进程注入方法之 CreateRemoteThread
来源:互联网 发布:北京知产法院电话 编辑:程序博客网 时间:2024/05/23 22:22
function TForm1.InjectDll(ThreadId: DWORD; DllFilename: string): Boolean;
var
hProcess ,hThread :THandle;
pszLibFileRemote:PChar;
dwMemLen:DWORD;
dwWrited:DWORD;
pfnThreadRtn:Pointer;
dwThreadId:DWORD;
begin
Result:= FALSE; // Assume that the function fails
hProcess :=0;
hThread :=0;
try
// Get a handle for the target process.
hProcess := OpenProcess(
PROCESS_QUERY_INFORMATION or // Required by Alpha
PROCESS_CREATE_THREAD or // For CreateRemoteThread
PROCESS_VM_OPERATION or // For VirtualAllocEx/VirtualFreeEx
PROCESS_VM_WRITE, // For WriteProcessMemory
FALSE, ThreadId);
if (hProcess =0) then
Exit;
dwMemLen :=1 + Length(DllFilename);
// Allocate space in the remote process for the pathname
pszLibFileRemote := VirtualAllocEx(hProcess, nil, dwMemLen , MEM_COMMIT, PAGE_READWRITE);
if (pszLibFileRemote = nil) then
Exit;
// Copy the DLL's pathname to the remote process's address space
if ( not WriteProcessMemory(hProcess, pszLibFileRemote,
PChar( DllFilename), dwMemLen, dwWrited)) then
Exit;
// Get the real address of LoadLibraryW in Kernel32.dll
pfnThreadRtn := GetProcAddress( GetModuleHandle('Kernel32.dll'), 'LoadLibraryA');
if (pfnThreadRtn =nil) then
Exit;
// Create a remote thread that calls LoadLibraryW(DLLPathname)
hThread := CreateRemoteThread(hProcess, nil, 0,
pfnThreadRtn, pszLibFileRemote, 0, dwThreadId);
if (hThread =0) then
Exit;
Result:=True;
finally // Now, we can clean everthing up
// Free the remote memory that contained the DLL's pathname
if (pszLibFileRemote <>nil) then
VirtualFreeEx(hProcess, pszLibFileRemote, 0, MEM_RELEASE);
if (hThread <>0) then
CloseHandle(hThread);
if (hProcess <>0) then
CloseHandle(hProcess);
end;
end;
- 进程注入方法之 CreateRemoteThread
- DLL注入之CreateRemoteThread
- DLL注入练习之远程注入-CreateRemoteThread()
- DLL注入大法—之CreateRemoteThread
- 进程注入方法之 hook
- CreateRemoteThread远程线程向其他进程注入线程
- 转:DLL注入大法—之CreateRemoteThread法
- createremotethread()远程注入dll
- CreateRemoteThread注入NOTEPAD
- CreateRemoteThread LoadLibrary 注入DLL
- 进程注入技术:CreateRemoteThread 和 LoadLibrary技术的步骤 (非dll注入)
- CreateRemoteThread远程注入 使用例子
- 远程线程注入与CreateRemoteThread
- Delphi利用CreateRemoteThread远程注入
- CreateRemoteThread远程注入 使用例子
- CreateRemoteThread 直接注入代码执行
- 进程注入方法
- 进程注入方法
- Linux SCP 命令
- 1.有3个人去投宿,
- 安装 phpwind-wamp-4.8.zip 时出现错误: Errors reported here must be corrected 错误
- 【转帖】缩小mysql数据库的ibdata1文件
- google map 上的新乡坐标(35.30, 113.89)
- 进程注入方法之 CreateRemoteThread
- errors in Freetype2
- TCP: SYN ACK FIN RST PSH URG 详解【转】
- 【转帖】mysql 数据库备份及ibdata1的瘦身
- Linux未来:Linux技术热点与发展趋势分析
- 女人该读的文章
- DirectUI的初步分析(二)
- javaScript菜鸟:学习js继承后的总结(参考大师示例)
- oracle-获得DDL-建表、注释、索引、主键