|
|
|
欢迎您注册加入!这里有您将更精采!
您需要 登录 才可以下载或查看,没有账号?注册
x
LoadLib函数返回值为Boolean型。参数一:类型DWORD型,目标进程标识(pid);参数二:类型string型,被注入的DLL路径。- //DLL远程注入
- function LoadLib(dwPID:DWORD;DLLPath:string):Boolean;
- var
- dw:DWORD;
- hProcess:THandle;
- hThread:THandle;
- lpszRemoteFiles:LPWSTR;
- pfnThreadRtn:Pointer;
- LibPath:LPWSTR;
- begin
- LibPath:=StringToOleStr(DLLPath);
- hProcess:=OpenProcess(PROCESS_ALL_ACCESS,False,dwPID);
- Result:=False;
- if hProcess=0 then
- begin
- MessageBox(0,PChar('Unable OpenProcess,fail! error:'+ IntToStr(GetLastError)),'error',MB_OK+ MB_ICONERROR);
- Exit;
- end;
- lpszRemoteFiles:=LPWSTR(VirtualAllocEx(hProcess,nil,sizeof(WCHAR)*lstrlenW(LibPath)+1,MEM_COMMIT, PAGE_READWRITE));
- if lpszRemoteFiles=nil then
- begin
- MessageBox(0,PChar('Unable Apply Space,fail! error:'+ IntToStr(GetLastError)),'error',MB_OK+ MB_ICONERROR);
- Exit;
- end;
- if WriteProcessMemory(hProcess,lpszRemoteFiles,LibPath,sizeof(WCHAR)*lstrlenW(LibPath)+1,dw)=False then
- begin
- MessageBox(0,PChar('Unable Write Adderss,fail! error:'+ IntToStr(GetLastError)),'error',MB_OK+ MB_ICONERROR);
- Exit;
- end;
- pfnThreadRtn:=GetProcAddress(GetModuleHandle('Kernel32.dll'),'LoadLibraryW');
- if pfnThreadRtn=nil then
- begin
- MessageBox(0,PChar('Unable Get Function Adderss,fail! error:'+ IntToStr(GetLastError)),'error',MB_OK+ MB_ICONERROR);
- Exit;
- end;
- hThread:=CreateRemoteThread(hProcess,nil,0,pfnThreadRtn,lpszRemoteFiles,0,dw);
- if hThread=0 then Exit;
- WaitForSingleObject(hThread,INFINITE);
- VirtualFreeEx(hProcess,lpszRemoteFiles,0,MEM_RELEASE);
- CloseHandle(hThread);
- CloseHandle(hProcess);
- Result:=True;
- end;
- if LoadLib(目标进行ID,DLL路径)=True then form.Close ;
|
|
|Archiver|手机版|小黑屋|联系我们|宝峰科技
( 
滇公网安备 53050202000040号 | 滇ICP备09007156号-2 )
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
我也希望能够看到源码。