将C ++ DLL,Injection(C#)转换为一个进程 [英] C++ DLL, Injection (C#) into a process
本文介绍了将C ++ DLL,Injection(C#)转换为一个进程的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
大家好。
我在编写工具时遇到了很大的问题。
我尝试注入一个C ++ DLL (32位)进入32位进程但DLL没有正确注入。
DLL 100%正常工作。用C ++ Injector测试它。
这是我的注射码:
Hello all.
I''ve encountered a huge problem while programming a tool.
I try to inject a C++ DLL (32bit) into a 32bit process but the DLL does not get injected properly.
The DLL is 100% working. Tested it with a C++ Injector.
This is my injection code:
<code>protected void adjustDebugPriv(int pid)
{
IntPtr hProcess = OpenProcess(ProcessAccess.AllAccess, false, pid);
if (IntPtr.Zero == hProcess)
{
throw new Exception("Cann't open process.");
}
TOKEN_PRIVILEGES tp = new TOKEN_PRIVILEGES();
tp.PrivilegeCount = 1;
tp.Attributes = SE_NAMES.SE_PRIVILEGE_ENABLED;
if (!API.LookupPrivilegeValue(null, SE_NAMES.SE_DEBUG_NAME, out tp.Luid))
{
API.CloseHandle(hProcess);
throw new Exception("Cann't lookup value");
}
IntPtr hToken;
if (!API.OpenProcessToken(hProcess, TOKEN_ACCESS.TOKEN_ADJUST_PRIVILEGES, out hToken))
{
API.CloseHandle(hProcess);
throw new Exception("Cann't open process token value");
}
if (!API.AdjustTokenPrivileges(hToken, false, ref tp, 0, IntPtr.Zero, IntPtr.Zero))
{
API.CloseHandle(hProcess);
API.CloseHandle(hToken);
throw new Exception("Cann't AdjustTokenPrivileges");
}
API.CloseHandle(hProcess);
API.CloseHandle(hToken);
}
public bool Inject()
{
UIntPtr bytesout;
IntPtr bytesout2;
Int32 LenWrite = dllFilePath.Length + 1;
ASCIIEncoding enc = new ASCIIEncoding();
adjustDebugPriv(procID);
IntPtr hProcess = OpenProcess(ProcessAccess.AllAccess, false, procID);
if (hProcess == null)
return false;
IntPtr AllocMem = (IntPtr)VirtualAllocEx(hProcess, (IntPtr)null, (uint)LenWrite, 0x1000, 0x40);
if (AllocMem == null)
return false;
bool wpm = WriteProcessMemory(hProcess, AllocMem, enc.GetBytes(dllFilePath), (uint)LenWrite, out bytesout);
if (!wpm)
return false;
UIntPtr Injector = (UIntPtr)GetProcAddress(API.GetModuleHandle("kernel32.dll"), "LoadLibraryA");
if (Injector == null)
return false;
IntPtr hThread = (IntPtr)CreateRemoteThread(hProcess, (IntPtr)null, 0, Injector, AllocMem, 0, out bytesout2);
if (hThread == null)
return false;
uint Result = API.WaitForSingleObject(hThread,10 * 10000);
if (Result == 0x00000080L || Result == 0x00000102L || Result == 0xFFFFFFFF)
{
if (hThread != null)
API.CloseHandle(hThread);
return false;
}
Thread.Sleep(1000);
API.VirtualFreeEx(hProcess, AllocMem, 0, FreeType.Release);
if (hThread != null)
API.CloseHandle(hThread);
return true;
}</code>
我希望你能帮助我。
问候。
I hope you can help me.
Greetings.
推荐答案
告诉我钩子为什么不被执行。 DLL加载正常。
编辑:搞定了。 VS11被窃听。代码在VS10中正常运行。
Telling me why the hook does not get executed. DLL is loaded fine.
Got it working. VS11 is bugged. Code is running fine in VS10.
这篇关于将C ++ DLL,Injection(C#)转换为一个进程的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文