zoukankan      html  css  js  c++  java
  • DLL劫持注入

    #include <Windows.h>

    #define HIJCAKDLLNAME "hijack.dll"
    HMODULE g_hModule = NULL; // 原始模块句柄

    // 获取EXE的名称
    void GetExePath(char* pExePath)
    {
    int pathlen = GetModuleFileName(NULL, pExePath, MAX_PATH);
    while(1)
    {
    if(pExePath[pathlen--]=='\')
    break;
    }
    pExePath[++pathlen] = 0;
    }

    // 加载原始模块
    void Load()
    {
    CHAR tmpPath[MAX_PATH] = {0};
    GetExePath(tmpPath);
    strcat(tmpPath,"\");
    strcat(tmpPath,HIJCAKDLLNAME);
    g_hModule = LoadLibrary(tmpPath);
    }

    // 释放原始模块
    void Free()
    {
    if (g_hModule)
    {
    FreeLibrary(g_hModule);
    }
    }

    // 获取原始函数地址
    FARPROC GetAddress(PCSTR pszProcName)
    {
    FARPROC fpAddress;
    Load();
    fpAddress = GetProcAddress(g_hModule, pszProcName);
    return fpAddress;
    }

    BOOL APIENTRY DllMain( HANDLE hModule,
    DWORD ul_reason_for_call,
    LPVOID lpReserved
    )
    {
    switch (ul_reason_for_call)
    {
    case DLL_PROCESS_ATTACH:
    MessageBox(NULL,"DLL_PROCESS_ATTACH","RemoteThread inject",MB_OK);
    break;
    case DLL_THREAD_ATTACH:
    //MessageBox(NULL,"DLL_THREAD_ATTACH","RemoteThread inject",MB_OK);
    break;
    case DLL_THREAD_DETACH:
    //MessageBox(NULL,"DLL_THREAD_DETACH","RemoteThread inject",MB_OK);
    break;
    case DLL_PROCESS_DETACH:
    //Free();
    MessageBox(NULL,"DLL_PROCESS_DETACH","RemoteThread inject",MB_OK);
    break;
    }

    return TRUE;
    }

    // 导出函数,转发方式
    //#pragma comment(linker, "/EXPORT:add=hijack.add,@1")

    // 直接调用方式
    // #pragma comment(linker, "/EXPORT:add=_myadd,@1")
    // typedef int (__cdecl *lpFun)(int, int);
    // int __cdecl myadd(int x, int y)
    // {
    // // 获取了原函数的地址
    // lpFun myFun = (lpFun)GetAddress("add");
    // return myFun(x,y);
    // }

  • 相关阅读:
    TI CC2541的整体目标
    TI CC2541的GPIO引脚设置.
    E2PROM与Flash的引脚图
    TI BLE CC2541的通讯协议.
    TI BLE CC2541的I2C主模式
    Charles如何抓取电脑上的请求的https数据包
    Charles如何抓取手机上的请求的https数据包
    谷歌浏览器chrome调试H5页面 如果添加cookie?
    Unity 好坑的Save Scene
    Unity 官网教程 -- Multiplayer Networking
  • 原文地址:https://www.cnblogs.com/15157737693zsp/p/3857785.html
Copyright © 2011-2022 走看看