远程注入
来源:互联网 发布:淘宝女鞋货到付款秋鞋 编辑:程序博客网 时间:2024/05/16 11:23
void __fastcall InjectToRemoteProcess(DWORD dwProcessId,PVOID funcStart,PVOID funcEnd,void * pParam,DWORD dwParamSize)
{
HANDLE hRemoteProcess=NULL; //remote process will be injected
HANDLE hRemoteThread=NULL; //injected thread!
DWORD dwThreadSize=0;
PVOID pRemoteThread=NULL;
PVOID pRemoteParam=NULL;
DWORD dwWriten=0;
BOOL bRet=FALSE;
EnablePrivilege(SE_DEBUG_NAME,true);//up Privilege
hRemoteProcess = OpenProcess(PROCESS_ALL_ACCESS,false,dwProcessId);
if(hRemoteProcess == NULL)
{
MessageBox(NULL,"Failed to Open Process","Open Process Error",MB_OK | MB_APPLMODAL|MB_ICONWARNING);
return;
}
if (0 != dwParamSize)
{
pRemoteParam = VirtualAllocEx(hRemoteProcess,NULL,dwParamSize,MEM_COMMIT,PAGE_READWRITE); //alloc memory space for param!
if(pRemoteParam == NULL)
{
MessageBox(NULL,"Failed to Allocate Memory at Remote Process for Param","Alloc Memory Error!",MB_OK | MB_APPLMODAL | MB_ICONWARNING);
return;
}
bRet = WriteProcessMemory(hRemoteProcess,pRemoteParam,pParam,dwParamSize,&dwWriten); //write param to remote alloced space!
if(!bRet)
{
MessageBox(NULL,"Failed to Write Param to Remote Process",NULL,MB_OK | MB_APPLMODAL | MB_ICONWARNING);
return;
}
}
dwThreadSize = (int)funcEnd - (int)funcStart+2048; //cal remote function need size!
pRemoteThread = VirtualAllocEx(hRemoteProcess,NULL,dwThreadSize,MEM_COMMIT,PAGE_READWRITE); //alloc memory for remote thread!
if(pRemoteThread == NULL)
{
MessageBox(NULL,"Failed to Allocate Memory at Remote Process for Thread Code",NULL,MB_OK | MB_APPLMODAL | MB_ICONWARNING);
return;
}
bRet = WriteProcessMemory(hRemoteProcess,pRemoteThread,(LPVOID)funcStart,dwThreadSize,&dwWriten); //write function to remote memory space!
if(!bRet)
{
MessageBox(NULL,"Failed to Write Thread Code to Remote Process",NULL,MB_OK | MB_APPLMODAL | MB_ICONWARNING);
return;
}
hRemoteThread = CreateRemoteThread(hRemoteProcess,0,0,(DWORD(__stdcall *)(VOID*))pRemoteThread,pRemoteParam,0,&dwWriten);
EnablePrivilege(SE_DEBUG_NAME,false); //down Privilege
}
http://pgy12345.googlepages.com/inject
- 远程注入
- 远程注入
- 远程注入
- 远程注入
- 线程的远程注入
- 远程线程注入代码
- 远程注入代码
- C++:远程注入DLL
- 远程注入线程
- zz - DLL远程注入
- 学习:DLL远程注入
- 远程dll注入 C#
- DLL远程注入实践
- 远程线程注入
- 线程远程注入
- 线程的远程注入
- 线程远程注入
- createremotethread()远程注入dll
- 匹配IP字串、域名的正则表达式
- 静态页面自动生成工具下载
- 域名A记录,MX记录,CNAME记录解释
- Sun:技術的天才,藝術的庸才,商業的人才
- Window环境下安装GDAL库的方法
- 远程注入
- Server Application Error解决方法
- GT4 开发:将 Storage Resource Broker 与 Jakarta Commons Virtual File System 集成在一起
- OSS/J API研究报告
- Windows CE 5.0 数据类型大全
- 微软C/C++ 编译器选项参考
- Cache is King
- WebSphere Portal V6.0 中的搜索和索引 API 简介
- 得到一组数字的随机顺序