标签:mem display 创建 内存 img commit path handle rem
1 #include <Windows.h> 2 3 4 void Inject(int pID, char* Path) 5 { 6 //获取进程句柄 7 HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, pID); 8 9 //申请一块内存给DLL路径 10 LPVOID pReturnAddress = VirtualAllocEx(hProcess, NULL, strlen(Path) + 1, MEM_COMMIT, PAGE_READWRITE); 11 12 //写入路径到上一行代码申请的内存中 13 WriteProcessMemory(hProcess, pReturnAddress, Path, strlen(Path) + 1, NULL); 14 15 16 //获取LoadLibraryA函数的地址 17 HMODULE hModule = LoadLibrary("KERNEL32.DLL"); 18 LPTHREAD_START_ROUTINE lpStartAddress = (LPTHREAD_START_ROUTINE)GetProcAddress(hModule, "LoadLibraryA"); 19 20 21 //创建远程线程-并获取线程的句柄 22 HANDLE hThread = CreateRemoteThread(hProcess, NULL, 0, lpStartAddress, pReturnAddress, 0, NULL); 23 24 //等待线程事件 25 WaitForSingleObject(hThread, 2000); 26 27 28 //防止内存泄露 29 CloseHandle(hThread); 30 CloseHandle(hProcess); 31 32 } 33 34 35 int main() 36 { 37 const char* a = "X:\\Users\\Miraculous_B\\source\\repos\\Dll1\\Debug\\Dll1.dll"; 38 Inject(5612, (char*)a); 39 return 0; 40 }
标签:mem display 创建 内存 img commit path handle rem
原文地址:https://www.cnblogs.com/MiraculousB/p/12757672.html
