zoukankan      html  css  js  c++  java
  • VB 进程间通讯

    对于进程间的 通讯有N多种方法,常见的有DDE,还有内存文件映射,管道,自定义消息,甚至WINSOCK等等很多种方法本文就内存文件映射来说下进程间的通讯.

    建立程序A代码如下

    VERSION 5.00
    Begin VB.Form Form1
       Caption         =   "Form1"
       ClientHeight    =   3090
       ClientLeft      =   60
       ClientTop       =   450
       ClientWidth     =   4680
       LinkTopic       =   "Form1"
       ScaleHeight     =   3090
       ScaleWidth      =   4680
       StartUpPosition =   3  '窗口缺省
       Begin VB.CommandButton Command1
          Caption         =   "Command1"
          Height          =   555
          Left            =   1170
          TabIndex        =   0
          Top             =   960
          Width           =   1245
       End
    End
    Attribute VB_Name = "Form1"
    Attribute VB_GlobalNameSpace = False
    Attribute VB_Creatable = False
    Attribute VB_PredeclaredId = True
    Attribute VB_Exposed = False
    Private Declare Function CreateFileMapping Lib "kernel32" Alias "CreateFileMappingA" (ByVal hFile As Long, lpFileMappigAttributes As Any, ByVal flProtect As Long, ByVal dwMaximumSizeHigh As Long, ByVal dwMaximumSizeLow As Long, ByVal lpName As String) As Long
    Private Declare Function MapViewOfFile Lib "kernel32" (ByVal hFileMappingObject As Long, ByVal dwDesiredAccess As Long, ByVal dwFileOffsetHigh As Long, ByVal dwFileOffsetLow As Long, ByVal dwNumberOfBytesToMap As Long) As Long
    Private Declare Function UnmapViewOfFile Lib "kernel32" (lpBaseAddress As Any) As Long
    Private Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As Long
    Private Declare Function GetCurrentProcess Lib "kernel32" () As Long
    Private Declare Sub CopyMemory Lib "kernel32" Alias "RtlMoveMemory" (Destination As Any, Source As Any, ByVal Length As Long)
    Private Declare Function WriteProcessMemory Lib "kernel32" (ByVal hProcess As Long, lpBaseAddress As Any, lpBuffer As Any, ByVal nSize As Long, lpNumberOfBytesWritten As Long) As Long
    Private Declare Function ReadProcessMemory Lib "kernel32" (ByVal hProcess As Long, lpBaseAddress As Any, lpBuffer As Any, ByVal nSize As Long, lpNumberOfBytesWritten As Long) As Long

    Private Type myType
        hFile As Long
        strTmp(259) As Byte
    End Type

    Private Sub Command1_Click()
        Dim hMap As Long, pMap As Long, m As myType, j As Long, h As Long, n As myType, bytes(9) As Byte
        hMap = CreateFileMapping(GetCurrentProcess, ByVal 0, 983071, 0, 256, "myTest")
        If hMap <> 0 And hMap <> -1 Then
            m.hFile = 123
            CopyMemory m.strTmp(0), ByVal "123", LenB("123")

            pMap = MapViewOfFile(hMap, 983071, 0, 0, 256)
    '       把信息写到共享的地址空间,这里也可以用下面的WriteProcessMemory是一样的道理
            CopyMemory ByVal pMap, m, Len(m)
            If pMap <> 0 Then
    '            h = WriteProcessMemory(GetCurrentProcess, ByVal pMap, m, Len(m), j)
    '            试着读数据,也可以用CopyMemory
    '            h = ReadProcessMemory(GetCurrentProcess, ByVal pMap, n, Len(n), j)
            End If
        End If
    End Sub

    然后再建立程序B源码如下:

    VERSION 5.00
    Begin VB.Form Form1
       Caption         =   "Form1"
       ClientHeight    =   3090
       ClientLeft      =   60
       ClientTop       =   450
       ClientWidth     =   4680
       LinkTopic       =   "Form1"
       ScaleHeight     =   3090
       ScaleWidth      =   4680
       StartUpPosition =   3  '窗口缺省
       Begin VB.CommandButton Command1
          Caption         =   "Command1"
          Height          =   795
          Left            =   630
          TabIndex        =   0
          Top             =   690
          Width           =   1425
       End
    End
    Attribute VB_Name = "Form1"
    Attribute VB_GlobalNameSpace = False
    Attribute VB_Creatable = False
    Attribute VB_PredeclaredId = True
    Attribute VB_Exposed = False
    Private Declare Function CreateFileMapping Lib "kernel32" Alias "CreateFileMappingA" (ByVal hFile As Long, lpFileMappigAttributes As Any, ByVal flProtect As Long, ByVal dwMaximumSizeHigh As Long, ByVal dwMaximumSizeLow As Long, ByVal lpName As String) As Long
    Private Declare Function OpenFileMapping Lib "kernel32" Alias "OpenFileMappingA" (ByVal dwDesiredAccess As Long, ByVal bInheritHandle As Long, ByVal lpName As String) As Long
    Private Declare Function MapViewOfFile Lib "kernel32" (ByVal hFileMappingObject As Long, ByVal dwDesiredAccess As Long, ByVal dwFileOffsetHigh As Long, ByVal dwFileOffsetLow As Long, ByVal dwNumberOfBytesToMap As Long) As Long
    Private Declare Function UnmapViewOfFile Lib "kernel32" (lpBaseAddress As Any) As Long
    Private Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As Long
    Private Declare Function GetCurrentProcess Lib "kernel32" () As Long
    Private Declare Sub CopyMemory Lib "kernel32" Alias "RtlMoveMemory" (Destination As Any, Source As Any, ByVal Length As Long)
    Private Declare Function ReadProcessMemory Lib "kernel32" (ByVal hProcess As Long, lpBaseAddress As Any, lpBuffer As Any, ByVal nSize As Long, lpNumberOfBytesWritten As Long) As Long
    Private Declare Function OpenProcess Lib "kernel32" (ByVal dwDesiredAccess As Long, ByVal bInheritHandle As Long, ByVal dwProcessId As Long) As Long
    Private Type myType
        hFile As Long
        strTmp(259) As Byte
    End Type

    Private Sub Command1_Click()
        Dim hMap As Long, pMap As Long, m As myType, pm As Long
        Dim h As Long
        pm = VarPtr(m)
        hMap = OpenFileMapping983071, 0, "myTest")
        If hMap <> 0 And hMap <> -1 Then
            pMap = MapViewOfFile(hMap, 983071 0, 0, Len(m))
            If pMap <> 0 Then
                CopyMemory m, ByVal pMap, Len(m)

            End If
        End If
    End Sub

  • 相关阅读:
    DNS欺骗&嗅探监听
    linux下的ARP攻击(kali)
    隐匿攻击
    跨边界传输之反弹shell
    跨边界传输之内网代理
    跨边界传输之端口转发
    权限维持
    内网提权-服务篇
    内网提权-系统篇
    Laxcus大数据管理系统2.0(14)- 后记
  • 原文地址:https://www.cnblogs.com/lizunicon/p/1247302.html
Copyright © 2011-2022 走看看