-
-
未解决 [求助]Detours DLL注入运行成功但是DLL不能驻留在内存里
-
2023-6-14 10:21
-
注入成功后用processexplor看完全没加载DLL
注入器代码:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 | #include <stdio.h>#include <Windows.h>#include <tchar.h>#include <detours.h>#include <io.h>#include"pch.h"#include<iostream>#pragma comment(lib, "detours.lib")int main(){ //TCHAR cmdline[] = "D:\\1_aWORK\\detours_dll_inject\\dll_inject\\Debug\\1.exe"; //ht[tps://www.cnblogs.com/linxmouse/p/14182179.html DWORD pid = 4340; char dllpath[] = "C:\\Users\\admin\\Desktop\\dll\\Dll1.dll"; char exepath[] = "C:\\Users\\admin\\Desktop\\1\\1.exe"; TCHAR _dir[MAX_PATH] = "C:\\Users\\admin\\Desktop\\1" ; STARTUPINFO si = { 0 }; si.cb = sizeof(STARTUPINFO); PROCESS_INFORMATION magbox; ZeroMemory(&si, sizeof(STARTUPINFO)); ZeroMemory(&magbox, sizeof(PROCESS_INFORMATION)); /* HANDLE pro = OpenProcess(PROCESS_VM_WRITE, TRUE, pid); if (pro) { printf("进程句柄:%d\n",pro); magbox.hProcess = pro; magbox.dwProcessId = pid; } else { printf("进程获取失败\n"); }*/ if (DetourCreateProcessWithDllEx(exepath, NULL,NULL,NULL,true,CREATE_DEFAULT_ERROR_MODE , NULL, _dir, &si, &magbox, dllpath, (PDETOUR_CREATE_PROCESS_ROUTINEA)CreateProcess)) { printf("注入成功\n"); } else { printf("注入失败\n"); printf("error:%d", GetLastError()); } /* hDLL = LoadLibrary(L"Dll1.dll"); if (hDLL != NULL) { //第三步, 获取动态库dll中的函数地址 lpDo_array = GetProcAddress(hDLL, "getmage"); } lpDo_array();*/ return 0;} |
[培训]《安卓高级研修班(网课)》月薪三万计划,掌握调试、分析还原ollvm、vmp的方法,定制art虚拟机自动化脱壳的方法
最后于 2023-6-14 14:25
被wx_好一脚头球编辑
,原因:
