这是本人第一次写博客,如果写的不好请见谅.
主要给新手看,非喜勿喷
主要代码如写,DLL代码自己写,这里主要教你注入的方法
// InjectDll.cpp : 定义控制台应用程序的入口点。
#include "stdafx.h"
#include <windows.h>
#include <string.h>
#define DLLName "写你自己的dll名称.dll"
#include <iostream>
#include <fstream>
using namespace std;
void InjectDll(const char* dellfullpate,HWND hwnd)
{
DWORD pid=0;
LPDWORD AddressWD = NULL;
DWORD byWirteSize = NULL;
HANDLE threadHandle = NULL;
if (hwnd != 0)
{
GetWindowThreadProcessId(hwnd,&pid);
if (pid!=NULL)
{
printf("pid=%d",pid);
//根据pid打开进程句柄
HANDLE handle = OpenProcess(PROCESS_ALL_ACCESS,FALSE,pid);
printf("handle=句柄%x",handle);
if (hwnd != NULL)
{
//给程序分配一片内存空间
AddressWD=(LPDWORD)VirtualAllocEx(handle,NULL,265, MEM_COMMIT, PAGE_READWRITE);
printf("AddressWD=分配控件%x",AddressWD);
if (AddressWD != NULL)
{
//写入DLL全路径
WriteProcessMemory(handle,AddressWD,dellfullpate,strlen(dellfullpate)+1,&byWirteSize);
if (byWirteSize>=strlen(dellfullpate))
{
//创建原线程 执行loadlirbry
printf("AddressWD=11111分配控件%x",AddressWD);
threadHandle=CreateRemoteThread(handle,NULL,NULL,(LPTHREAD_START_ROUTINE)LoadLibraryA,AddressWD,NULL,NULL);
//等待一段时间,释放线程
WaitForSingleObject(threadHandle,0XFFFFFFF);
CloseHandle(threadHandle);
VirtualFreeEx(handle,AddressWD,256,MEM_COMMIT);
}else
{
printf("写入DLL 路径失败\n");
}
}
else{
printf("分配空间失败\n");
}
}
else
{
printf("进程句柄为空 \n");
}
}
}
else
{
printf("句柄为空 \n");
return ;
}
}
int main()
{
char DirName[256] = "";//存放目录名
char dllNamePath[256] = "";//全路径
HWND hwnd =FindWindow(L"notepad.exe", NULL);
//注入DLL代码
printf("注入DLL\n");
//获取当前目录名
GetCurrentDirectoryA(sizeof(DirName),DirName);
//函数
strcpy_s(dllNamePath,DirName);
strcat_s(dllNamePath,"\\");
strcat_s(dllNamePath,DLLName);//追加名字
printf("%ls\n", dllNamePath);
TCHAR BUffer[520];
GetClassName(hwnd,BUffer,sizeof(BUffer));
printf("BUffer=%s",BUffer);
InjectDll(dllNamePath,hwnd);//注入DLL
getchar();
return 0;
}