找回密码
 立即注册

QQ登录

只需一步,快速开始

搜索
热搜: 活动 交友 discuz
查看: 118|回复: 0

c++ dll注入,炫彩IDE写法参考C写法

[复制链接]

5

主题

10

回帖

58

积分

注册会员

积分
58
发表于 2024-8-26 10:46:14 | 显示全部楼层 |阅读模式

//这里写你的-----DLL代码

// inject.cpp
#include "inject.h"

extern "C" __declspec(dllexport) void InjectedFunction() {
    // 这里是你想要在目标进程执行的代码
    MessageBox(NULL, L"DLL Injected!", L"Injected", MB_OK);
}


//这里是-----创建你的注入器程序

// injector.cpp
#include <Windows.h>
#include <TlHelp32.h>
#include <iostream>

DWORD FindProcessID(const wchar_t* processName) {
    DWORD processID = 0;
    HANDLE snapshot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
    PROCESSENTRY32 structure;
    structure.dwSize = sizeof(PROCESSENTRY32);

    if (Process32First(snapshot, &structure)) {
        do {
            if (!wcscmp(structure.szExeFile, processName)) {
                processID = structure.th32ProcessID;
                break;
            }
        } while (Process32Next(snapshot, &structure));
    }
    CloseHandle(snapshot);
    return processID;
}

bool InjectDLL(DWORD processID, const wchar_t* dllPath) {
    HANDLE processHandle = OpenProcess(PROCESS_VM_OPERATION | PROCESS_VM_WRITE, FALSE, processID);
    if (processHandle == NULL) {
        return false;
    }

    LPVOID remoteDllName = VirtualAllocEx(processHandle, NULL, wcslen(dllPath) * sizeof(wchar_t), MEM_COMMIT, PAGE_READWRITE);
    if (remoteDllName == NULL) {
        CloseHandle(processHandle);
        return false;
    }

    if (WriteProcessMemory(processHandle, remoteDllName, (LPVOID)dllPath, wcslen(dllPath) * sizeof(wchar_t), NULL) == 0) {
        VirtualFreeEx(processHandle, remoteDllName, 0, MEM_RELEASE);
        CloseHandle(processHandle);
        return false;
    }

    HMODULE hModule = LoadLibrary(L"kernel32.dll");
    LPTHREAD_START_ROUTINE threadFunc = (LPTHREAD_START_ROUTINE)GetProcAddress(hModule, "LoadLibraryW");

    HANDLE hRemoteThread = CreateRemoteThread(processHandle, NULL, 0, threadFunc, remoteDllName, 0, NULL);
    if (hRemoteThread == NULL) {
        VirtualFreeEx(processHandle, remoteDllName, 0, MEM_RELEASE);
        CloseHandle(processHandle);
        return false;
    }

    WaitForSingleObject(hRemoteThread, INFINITE);
    CloseHandle(hRemoteThread);
    VirtualFreeEx(processHandle, remoteDllName, 0, MEM_RELEASE);
    CloseHandle(processHandle);
    return true;
}

int main() {
    DWORD processID = FindProcessID(L"notepad.exe"); // 目标进程名称
    if (processID == 0) {
        std::cout << "Process not found." << std::endl;
        return 1;
    }

    if (InjectDLL(processID, L"C:\\path\\to\\inject.dll")) {
        std::cout << "DLL Injected Successfully." << std::endl;
    } else {
        std::cout << "D

您需要登录后才可以回帖 登录 | 立即注册

本版积分规则

QQ|Archiver|手机版|小黑屋|炫语言 | 炫彩界面库 | 用户所需, 正是我所做! ( 鄂ICP备2023014763号-1 )

GMT+8, 2024-11-21 18:33 , Processed in 0.071302 second(s), 19 queries .

Powered by Discuz! X3.5

© 2001-2024 Discuz! Team.

快速回复 返回顶部 返回列表