zoukankan      html  css  js  c++  java

  • 劫持系统进程禁止打开任何进程(5)

    劫持系统进程禁止打开任何进程(5)
    windows创建进程的函数:


    把这个函数劫持之后注射到 explore.exe进程中即可。

    现在注射到印象笔记中测试:

    #include<stdio.h>
    #include<windows.h>
    #include<string.h>
    #include"detours.h"
    #pragma comment (lib ,"detours.lib" )

    BOOL(WINAPI * oldCreateProcessW)(
            LPCWSTR lpApplicationName,
            LPWSTR lpCommandLine,
            LPSECURITY_ATTRIBUTES lpProcessAttributes,
            LPSECURITY_ATTRIBUTES lpThreadAttributes,
            BOOL bInheritHandles,
            DWORD dwCreationFlags,
            LPVOID lpEnvironment,
            LPCWSTR lpCurrentDirectory,
            LPSTARTUPINFOW lpStartupInfo,
            LPPROCESS_INFORMATION lpProcessInformation
           ) = CreateProcessW;

    BOOL WINAPI newCreateProcessW(
            LPCWSTR lpApplicationName,
            LPWSTR lpCommandLine,
            LPSECURITY_ATTRIBUTES lpProcessAttributes ,
            LPSECURITY_ATTRIBUTES lpThreadAttributes ,
            BOOL bInheritHandles,
            DWORD dwCreationFlags,
            LPVOID lpEnvironment,
            LPCWSTR lpCurrentDirectory,
            LPSTARTUPINFOW lpStartupInfo ,
            LPPROCESS_INFORMATION lpProcessInformation
           ) {
           MessageBoxA(0, "系统进程已被劫持!" , "系统警告" , 0);
            return 0;
    }

    void Hook()
    {

           DetourRestoreAfterWith(); //恢复原来状态,
           DetourTransactionBegin(); //拦截开始
           DetourUpdateThread(GetCurrentThread()); //刷新当前线程
           DetourAttach(( void **)&oldCreateProcessW, newCreateProcessW); //实现函数拦截
           DetourTransactionCommit(); //拦截生效

    }

    void UnHook()
    {
           DetourTransactionBegin(); //拦截开始
           DetourUpdateThread(GetCurrentThread()); //刷新当前线程
           DetourDetach(( void **)&oldCreateProcessW, newCreateProcessW); //撤销拦截函数
           DetourTransactionCommit(); //拦截生效
    }

    _declspec(dllexport ) void go(){
           MessageBoxA(0, "系统进程劫持成功!" , "系统信息" , 0);
           int i = 0;
           while (i++ < 60){
                  Hook();
                  Sleep(1000);
           }
           UnHook();
    }

    劫持成功:

       


    打开帮助的入门指南的时候:
  • 相关阅读:
    简明python教程五----数据结构
    简明python教程四-----模块
    简明python教程三-----函数
    简明python教程二-----对象
    linux命令行与shell脚本编程 -----15控制脚本
    14.7创建临时文件
    js --- return返回值 闭包
    js --- 事件流
    git --- ! [rejected] master -> master (non-fast-forward)
    html --- bootstrap 框架 (栅格系统布局)
  • 原文地址:https://www.cnblogs.com/ZhangJinkun/p/4531484.html
Copyright © 2011-2022 走看看