定义
#pragma once
#include "Tlhelp32.h"
// CInsertDll
class CInsertDll : public CWnd
{
DECLARE_DYNAMIC(CInsertDll)
public:
CInsertDll();
virtual ~CInsertDll();
DWORD m_dwProcID;
BOOL GetProcId(CString);//获得进程ID 以名称来查找
PTHREAD_START_ROUTINE ptStart;
BOOL InjectDll(char *); //注入Dll
HANDLE hProcess;
protected:
BOOL GetProcessHandle();
DECLARE_MESSAGE_MAP()
};
// InsertDll.cpp : 实现文件
//
#include "stdafx.h"
#include "FormTest2.h"
#include "InsertDll.h"
// CInsertDll
IMPLEMENT_DYNAMIC(CInsertDll, CWnd)
CInsertDll::CInsertDll()
{
this->m_dwProcID=NULL;
this->hProcess=NULL;
this->ptStart=(PTHREAD_START_ROUTINE)GetProcAddress(GetModuleHandle(TEXT("kernel32")),"LoadLibraryA");
}
CInsertDll::~CInsertDll()
{
}
BOOL CInsertDll::GetProcId(CString strProcName)
{
HANDLE hProcessSnap = NULL;
PROCESSENTRY32 pe32 = {0};
CString str;
hProcessSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
if (hProcessSnap == (HANDLE)-1)
return TRUE;
pe32.dwSize = sizeof(PROCESSENTRY32);
if (Process32First(hProcessSnap, &pe32))
{
do
{
str.Format(_T("%s"),pe32.szExeFile);
if(str==strProcName)
{
this->m_dwProcID=pe32.th32ProcessID;
return this->GetProcessHandle();
}
}while(Process32Next(hProcessSnap, &pe32));
}
return FALSE;
}
BOOL CInsertDll::InjectDll(char *cDllName) //需要传入参数结构和结构大小
{
if(this->hProcess==NULL)
return FALSE;
char *cpLib=NULL;
UINT slen=(strlen(cDllName)+1)*sizeof(char);
cpLib=(char*)VirtualAllocEx(hProcess,NULL,slen,MEM_COMMIT,PAGE_READWRITE);
if(cpLib==NULL)
{
CloseHandle(hProcess);
return FALSE;
}
if(!WriteProcessMemory(hProcess,(LPVOID)cpLib,(LPVOID)cDllName,slen,NULL))
{
CloseHandle(hProcess);
return FALSE;
}
HANDLE hThread=CreateRemoteThread(hProcess,NULL,0,this->ptStart, cpLib,0,NULL);
if(hThread==NULL)
{
CloseHandle(hProcess);
return FALSE;
}
if(hThread!=NULL)
{
CloseHandle(hThread);
CloseHandle(hProcess);
}
return TRUE;
}
BOOL CInsertDll::GetProcessHandle()
{
this->hProcess=OpenProcess(PROCESS_CREATE_THREAD|PROCESS_VM_OPERATION|PROCESS_VM_WRITE,FALSE,this->m_dwProcID);
if(this->hProcess!=NULL)
return TRUE;
else
return FALSE;
}
BEGIN_MESSAGE_MAP(CInsertDll, CWnd)
END_MESSAGE_MAP()
// CInsertDll 消息处理程序