;注入处理
RemoteProcessProcStartAddr:
RemoteProcessProc proc

        PrintText "RemoteProcessProc!!!!!!!!"
       
        ret
RemoteProcessProc endp
RemoteProcessProcCodeLen equ ($ - RemoteProcessProcStartAddr)*1

;注入部分，注入后notepad.exe会出错。
mov hProcessList,@invoke(CreateToolhelp32Snapshot,TH32CS_SNAPPROCESS,0)
mov stProcess.dwSize,sizeof PROCESSENTRY32
invoke Process32First,hProcessList,addr stProcess
.repeat
        invoke lstrcmpi,addr stProcess.szExeFile,@CTEXT("notepad.exe")
        .if eax == 0
                invoke OpenProcess,PROCESS_ALL_ACCESS,TRUE,stProcess.th32ProcessID
                mov hProcess,eax
                .break
        .endif        ;//
        invoke Process32Next,hProcessList,addr stProcess
        .break .if eax == 0
.until FALSE
.if hProcess != 0
        invoke VirtualAllocEx,hProcess,NULL,RemoteProcessProcCodeLen,MEM_COMMIT,PAGE_EXECUTE_READWRITE
        mov hVirtualAlloc,eax
        invoke WriteProcessMemory,hProcess,hVirtualAlloc,addr RemoteProcessProc,RemoteProcessProcCodeLen,addr i
        invoke CreateRemoteThread,hProcess,NULL,NULL,addr RemoteProcessProc,NULL,NULL,addr j
        PrintHex eax
.endif        ;//

invoke CloseHandle,hProcess
invoke CloseHandle,hProcessList

[课程]Android-CTF解题方法汇总！