-
-
[旧帖] 关于Hook WriteProcessMemory 0.00雪花
-
发表于: 2010-5-29 18:57
-
BOOL WINAPI MyWriteProcessMemory(
HANDLE hProcess, // handle to process
LPVOID lpBaseAddress, // base of memory area
LPVOID lpBuffer, // data buffer
DWORD nSize, // number of bytes to write
LPDWORD lpNumberOfBytesWritten // number of bytes written
);
DETOUR_TRAMPOLINE(BOOL WINAPI CopyWriteProcessMemory(HANDLE, LPVOID, LPVOID, DWORD, LPDWORD), WriteProcessMemory);
BOOL WINAPI MyWriteProcessMemory(
HANDLE hProcess, // handle to process
LPVOID lpBaseAddress, // base of memory area
LPVOID lpBuffer, // data buffer
DWORD nSize, // number of bytes to write
LPDWORD lpNumberOfBytesWritten) // number of bytes written
{
BOOL nResult=CopyWriteProcessMemory(hProcess,lpBaseAddress,lpBaseAddress,nSize,lpNumberOfBytesWritten);
MessageBoxA(NULL,(LPCTSTR)lpBaseAddress,"Hook!",MB_OK);
return nResult;
}
BOOL APIENTRY DllMain( HANDLE hModule,
DWORD ul_reason_for_call,
LPVOID lpReserved
)
{
switch (ul_reason_for_call)
{
case DLL_PROCESS_ATTACH:
OutputDebugString("Detour dll Load!");
DetourFunctionWithTrampoline((PBYTE)CopyWriteProcessMemory, (PBYTE)MyWriteProcessMemory);
break;
case DLL_THREAD_ATTACH:
break;
case DLL_THREAD_DETACH:
break;
case DLL_PROCESS_DETACH:
OutputDebugString("Detour dll Exit!");
DetourRemove((PBYTE)CopyWriteProcessMemory, (PBYTE)MyWriteProcessMemory);
break;
}
return TRUE;
}
大致代码是这样的 不过不知道为什么 注入之后我用自己写的EXE用WriteProcessMemory写内存 是成功了 但是不会出现MessageBoxA
[培训]内核驱动高级班,冲击BAT一流互联网大厂工作,每周日13:00-18:00直播授课
