在win7上面写了个dll注入工具,调试没有问题就是注入不上去,求助
voidCsqdllDlg::OnBnClickedButton1()//注入{//TODO:Addyourcontrolnotificationhandlercodeh...
void CsqdllDlg::OnBnClickedButton1()//注入
{
// TODO: Add your control notification handler code here
int pid;
CString char_pid,dllname;
m_UID.GetWindowText(char_pid);
m_DllNames.GetWindowText(dllname);
pid=atoi(char_pid);
InjectDll((DWORD)pid, (LPSTR)(LPCTSTR)dllname);
}
void CsqdllDlg::OnBnClickedButton2()//卸载
{
// TODO: Add your control notification handler code here
int pid;
CString char_pid,dllname;
m_UID.GetWindowText(char_pid);
m_DllNames.GetWindowText(dllname);
pid=atoi(char_pid);
UnInjectDll((DWORD)pid, (LPSTR)(LPCTSTR)dllname);
}
void CsqdllDlg::InjectDll(DWORD dwPid, char * szDllName)//注入
{
if (dwPid==0||strlen(szDllName)==0)
{
return ;
}
char *pFunName="LoadLibraryA";//载入dll
HANDLE hProcess=OpenProcess(PROCESS_ALL_ACCESS,FALSE,dwPid);//开启进程,获取全部权限
if (hProcess==NULL)
{
return ;
}
int nDllLen=strlen(szDllName)+sizeof(char);
PVOID pDllAddr=VirtualAllocEx(hProcess,NULL,nDllLen,MEM_COMMIT,PAGE_READWRITE);//申请内存(虚拟的),为特定的页面区域分配内存中或磁盘的页面文件中的物理存储,区域包含可被系统执行的代码。试图读写该区域的操作将被拒绝
if (pDllAddr==NULL)
{
CloseHandle(hProcess);
return ;
}
DWORD dwWriteNum=0;
WriteProcessMemory(hProcess,pDllAddr,szDllName,nDllLen,&dwWriteNum);//写入dll地址
FARPROC pFunAddr=GetProcAddress(GetModuleHandle("kernel32.dll"),pFunName);//获取载入函数地址
HANDLE hThread=CreateRemoteThread(hProcess,NULL,0,(LPTHREAD_START_ROUTINE)pFunAddr,pDllAddr,0,NULL);//远程线程
WaitForSingleObject(hThread,INFINITE);//检测信号状态
CloseHandle(hThread);
CloseHandle(hProcess);
}
void CsqdllDlg::UnInjectDll(DWORD dwPid, char * szDllName)//卸载
{
HANDLE hSnap=CreateToolhelp32Snapshot(TH32CS_SNAPMODULE,dwPid);//获取系统快照
MODULEENTRY32 Me32={0};
Me32.dwSize=sizeof(MODULEENTRY32);
BOOL bRet=Module32First(hSnap,&Me32);//遍历进程,获取进程信息
while(bRet)
{
if (strcmp(Me32.szExePath,szDllName)==0)
{
break;
}
bRet=Module32Next(hSnap,&Me32);//
}
CloseHandle(hSnap);
char *pFunName="FreeLibrary";//卸载dll
HANDLE hProcess=OpenProcess(PROCESS_ALL_ACCESS,FALSE,dwPid);
FARPROC pFunAddr =GetProcAddress(GetModuleHandle("kernel32.dll"),pFunName);
HANDLE hThread=CreateRemoteThread(hProcess,NULL,0,(LPTHREAD_START_ROUTINE)pFunAddr,Me32.hModule,0,NULL);
WaitForSingleObject(hThread,INFINITE);
CloseHandle(hThread);
CloseHandle(hProcess);
} 展开
{
// TODO: Add your control notification handler code here
int pid;
CString char_pid,dllname;
m_UID.GetWindowText(char_pid);
m_DllNames.GetWindowText(dllname);
pid=atoi(char_pid);
InjectDll((DWORD)pid, (LPSTR)(LPCTSTR)dllname);
}
void CsqdllDlg::OnBnClickedButton2()//卸载
{
// TODO: Add your control notification handler code here
int pid;
CString char_pid,dllname;
m_UID.GetWindowText(char_pid);
m_DllNames.GetWindowText(dllname);
pid=atoi(char_pid);
UnInjectDll((DWORD)pid, (LPSTR)(LPCTSTR)dllname);
}
void CsqdllDlg::InjectDll(DWORD dwPid, char * szDllName)//注入
{
if (dwPid==0||strlen(szDllName)==0)
{
return ;
}
char *pFunName="LoadLibraryA";//载入dll
HANDLE hProcess=OpenProcess(PROCESS_ALL_ACCESS,FALSE,dwPid);//开启进程,获取全部权限
if (hProcess==NULL)
{
return ;
}
int nDllLen=strlen(szDllName)+sizeof(char);
PVOID pDllAddr=VirtualAllocEx(hProcess,NULL,nDllLen,MEM_COMMIT,PAGE_READWRITE);//申请内存(虚拟的),为特定的页面区域分配内存中或磁盘的页面文件中的物理存储,区域包含可被系统执行的代码。试图读写该区域的操作将被拒绝
if (pDllAddr==NULL)
{
CloseHandle(hProcess);
return ;
}
DWORD dwWriteNum=0;
WriteProcessMemory(hProcess,pDllAddr,szDllName,nDllLen,&dwWriteNum);//写入dll地址
FARPROC pFunAddr=GetProcAddress(GetModuleHandle("kernel32.dll"),pFunName);//获取载入函数地址
HANDLE hThread=CreateRemoteThread(hProcess,NULL,0,(LPTHREAD_START_ROUTINE)pFunAddr,pDllAddr,0,NULL);//远程线程
WaitForSingleObject(hThread,INFINITE);//检测信号状态
CloseHandle(hThread);
CloseHandle(hProcess);
}
void CsqdllDlg::UnInjectDll(DWORD dwPid, char * szDllName)//卸载
{
HANDLE hSnap=CreateToolhelp32Snapshot(TH32CS_SNAPMODULE,dwPid);//获取系统快照
MODULEENTRY32 Me32={0};
Me32.dwSize=sizeof(MODULEENTRY32);
BOOL bRet=Module32First(hSnap,&Me32);//遍历进程,获取进程信息
while(bRet)
{
if (strcmp(Me32.szExePath,szDllName)==0)
{
break;
}
bRet=Module32Next(hSnap,&Me32);//
}
CloseHandle(hSnap);
char *pFunName="FreeLibrary";//卸载dll
HANDLE hProcess=OpenProcess(PROCESS_ALL_ACCESS,FALSE,dwPid);
FARPROC pFunAddr =GetProcAddress(GetModuleHandle("kernel32.dll"),pFunName);
HANDLE hThread=CreateRemoteThread(hProcess,NULL,0,(LPTHREAD_START_ROUTINE)pFunAddr,Me32.hModule,0,NULL);
WaitForSingleObject(hThread,INFINITE);
CloseHandle(hThread);
CloseHandle(hProcess);
} 展开
2个回答
展开全部
vista以后加入了 session 0隔离,就是你应用程序和系统的进程间是相隔离的 不在一个session会话中,所以一般都不会注入成功。。
追问
我是往一个应用程序里面进行注入啊,就往一个打开文本文档的程序注入,两个都是应用程序呀,为什么也注入不了,我用的是win7
追答
。你getlasterror 看看哪个函数出问题
本回答由提问者推荐
已赞过
已踩过<
评论
收起
你对这个回答的评价是?
推荐律师服务:
若未解决您的问题,请您详细描述您的问题,通过百度律临进行免费专业咨询
