用户登陆
站点日历
日志搜索
站点统计
最新评论
友情链接
其他信息
DWORD Bind(HANDLE hProcess, PCTSTR ptzPath)
{
DWORD dwResult = 0;
PVOID pvRemote = NULL;
HANDLE hThread = NULL;
do
{
if (hProcess == NULL)
{
dwResult = 1;
break;
}
DWORD dwSize =(lstrlen(ptzPath) + 1) * sizeof(TCHAR);
pvRemote = VirtualAllocEx(hProcess, NULL, dwSize, MEM_COMMIT, PAGE_READWRITE);
if (pvRemote == NULL)
{
dwResult = 2;
break;
}
if (!WriteProcessMemory(hProcess, pvRemote, ptzPath, dwSize, NULL))
{
dwResult = 3;
break;
}
PTHREAD_START_ROUTINE pfnLoadLibraryW =
(PTHREAD_START_ROUTINE) GetProcAddress(GetModuleHandle(TEXT("Kernel32.dll")), STR_LoadLibrary);
if (pfnLoadLibraryW == NULL)
{
dwResult = 4;
break;
}
hThread = CreateRemoteThread(hProcess, NULL, 0, pfnLoadLibraryW, pvRemote, 0, NULL);
if (hThread == NULL)
{
dwResult = 5;
break;
}
WaitForSingleObject(hThread, INFINITE);
}
while (FALSE);
if (hThread)
{
CloseHandle(hThread);
}
if (pvRemote)
{
VirtualFreeEx(hProcess, pvRemote, 0, MEM_RELEASE);
}
if (hProcess)
{
CloseHandle(hProcess);
}
return dwResult;
}
 进程注入的代码 |
获取指定内存所在的模块、当前模块、当前函数的返回模块 
|
 加载DLL注入到目标进程
| |
| [ 发布日期:19年前 (2005-12-07) ] [ 来自:本站原创 ] | [分类:C\C++相关] |
[ 分类:C\C++相关
| 查看:1227 ]
上一篇: 进程注入的代码
进程注入的代码
暂时没有评论,快来发表一个评论吧。
| 发表评论 |
