zoukankan      html  css  js  c++  java
  • DLL劫持注入

    #include <Windows.h>

    #define HIJCAKDLLNAME "hijack.dll"
    HMODULE g_hModule = NULL; // 原始模块句柄

    // 获取EXE的名称
    void GetExePath(char* pExePath)
    {
    int pathlen = GetModuleFileName(NULL, pExePath, MAX_PATH);
    while(1)
    {
    if(pExePath[pathlen--]=='\')
    break;
    }
    pExePath[++pathlen] = 0;
    }

    // 加载原始模块
    void Load()
    {
    CHAR tmpPath[MAX_PATH] = {0};
    GetExePath(tmpPath);
    strcat(tmpPath,"\");
    strcat(tmpPath,HIJCAKDLLNAME);
    g_hModule = LoadLibrary(tmpPath);
    }

    // 释放原始模块
    void Free()
    {
    if (g_hModule)
    {
    FreeLibrary(g_hModule);
    }
    }

    // 获取原始函数地址
    FARPROC GetAddress(PCSTR pszProcName)
    {
    FARPROC fpAddress;
    Load();
    fpAddress = GetProcAddress(g_hModule, pszProcName);
    return fpAddress;
    }

    BOOL APIENTRY DllMain( HANDLE hModule,
    DWORD ul_reason_for_call,
    LPVOID lpReserved
    )
    {
    switch (ul_reason_for_call)
    {
    case DLL_PROCESS_ATTACH:
    MessageBox(NULL,"DLL_PROCESS_ATTACH","RemoteThread inject",MB_OK);
    break;
    case DLL_THREAD_ATTACH:
    //MessageBox(NULL,"DLL_THREAD_ATTACH","RemoteThread inject",MB_OK);
    break;
    case DLL_THREAD_DETACH:
    //MessageBox(NULL,"DLL_THREAD_DETACH","RemoteThread inject",MB_OK);
    break;
    case DLL_PROCESS_DETACH:
    //Free();
    MessageBox(NULL,"DLL_PROCESS_DETACH","RemoteThread inject",MB_OK);
    break;
    }

    return TRUE;
    }

    // 导出函数,转发方式
    //#pragma comment(linker, "/EXPORT:add=hijack.add,@1")

    // 直接调用方式
    // #pragma comment(linker, "/EXPORT:add=_myadd,@1")
    // typedef int (__cdecl *lpFun)(int, int);
    // int __cdecl myadd(int x, int y)
    // {
    // // 获取了原函数的地址
    // lpFun myFun = (lpFun)GetAddress("add");
    // return myFun(x,y);
    // }

  • 相关阅读:
    HTML--控制小人自由移动
    OC 图片圆角实现
    swift 点击button改变其内填充图片,达到选中的效果
    swift 自定义导航栏颜色
    大道至简第五章阅读笔记
    字符串动手动脑实践及凯撒密码
    大道至简第四章阅读笔记
    类与对象动手动脑实践
    用静态字段和构造函数,查询创建了多少个对象
    大道至简第三章阅读笔记
  • 原文地址:https://www.cnblogs.com/15157737693zsp/p/3857785.html
Copyright © 2011-2022 走看看