如何远程注入代码
如何远程注入代码我网上找了一个,但是不起作用,能否给个注入MESSAGEBOX的例子
procedure func;
begin
asm
PUSHAD
PUSH 2
PUSH $30
CALL address
POPAD
end;
end;
procedure Inject(ProcessHandle: longword; EntryPoint: pointer);
var
Module, NewModule: Pointer;
Size, BytesWritten, TID: longword;
begin
Module := Pointer(GetModuleHandle(nil)); //得到模块句柄,nil表示得到自身模块的
Size := PImageOptionalHeader(Pointer(integer(Module) + PImageDosHeader(Module)._lfanew + SizeOf(dword) + SizeOf(TImageFileHeader))).SizeOfImage;
VirtualFreeEx(ProcessHandle, Module, 0, MEM_RELEASE);
NewModule := VirtualAllocEx(ProcessHandle, Module, Size, MEM_COMMIT or MEM_RESERVE, PAGE_EXECUTE_READWRITE);
WriteProcessMemory(ProcessHandle, NewModule, Module, Size, BytesWritten);
CreateRemoteThread(ProcessHandle, nil, 0, EntryPoint, Module, 0, TID);
end;
invoke VirtualAllocEx,hProc_YX,0,dw_CALL_CD,MEM_COMMIT,PAGE_EXECUTE_READWRITE ;申请内存
.if !eax
invoke MessageBox,0,$CTA0("为注入码申请内存失败"),0,MB_ICONERROR
ret
.endif
mov esi,eax
invoke WriteProcessMemory,hProc_YX,ebx,addr CALL_ECX,dwCALL_CD,NULL ;写—注入码
.if !eax
invoke MessageBox,0,$CTA0("写注入码失败"),0,MB_ICONERROR
ret
.endif
invoke CreateRemoteThread,hProc_YX,NULL,0,esi,dw_CALL,0,NULL ;创建远程线程-
mov edi,eax
invoke WaitForSingleObject,edi,500 ;等待线程结束
invoke CloseHandle,edi
invoke VirtualFreeEx,hProc_YX,esi,0,MEM_RELEASE ;释放内存 就喜欢楼主这样的哈哈哈 帮你顶,人还是厚道点好
页:
[1]