剛開始學習dll注入 用的是windows鉤子 我用了SetWindowLongPtr來改變視窗的回呼函式,但是我的注入沒起作用
代碼如下:
DLL:
#include<Windows.h>
#define MYFIRSTDLL extern "C" __declspec(dllexport)
#include "firstdll.h"
HINSTANCE g_hInstance=NULL;
HHOOK g_hHook=NULL;
HWND hW=NULL;
WNDPROC lpOldProc;
int hello(int a,int b){
return (a+b);
}
BOOL WINAPI DllMain(HINSTANCE hInstance,DWORD fdwReason,PVOID fImpLoad){
switch (fdwReason)
{
case DLL_PROCESS_ATTACH:
g_hInstance=hInstance;
break;
case DLL_PROCESS_DETACH:
break;
}
return(TRUE);
}
void ahhh(){
MessageBox(NULL,TEXT("hello"),TEXT("你好"),MB_OK);
}
LRESULT CALLBACK SubclassWndProc(HWND hwnd, UINT uMsg, WPARAM wParam, LPARAM lParam)
{
switch (uMsg)
{
case WM_CLOSE:
MessageBox(NULL,TEXT("關不掉關不掉氣不氣"),TEXT("提醒"),MB_OK);
default:
break;
}
return 0;
}
LRESULT WINAPI GetMsgProc(int nCode,WPARAM wParam,LPARAM lParam){
lpOldProc = (WNDPROC)SetWindowLongPtr(hW,GWLP_WNDPROC,(LONG_PTR)SubclassWndProc);
if(lpOldProc!=NULL)
return TRUE;
else
return FALSE;
}
BOOL WINAPI SetFirstHook(DWORD dwThreadId,HWND hWnd){
g_hHook=SetWindowsHookEx(WH_GETMESSAGE,GetMsgProc,g_hInstance,dwThreadId);
hW=hWnd;
return TRUE;
}
被注入程式:
#include<Windows.h>
int WINAPI WinMain(HINSTANCE,HINSTANCE,PTSTR,int){
MessageBox(NULL,TEXT("alh"),TEXT("alh"),MB_OK);
}
注入程式:
#include<Windows.h>
#include"firstdll.h"
#pragma comment(lib,"FirstDLL.lib")
int WINAPI WinMain(HINSTANCE,HINSTANCE,PTSTR,int){
HWND Wnd=FindWindow(NULL,TEXT("alh"));
if(Wnd==NULL) MessageBox(NULL,TEXT("找不到視窗"),NULL,MB_OK);
else{
SetFirstHook(GetWindowThreadProcessId(Wnd,NULL),Wnd);
MessageBox(NULL,TEXT("注入成功"),NULL,MB_OK);
}
}
uj5u.com熱心網友回復:
你注入不成功,還是執行不成功?你確定你匯出的函式名沒問題嗎?你的代碼太多 ,有時間給你看一下轉載請註明出處,本文鏈接:https://www.uj5u.com/caozuo/101359.html
標籤:安全技術/病毒
上一篇:如何查看頁目錄表