Добавил:
Kaz
Опубликованный материал нарушает ваши авторские права? Сообщите нам.
Вуз:
Предмет:
Файл:
#include "stdafx.h"
#include <windows.h>
#include <iostream>
#include <windowsx.h>
#include <stdio.h>
#include <tchar.h>
#include <malloc.h>
#include <TlHelp32.h>
#include <StrSafe.h>
using namespace std;
BOOL WINAPI InjectLibW(HANDLE hProcess, PCWSTR pszLibFile)
{
BOOL bOk = FALSE;
HANDLE hThread = NULL;
PWSTR pszLibFileRemote = NULL;
__try
{
if (hProcess == NULL)
__leave;
int cch = 1 + lstrlenW(pszLibFile);
int cb = cch * sizeof(wchar_t);
pszLibFileRemote = (PWSTR)
VirtualAllocEx(hProcess, NULL, cb, MEM_COMMIT, PAGE_READWRITE);
if (pszLibFileRemote == NULL)
__leave;
if (!WriteProcessMemory(hProcess, pszLibFileRemote,(PVOID)pszLibFile, cb, NULL))
__leave;
PTHREAD_START_ROUTINE pfnThreadRtn = (PTHREAD_START_ROUTINE)
GetProcAddress(GetModuleHandle(TEXT("Kernel32")), "LoadLibraryW");
if (pfnThreadRtn == NULL) __leave;
hThread = CreateRemoteThread(hProcess, NULL, 0, pfnThreadRtn, pszLibFileRemote, 0, NULL);
if (hThread == NULL) __leave;
WaitForSingleObject(hThread, INFINITE);
bOk = TRUE;
}
__finally
{
if (pszLibFileRemote != NULL)
VirtualFreeEx(hProcess, pszLibFileRemote, 0, MEM_RELEASE);
if (hThread != NULL)
CloseHandle(hThread);
if (hProcess != NULL)
CloseHandle(hProcess);
}
return(bOk);
}
int _tmain(int argc, _TCHAR* argv[])
{
if (argc >= 2)
{
STARTUPINFO si = { sizeof(si) };
SECURITY_ATTRIBUTES saProcess, saThread;
PROCESS_INFORMATION piProcess;
saProcess.nLength = sizeof(saProcess);
saProcess.lpSecurityDescriptor = NULL;
saProcess.bInheritHandle = TRUE;
saThread.nLength = sizeof(saThread);
saThread.lpSecurityDescriptor = NULL;
saThread.bInheritHandle = FALSE;
TCHAR szPath[] = L"";
if (CreateProcessW(argv[1], szPath, &saProcess, &saThread, FALSE, 0, NULL, NULL, &si, &piProcess))
cout<<"Process starts\n";
else
cout<<"Process name is incorrect\n";
// CreateProcessW(L"C:\\WINDOWS\\SYSTEM32\\NOTEPAD.EXE", szPath, &saProcess, &saThread, FALSE, 0, NULL, NULL, &si, &piProcess);
// CreateProcessW(L"C:\\WINDOWS\\REGEDIT.EXE", szPath, &saProcess, &saThread, FALSE, 0, NULL, NULL, &si, &piProcess);
//if (InjectLibW(piProcess.hProcess, L"e:\\Projects\\Spy\\Spy\\DLL\\Debug\\HookDll.dll"))
if (InjectLibW(piProcess.hProcess, L"HookDll.dll"))
cout<<"Dll injected successfully";
else
cout<<"Injecting unsuccessfull";
}
else
cout<<"Too few arguments\n";
return 0;
}
Соседние файлы в папке Spy