32);
while (bRet)
{
int iBufSize = WideCharToMultiByte(CP_ACP, 0, Me32.szExePath, -1, NULL, 0, NULL, NULL);
char *pszBuffer = new char[iBufSize];
WideCharToMultiByte(CP_ACP, 0, Me32.szExePath, -1, pszBuffer, iBufSize, NULL, NULL);
if (strcmp(pszBuffer, szDllName) == 0)
{
delete []pszBuffer;
pszBuffer = NULL;
break;
}
delete []pszBuffer;
pszBuffer = NULL;
bRet = Module32Next(hSnap, &Me32);
}
CloseHandle(hSnap);
char *pFunName = "FreeLibrary";
HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, dwPid);
FARPROC pFunAddr = GetProcAddress(GetModuleHandleA("kernel32.dll"), pFunName);
HANDLE hThread = CreateRemoteThread(hProcess, NULL, 0, (LPTHREAD_START_ROUTINE)pFunAddr, Me32.hModule, 0, NULL);
WaitForSingleObject(hThread, INFINITE);
CloseHandle(hThread);
CloseHandle(hProcess);
}下载地址:
http://pan.baidu.com/s/1xk7Jw
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- 远程DLL注入C#
- 远程DLl注入
- 远程线程模板(DLL注入)
- Windows核心编程Dll注入之远程线程
- 远程线程插入(DLL注入)
- 远程DLL注入、卸载
- 【windows核心编程】远程线程DLL注入
- 远程DLL注入
- Dll注入:X86/X64 远程线程CreateRemoteThread 注入
- Dll注入技术之远程线程注入
- windows下 远程DLL注入
- 远程注入代码,一些过时的ring3技术(ASM、VC++、Delphi) (非Dll注入)
- 实战DELPHI:远程线程插入(DLL注入)
- Delphi利用CreateRemoteThread远程注入 详细 (非dll注入,是代码注入)
- 远程dll注入 C#
- 远程线程dll注入
- 拦截API-通过远程线程dll注入目标进程
- 远程线程DLL注入
- 远程进程的Dll注入[黑防]
- 实战DELPHI:远程线程插入(DLL注入)