C语言实现远程Dll注入
标签:bool class kernel 语言 single remote std dwr address
VC6.0创建一个Dll文件.
#include extern "C" __declspec(dllexport) void ShellCode()
{
MessageBox(NULL,"hello lyshark","MsgBox",MB_OK);
}
bool APIENTRY DllMain(HANDLE handle,DWORD dword,LPVOID lpvoid)
{
ShellCode();
return true;
}
接着创建一个注入工具.
#include
#include
#include int GetProcessID(char *Name)
{
HWND Pid=::FindWindow(NULL,Name);
DWORD Retn;
::GetWindowThreadProcessId(Pid,&Retn);
return Retn;
}
void InjectDLL(DWORD PID,char *Path)
{
DWORD dwSize;
HANDLE hProcess=OpenProcess(PROCESS_ALL_ACCESS,false,PID);
dwSize=strlen(Path)+1;
LPVOID lpParamAddress=VirtualAllocEx(hProcess,0,dwSize,PARITY_SPACE,PAGE_EXECUTE_READWRITE);
WriteProcessMemory(hProcess,lpParamAddress,(PVOID)Path,dwSize,NULL);
HMODULE hModule=GetModuleHandleA("kernel32.dll");
LPTHREAD_START_ROUTINE lpStartAddress=(LPTHREAD_START_ROUTINE)GetProcAddress(hModule,"LoadLibraryA");
HANDLE hThread=CreateRemoteThread(hProcess,NULL,0,lpStartAddress,lpParamAddress,0,NULL);
WaitForSingleObject(hThread,1000);
CloseHandle(hThread);
}
int main()
{
int ppid;
ppid = ::GetProcessID("lyshark.exe"); // 取出进程PID
printf("%x",&ppid);
InjectDLL(ppid,"C:\hook.dll"); // 向进程中注入dll文件
return 0;
}
C语言实现远程Dll注入
标签:bool class kernel 语言 single remote std dwr address
原文地址:https://www.cnblogs.com/LyShark/p/11066063.html
评论