//提公升本程序許可權
bool getprivilege()
closehandle(tokenhandle);
} return bret;
}
//注入dll(dllpath為dll的絕對路徑)
bool injectdll(dword pid,ptchar dllpath,int maxpathlen)
}virtualfreeex(hproc, pbuf, maxpathlen, mem_decommit);
} closehandle(hproc);
} return bret;
}
//#include "tlhelp32.h"
//解除安裝dll(解除安裝dll前請確保遠端程序中由dll建立的執行緒已關閉,若_strcmpi函式引數型別不匹配請把專案的字符集改為多位元組字符集)
bool disinfect(dword pid, ptchar dllname)
; mod32.dwsize = sizeof(moduleentry32);
bret = module32first(hmodulehandle, &mod32);
while (bret)
else
closehandle(hproc);
}break;
}bret = module32next(hmodulehandle, &mod32);
} closehandle(hmodulehandle);
} return bret;
}
DLL注入與解除安裝
dll注入可用於編寫外掛程式和病毒不易發現。void cinjectdlltooldlg startinject char path,int pid 在該程序申請記憶體,用來存放path資料 lpvoid dlladdr virtualallocex hpro,null,pathlen,mem co...
遠端載入與解除安裝DLL
dword getprocessidbyname lpctstr szprocess 注意要加exe字尾 while process32next hsnapshot,pe32 closehandle hsnapshot return dwret bool inject lpctstr szmodul...
遠端注入DLL
ool cinject injectdll char m path,dword m id 如果開啟程序成功,則在該程序中開闢記憶體空間 this m baseaddress virtualallocex m handle,null,1024,mem commit,page execute readw...