我们在信息安全编程的时候经常需要进行dll进程注入,
我们在编程中如何实现呢。
需要引用
Psapi.Lib,具体可以百度下载之。
其头文件如下,
odule Name:
psapi.h
Abstract:
Include file for APIs provided by PSAPI.DLL
Author:
Richard Shupak [richards] 06-Jan-1994
Revision History:
--*/
#ifndef _PSAPI_H_
#define _PSAPI_H_
#ifdef __cplusplus
extern "C" {
#endif
BOOL
WINAPI
EnumProcesses(
DWORD * lpidProcess,
DWORD cb,
DWORD * cbNeeded
);
BOOL
WINAPI
EnumProcessModules(
HANDLE hProcess,
HMODULE *lphModule,
DWORD cb,
LPDWORD lpcbNeeded
);
DWORD
WINAPI
GetModuleBaseNameA(
HANDLE hProcess,
HMODULE hModule,
LPSTR lpBaseName,
DWORD nSize
);
DWORD
WINAPI
GetModuleBaseNameW(
HANDLE hProcess,
HMODULE hModule,
LPWSTR lpBaseName,
DWORD nSize
);
#ifdef UNICODE
#define GetModuleBaseName GetModuleBaseNameW
#else
#define GetModuleBaseName GetModuleBaseNameA
#endif // !UNICODE
DWORD
WINAPI
GetModuleFileNameExA(
HANDLE hProcess,
HMODULE hModule,
LPSTR lpFilename,
DWORD nSize
);
DWORD
WINAPI
GetModuleFileNameExW(
HANDLE hProcess,
HMODULE hModule,
LPWSTR lpFilename,
DWORD nSize
);
#ifdef UNICODE
#define GetModuleFileNameEx GetModuleFileNameExW
#else
#define GetModuleFileNameEx GetModuleFileNameExA
#endif // !UNICODE
typedef struct _MODULEINFO {
LPVOID lpBaseOfDll;
DWORD SizeOfImage;
LPVOID EntryPoint;
} MODULEINFO, *LPMODULEINFO;
BOOL
WINAPI
GetModuleInformation(
HANDLE hProcess,
HMODULE hModule,
LPMODULEINFO lpmodinfo,
DWORD cb
);
BOOL
WINAPI
EmptyWorkingSet(
HANDLE hProcess
);
BOOL
WINAPI
QueryWorkingSet(
HANDLE hProcess,
PVOID pv,
DWORD cb
);
BOOL
WINAPI
InitializeProcessForWsWatch(
HANDLE hProcess
);
typedef struct _PSAPI_WS_WATCH_INFORMATION {
LPVOID FaultingPc;
LPVOID FaultingVa;
} PS