-
-
未解决
[求助]关于DLL执行payload
-
发表于:
2019-7-2 16:50
2011
-
请教下各位大佬,DLL怎么执行payload,自己动手调试了无数遍就是不成功。
思路是:注入到进程里面,注入成功了但是没有执行代码,我试了各种各样的代码。
相关代码有:https://blog.csdn.net/qq_15727809/article/details/83344928
https://blog.csdn.net/qq_33544988/article/details/79028340
还有些类似的,请问各位大佬是何缘故?耽误各位大佬点时间,解决了请各位大佬喝杯下午茶,捣鼓三天了!
extern "C" BOOL APIENTRY DllMain(HMODULE /* hModule */, DWORD ul_reason_for_call, LPVOID /* lpReserved */)
{
using namespace std;
switch (ul_reason_for_call)
{
case DLL_PROCESS_ATTACH:
cout << "load from dll main" << endl;
//ShowImage2();
MessageBox(NULL, TEXT("dll proc attached"), NULL, MB_ICONINFORMATION | MB_YESNO);
break;
case DLL_THREAD_ATTACH:
//MessageBox(NULL, TEXT("dll thread attached"), NULL, MB_ICONINFORMATION | MB_YESNO);
break;
case DLL_THREAD_DETACH:
//MessageBox(NULL, TEXT("dll thread detached"), NULL, MB_ICONINFORMATION | MB_YESNO);
break;
case DLL_PROCESS_DETACH:
MessageBox(NULL, TEXT("dll proc detached"), NULL, MB_ICONINFORMATION | MB_YESNO);
break;
}
return TRUE;
}#include "windows.h"
#include "tchar.h"
#pragma comment(lib,"urlmon.lib")
#define DEF_URL (L"http://www.naver.com/index.html")
#define DEF_FILE_NAME (L"index.html")
HMODULE g_hMod = NULL;
DWORD WINAPI ThreadProc(LPVOID lParam)
{
TCHAR szPath[_MAX_PATH] = {0,};
if(!GetModuleFileName(g_hMod,szPath,MAX_PATH))
return FALSE;
TCHAR *p = _tcsrchr(szPath,'\\');
if(!p)
return FALSE;
_tcscpy_s(p+1,_MAX_PATH,DEF_FILE_NAME);
HRESULT hr = URLDownloadToFile(NULL,DEF_URL,szPath,0,NULL);
if (hr != S_OK)
return FALSE;
else
OutputDebugString(L"down finish!!!!");
return 0;
}
BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD fdwReason, LPVOID lpvReserved)
{
HANDLE hThread = NULL;
g_hMod = (HMODULE)hinstDLL;
switch(fdwReason)
{
case DLL_PROCESS_ATTACH:
OutputDebugString(L"myhack.dll Injection!!!!");
hThread = CreateThread(NULL,0,ThreadProc,NULL,0,NULL);
if (hThread)
OutputDebugString(L"down finish!!!!");
CloseHandle(hThread);
break;
}
return TRUE;
}
[培训]《安卓高级研修班(网课)》月薪三万计划,掌握调试、分析还原ollvm、vmp的方法,定制art虚拟机自动化脱壳的方法
最后于 2019-7-2 16:53
被古朴编辑
,原因:
