加载映像EXE/DLL到远程进程执行(注入)

作者在 2013-01-29 23:44:20 发布以下内容

LdrSup允许您从文件/内存中加载映像到本地或者远程进程执行(注入), 比如把 寄生虫.exe 注入到 宿主.exe 中运行.

 

代码演示如何把自己(EXE)注入到QQ.exe中运行.

http://rlib.googlecode.com/svn/Examples/Loader/

标签: RLib

代码片段(1)

[代码] [C/C++]代码

01 boolRun(HANDLE*phandle,HANDLE*pdest_process_handle,void**ppimage)
02 {
03     String StartupPath = String(AppBase::GetStartupPath());
04     String::FastStringCopy(BaseDllDir, StartupPath, StartupPath.Length);
05   
06     *pdest_process_handle = *ppimage = NULL;
07   
08     if(copy_to_process(open_process_by_name(L"QQ.exe"), pdest_process_handle, ppimage))
09     {
10         Threading::Thread *thread=newThreading::Thread(LdrSup::RunImage(*pdest_process_handle, *ppimage, threadproc, *ppimage,true), 0, FALSE);
11         if(thread== NULL)
12         {
13             *phandle = NULL;
14         } 
15         else
16         {
17             *phandle =thread;
18             thread->Resume();
19             deletethread;
20         }
21         LdrSup::CloseNativeHandle(*pdest_process_handle);
22     }
23     returnNULL;
24 }
技术 | 阅读 4356 次
文章评论,共1条
qq372505855
2013-02-17 08:37
1
很好的一篇文,希望能写个全局注入
游客请输入验证码
浏览1872163次