DLL注入问题 [英] DLL Injection problem
本文介绍了DLL注入问题的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
下午好
我正在尝试将DLL注入到进程中,但是当注入DLL时,代码无法运行
DLL代码
Good Afternoon
I''m trying to inject a DLL into a process but when the dll is injected the code isn''t run
DLL code
#ifndef _DLLTEST_H_
#define _DLLTEST_H_
#include <stdio.h>
#include <windows.h>
#include <stdlib.h>
extern "C" __declspec(dllexport) void NumberList();
#endif
其余的dll代码
The rest of the dll code
#include "dlltest.h"
#define MAXMODULE 50
char module[MAXMODULE];
extern "C" __declspec(dllexport)
void NumberList()
{
FILE *f=fopen("C:\\asd.txt","w");
}
使用Visual C ++ 2010创建的DLL
DLL注入程序代码
DLL created with Visual C++ 2010
DLL injector code
unsigned long GetTargetProcessIdFromProcname(char *procName)
{
PROCESSENTRY32 pe;
HANDLE thSnapshot;
BOOL retval, ProcFound = 0;
thSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
if(thSnapshot == INVALID_HANDLE_VALUE)
{
puts("Erro");
return 0;
}
pe.dwSize = sizeof(PROCESSENTRY32);
retval = Process32First(thSnapshot, &pe);
while(retval)
{
if(strstr(pe.szExeFile, procName) )
{
ProcFound = 1;
break;
}
retval = Process32Next(thSnapshot,&pe);
pe.dwSize = sizeof(PROCESSENTRY32);
}
return pe.th32ProcessID;
}
main()
{
unsigned long id;
DWORD *pid;
HANDLE hd;
LPVOID gp,rs;
gp=(LPVOID)GetProcAddress(GetModuleHandle("kernel32.dll"), "LoadLibraryA");
id=GetTargetProcessIdFromProcname(PROCESS_NAME);
hd=OpenProcess(PROCESS_ALL_ACCESS, FALSE, id);
rs=(LPVOID)VirtualAllocEx(hd, NULL, strlen(DLL_NAME), MEM_RESERVE|MEM_COMMIT, PAGE_READWRITE);
if(!WriteProcessMemory(hd, (LPVOID)rs, DLL_NAME, strlen(DLL_NAME), NULL))
puts("error 1");
if(!CreateRemoteThread(hd, NULL, 0, (LPTHREAD_START_ROUTINE)gp, (LPVOID)rs, 0, NULL))
puts("error 2");
system("pause");
}
需要帮助
Need help
推荐答案
将dll注入进程时会调用DllMain.因此,当fdwReason为<dll_process_attach></dll_process_attach>
时,应在DllMain中调用代码 参见 DllMain入口点 [
DllMain is invoked when you inject the dll into the process. So you should call your code in DllMain whenfdwReasonis<dll_process_attach></dll_process_attach>
see DllMain Entry Point[^]
这篇关于DLL注入问题的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
