using system;
using system.collections.generic;
using system.componentmodel;
using system.data;
using system.diagnostics;
using system.drawing;
using system.linq;
using system.runtime.interopservices;
using system.text;
using system.windows.forms;
namespace hooktest01
private void button1_click(object sender, eventargs e)
if (textbox2.text == "" || textbox2.text == null)
pid = int32.parse(textbox1.text);
dllname = textbox2.text;
}catch(exception error)
trycatch(exception error)
allocbaseaddress= virtualallocex(hwnd, 0, dllname.length + 1, mem_commit+ mem_reserve, page_execute_readwrite);
if (allocbaseaddress == 0)
ok=writeprocessmemory(hwnd, allocbaseaddress, dllname, dllname.length + 1,0);
if (!ok)
loadaddr = getprocaddress(getmodulehandlea("kernel32.dll"), "loadlibrarya");
if (loadaddr == 0)
threadhwnd=createremotethread(hwnd, 0, 0, loadaddr, allocbaseaddress,0, 0);
if (threadhwnd ==intptr.zero)
waitforsingleobject(threadhwnd, infinite);
messagebox.show("ok ,you can check now!!!");
virtualfree(hwnd, 0, mem_release);
//下面開始列舉模組列表;
processmodulecollection pmodule = pname.modules;
foreach (processmodule processm in pmodule)
pname.dispose();
}//程序 控制代碼}}
遠端注入DLL
ool cinject injectdll char m path,dword m id 如果開啟程序成功,則在該程序中開闢記憶體空間 this m baseaddress virtualallocex m handle,null,1024,mem commit,page execute readw...
遠端執行緒DLL注入
在其他程序中,建立乙個新的執行緒來loadlibrarya我們的dll。include include void main 給程序分配記憶體 lpvoid baseaddress char strdllname int len strlen strdllname 1 baseaddress virt...
DLL注入 遠端執行緒
dll include stdafx.h include include include bool apientry dllmain hmodule hmodule,dword ul reason for call,lpvoid lpreserved return true 注入器 include ...