能力值:
( LV3,RANK:20 )
|
-
-
2 楼
我的理解是JEDI是一大堆API库,JVCL是封装的可视化组件库
|
能力值:
( LV2,RANK:10 )
|
-
-
3 楼
老大把delphi X64那个HOOK码发我份行吗,14年以后那个
我买VPN之后又买个VPS上谷歌,为了下你的代码,弄了一天才发现google哪里没有下载按钮。真心感谢。
1934240485@qq.com
|
能力值:
( LV2,RANK:10 )
|
-
-
4 楼
老大,希望能得到你的答复,谢谢指教
|
能力值:
( LV3,RANK:20 )
|
-
-
5 楼
你都能上Googlecode了,那上面不是有svn吗,直接svn拉下来不就行了
|
能力值:
( LV2,RANK:10 )
|
-
-
6 楼
老大帮我看个问题,我搞好几天了HOOK NtCreateUserProcess里CreateRemoteThread联级注入失败错误8
function NewNtCreateUserProcess(a,b:PHANDLE;c,d:ACCESS_MASK;e,f:PVOID;g,h:ulong;i,j,k:pointer): NTSTATUS; stdcall;
type
TNewNtCreateUserProcess =function (a,b:PHANDLE;c,d:ACCESS_MASK;e,f:PVOID;g,h:ulong;i,j,k:pointer): NTSTATUS; stdcall;
var
ProcessInfo: _PROCESS_BASIC_INFORMATION;
BaseAddr:pointer;
zpid:cardinal;
begin
Unkook;
BaseAddr:=GetProcAddress(GetModuleHandle(Pansichar('ntdll.dll')),Pansichar('NtCreateUserProcess'));
Result :=TNewNtCreateUserProcess(BaseAddr)(a,b,c,d,e,f,g,h,i,j,k);
ZwQueryInformationProcess(a^, ProcessBasicInformation, @ProcessInfo,
SizeOf (_PROCESS_BASIC_INFORMATION), nil);
AttachToProcess('','E:\dk.dll',ProcessInfo.UniqueProcessId);[COLOR="red"] //注入到创建的进程里
//在这个函数里注入失败,创建线程getlasterror 8,而在CreateProcess里就可以成功,[/COLOR]
end;]
注入方法
function AttachToProcess(const HostFile, GuestFile: string; const PID: DWORD = 0): DWORD;stdcall;
var
hRemoteProcess: THandle;
dwRemoteProcessID,cb: DWORD;
pszLibFileRemote: Pointer;
iReturnCode: Boolean;
TempVar: DWORD;
pfnStartAddr: TFNThreadStartRoutine;
pszLibAFilename: PwideChar;
begin
Result := 0;
EnabledDebugPrivilege(True);
Getmem(pszLibAFilename, Length(GuestFile) * 2 + 1);
StringToWideChar(GuestFile, pszLibAFilename, Length(GuestFile) * 2 + 1);
if PID> 0 then
dwRemoteProcessID := PID
else
ShowMessage('注入PID未找到');
hRemoteProcess := OpenProcess(PROCESS_ALL_ACCESS,FALSE,dwRemoteProcessId);
cb := (1 + lstrlenW(pszLibAFilename)) * sizeof(WCHAR);
pszLibFileRemote := PWIDESTRING(VirtualAllocEx(hRemoteProcess, nil, cb, MEM_COMMIT,PAGE_READWRITE));
TempVar := 0;
iReturnCode := WriteProcessMemory(hRemoteProcess, pszLibFileRemote, pszLibAFilename, cb, TempVar);
if iReturnCode then
begin
pfnStartAddr := GetProcAddress(GetModuleHandle('Kernel32'), 'LoadLibraryW');
TempVar := 0;
Result := CreateRemoteThread(hRemoteProcess, nil,0, pfnStartAddr, pszLibFileRemote,0, TempVar);
//[COLOR="Red"]ShowMessage(inttostr(GetLastError));[/COLOR]
end;
Freemem(pszLibAFilename);
end;dll
procedure InitHook;
begin
Hookstart;
Hook('NtCreateUserProcess',@NewNtCreateUserProcess); //
end;
procedure DllEntry(dwResaon: DWORD);
begin
case dwResaon of
DLL_PROCESS_ATTACH: InitHook; //DLL载入
DLL_PROCESS_DETACH: UninitHook; //DLL删除
end;
end;
begin
DllProc := @DllEntry;
{ 调用DLL加载处理 }
DllEntry(DLL_PROCESS_ATTACH);
end.
|
能力值:
( LV2,RANK:10 )
|
-
-
7 楼
老大,delphi有毫秒延时吗,像sleep一样cpu空闲的。
我HOOK d3d函数优化CPU,发现sleep(1)降帧太卡了。时间停顿的再小一点就好了。
|
