#include "stdafx.h"
#include <windows.h>
#include <iostream>
#include <windowsx.h>
#include <stdio.h>
#include <tchar.h>
#include <malloc.h>       
#include <TlHelp32.h>
#include <StrSafe.h>

using namespace std;

BOOL WINAPI InjectLibW(HANDLE hProcess, PCWSTR pszLibFile) 
{
	BOOL bOk = FALSE; 
	HANDLE hThread = NULL;
	PWSTR pszLibFileRemote = NULL;

	__try 
	{
		if (hProcess == NULL)
			__leave;

		int cch = 1 + lstrlenW(pszLibFile);
		int cb  = cch * sizeof(wchar_t);

		pszLibFileRemote = (PWSTR) 
			VirtualAllocEx(hProcess, NULL, cb, MEM_COMMIT, PAGE_READWRITE);
		if (pszLibFileRemote == NULL) 
			__leave;

		if (!WriteProcessMemory(hProcess, pszLibFileRemote,(PVOID)pszLibFile, cb, NULL)) 
			__leave;

		PTHREAD_START_ROUTINE pfnThreadRtn = (PTHREAD_START_ROUTINE)
		GetProcAddress(GetModuleHandle(TEXT("Kernel32")), "LoadLibraryW");
		if (pfnThreadRtn == NULL) __leave;

		hThread = CreateRemoteThread(hProcess, NULL, 0, pfnThreadRtn, pszLibFileRemote, 0, NULL);
		if (hThread == NULL) __leave;

		WaitForSingleObject(hThread, INFINITE);
		bOk = TRUE; 
	}
	__finally 
	{ 
		if (pszLibFileRemote != NULL) 
			VirtualFreeEx(hProcess, pszLibFileRemote, 0, MEM_RELEASE);
		if (hThread  != NULL) 
			CloseHandle(hThread);
		if (hProcess != NULL) 
			CloseHandle(hProcess);
	}
	return(bOk);
}

int _tmain(int argc, _TCHAR* argv[])
{
	if (argc >= 2)
	{
		STARTUPINFO si = { sizeof(si) };
		SECURITY_ATTRIBUTES saProcess, saThread;
		PROCESS_INFORMATION piProcess;
		saProcess.nLength = sizeof(saProcess);
		saProcess.lpSecurityDescriptor = NULL;
		saProcess.bInheritHandle = TRUE;
		saThread.nLength = sizeof(saThread);
		saThread.lpSecurityDescriptor = NULL;
		saThread.bInheritHandle = FALSE;
		TCHAR szPath[] = L"";

		if (CreateProcessW(argv[1], szPath, &saProcess, &saThread, FALSE, 0, NULL, NULL, &si, &piProcess))
			cout<<"Process starts\n";
		else 
			cout<<"Process name is incorrect\n";
//		CreateProcessW(L"C:\\WINDOWS\\SYSTEM32\\NOTEPAD.EXE", szPath, &saProcess, &saThread, FALSE, 0, NULL, NULL, &si, &piProcess);
//		CreateProcessW(L"C:\\WINDOWS\\REGEDIT.EXE", szPath, &saProcess, &saThread, FALSE, 0, NULL, NULL, &si, &piProcess);
		//if (InjectLibW(piProcess.hProcess, L"e:\\Projects\\Spy\\Spy\\DLL\\Debug\\HookDll.dll"))
if (InjectLibW(piProcess.hProcess, L"HookDll.dll"))
			cout<<"Dll injected successfully";
		else
			cout<<"Injecting unsuccessfull";
	}
	else
		cout<<"Too few arguments\n";
	return 0;
}
Соседние файлы в папке Spy
  • #
    15.06.201436.09 Кб611.txt
  • #
    15.06.20141.28 Кб58ReadMe.txt
  • #
    15.06.20142.52 Кб57Spy.cpp
  • #
    15.06.20147.74 Кб57Spy.cpp~RF184ebb.TMP
  • #
    15.06.20147.67 Кб57Spy.cpp~RF20258a.TMP
  • #
    15.06.20148.06 Кб57Spy.cpp~RF258a26.TMP
  • #
    15.06.20148.09 Кб57Spy.cpp~RF3f0168.TMP
  • #
    15.06.20142.54 Кб57Spy.cpp~RF6da101.TMP