win7 32位下实现远程线程注入
生活随笔
收集整理的這篇文章主要介紹了
win7 32位下实现远程线程注入
小編覺得挺不錯的,現(xiàn)在分享給大家,幫大家做個參考.
dllmain.cpp 生成注入的dll
// dllmain.cpp : 定義 DLL 應(yīng)用程序的入口點。 #include "stdafx.h" #include <Windows.h> #define PROCESS_NAME "notepad.exe"HINSTANCE hMod; HHOOK hHook; HWND hWnd; BOOL APIENTRY DllMain( HMODULE hModule,DWORD ul_reason_for_call,LPVOID lpReserved) {switch (ul_reason_for_call){case DLL_PROCESS_ATTACH:hMod = hModule;case DLL_THREAD_ATTACH:case DLL_THREAD_DETACH:case DLL_PROCESS_DETACH:break;}return TRUE; } LRESULT CALLBACK KeyBoardProc(int nCode,WPARAM wParam,LPARAM lParam) {char szPath[256] = { 0, };char *p=NULL;if (nCode == 0){if (!(lParam & 0x80000000)){GetModuleFileNameA(NULL, szPath, 256);p = strrchr(szPath, '\\');if (_stricmp(p + 1, PROCESS_NAME)==0){return 1;}}}CallNextHookEx(hHook, nCode, wParam, lParam);return 0; } #ifdef __cplusplus extern "C" { #endif // __cplusplus__declspec(dllexport) void HookStart(){hHook = SetWindowsHookEx(WH_KEYBOARD, KeyBoardProc, hMod, 0);}__declspec(dllexport) HHOOK getHook(){return hHook;}__declspec(dllexport) void HookEnd(){if (hHook) {UnhookWindowsHookEx(hHook);hHook = NULL;}} #ifdef __cplusplus } #endif // __cplusplusMessageHook.cpp 生成MessageHook.exe加載剛剛生成的KeyHook.dll
// MessageHook.cpp : 此文件包含 "main" 函數(shù)。程序執(zhí)行將在此處開始并結(jié)束。 //#include <stdio.h> #include <conio.h> #include <Windows.h>#define DLL_NAME "KeyHook.dll" #define HOOKSTART "HookStart" #define HOOKEND "HookEnd" #define GETHOOK "getHook" typedef void(*pHookStart)(); typedef void(*pHookEnd)(); int main() {HMODULE hDll = NULL;pHookStart HookStart = NULL;pHookEnd HookEnd = NULL;char ch = 0;hDll = LoadLibraryA(DLL_NAME);if (!hDll) {printf("Dll load failed");printf("press 'q' to quit\n");while (_getch() != 'q');}HookEnd = (pHookEnd)GetProcAddress(hDll, HOOKEND);HookStart = (pHookStart)GetProcAddress(hDll, HOOKSTART);HookStart();if (!HookEnd || !HookStart){printf("getprocaddress failed\n");printf("%x,%x\n", HookStart, HookEnd);printf("press 'q' to quit\n");while (_getch() != 'q');}printf("press 'q' to quit\n");while (_getch() != 'q');HookEnd();FreeLibrary(hDll); }注入成功后記事本會輸入不了數(shù)據(jù),且notepad進程里面會有KeyHook.dll
總結(jié)
以上是生活随笔為你收集整理的win7 32位下实现远程线程注入的全部內(nèi)容,希望文章能夠幫你解決所遇到的問題。
- 上一篇: aliyun服务器安装git,g++
- 下一篇: FSG2.0脱壳记录