winhttp劫持dll

最新推荐文章于 2024-06-28 00:02:18 发布
最新推荐文章于 2024-06-28 00:02:18 发布
阅读量431 收藏
点赞数 2
文章标签: c++
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/qq_52308245/article/details/139633098
版权

转发类

#include "pch.h"
#include "WinHttpForward.h"




void WinHttpForward::InitWinHttpForward() {
	HMODULE hValve = LoadLibrary(L"winhttp.dll");//导入系统路径下的
	if (GetLastError() != ERROR_MOD_NOT_FOUND && hValve != NULL) {

		GetFileVersionInfoA = GetProcAddress(hValve, "GetFileVersionInfoA");//获取所有的导出函数地址
		GetFileVersionInfoByHandle = GetProcAddress(hValve, "GetFileVersionInfoByHandle");//获取所有的导出函数地址
		GetFileVersionInfoExA = GetProcAddress(hValve, "GetFileVersionInfoExA");//获取所有的导出函数地址
		GetFileVersionInfoExW = GetProcAddress(hValve, "GetFileVersionInfoExW");//获取所有的导出函数地址
		GetFileVersionInfoSizeA = GetProcAddress(hValve, "GetFileVersionInfoSizeA");//获取所有的导出函数地址
		GetFileVersionInfoSizeExA = GetProcAddress(hValve, "GetFileVersionInfoSizeExA");//获取所有的导出函数地址
		GetFileVersionInfoSizeExW = GetProcAddress(hValve, "GetFileVersionInfoSizeExW");//获取所有的导出函数地址
		GetFileVersionInfoSizeW = GetProcAddress(hValve, "GetFileVersionInfoSizeW");//获取所有的导出函数地址
		GetFileVersionInfoW = GetProcAddress(hValve, "GetFileVersionInfoW");//获取所有的导出函数地址
		Private1 = GetProcAddress(hValve, "Private1");//获取所有的导出函数地址
		SvchostPushServiceGlobals = GetProcAddress(hValve, "SvchostPushServiceGlobals");//获取所有的导出函数地址
		VerFindFileA = GetProcAddress(hValve, "VerFindFileA");//获取所有的导出函数地址
		VerFindFileW = GetProcAddress(hValve, "VerFindFileW");//获取所有的导出函数地址
		VerInstallFileA = GetProcAddress(hValve, "VerInstallFileA");//获取所有的导出函数地址
		VerInstallFileW = GetProcAddress(hValve, "VerInstallFileW");//获取所有的导出函数地址
		VerLanguageNameA = GetProcAddress(hValve, "VerLanguageNameA");//获取所有的导出函数地址
		VerLanguageNameW = GetProcAddress(hValve, "VerLanguageNameW");//获取所有的导出函数地址
		VerQueryValueA = GetProcAddress(hValve, "VerQueryValueA");//获取所有的导出函数地址
		VerQueryValueW = GetProcAddress(hValve, "VerQueryValueW");//获取所有的导出函数地址
		WinHttpAddRequestHeaders = GetProcAddress(hValve, "WinHttpAddRequestHeaders");//获取所有的导出函数地址
		WinHttpAutoProxySvcMain = GetProcAddress(hValve, "WinHttpAutoProxySvcMain");//获取所有的导出函数地址
		WinHttpCheckPlatform = GetProcAddress(hValve, "WinHttpCheckPlatform");//获取所有的导出函数地址
		WinHttpCloseHandle = GetProcAddress(hValve, "WinHttpCloseHandle");//获取所有的导出函数地址
		WinHttpConnect = GetProcAddress(hValve, "WinHttpConnect");//获取所有的导出函数地址
		WinHttpConnectionDeletePolicyEntries = GetProcAddress(hValve, "WinHttpConnectionDeletePolicyEntries");//获取所有的导出函数地址
		WinHttpConnectionDeleteProxyInfo = GetProcAddress(hValve, "WinHttpConnectionDeleteProxyInfo");//获取所有的导出函数地址
		WinHttpConnectionFreeNameList = GetProcAddress(hValve, "WinHttpConnectionFreeNameList");//获取所有的导出函数地址
		WinHttpConnectionFreeProxyInfo = GetProcAddress(hValve, "WinHttpConnectionFreeProxyInfo");//获取所有的导出函数地址
		WinHttpConnectionFreeProxyList = GetProcAddress(hValve, "WinHttpConnectionFreeProxyList");//获取所有的导出函数地址
		WinHttpConnectionGetNameList = GetProcAddress(hValve, "WinHttpConnectionGetNameList");//获取所有的导出函数地址
		WinHttpConnectionGetProxyInfo = GetProcAddress(hValve, "WinHttpConnectionGetProxyInfo");//获取所有的导出函数地址
		WinHttpConnectionGetProxyList = GetProcAddress(hValve, "WinHttpConnectionGetProxyList");//获取所有的导出函数地址
		WinHttpConnectionSetPolicyEntries = GetProcAddress(hValve, "WinHttpConnectionSetPolicyEntries");//获取所有的导出函数地址
		WinHttpConnectionSetProxyInfo = GetProcAddress(hValve, "WinHttpConnectionSetProxyInfo");//获取所有的导出函数地址
		WinHttpConnectionUpdateIfIndexTable = GetProcAddress(hValve, "WinHttpConnectionUpdateIfIndexTable");//获取所有的导出函数地址
		WinHttpCrackUrl = GetProcAddress(hValve, "WinHttpCrackUrl");//获取所有的导出函数地址
		WinHttpCreateProxyResolver = GetProcAddress(hValve, "WinHttpCreateProxyResolver");//获取所有的导出函数地址
		WinHttpCreateUrl = GetProcAddress(hValve, "WinHttpCreateUrl");//获取所有的导出函数地址
		WinHttpDetectAutoProxyConfigUrl = GetProcAddress(hValve, "WinHttpDetectAutoProxyConfigUrl");//获取所有的导出函数地址
		WinHttpFreeProxyResult = GetProcAddress(hValve, "WinHttpFreeProxyResult");//获取所有的导出函数地址
		WinHttpFreeProxyResultEx = GetProcAddress(hValve, "WinHttpFreeProxyResultEx");//获取所有的导出函数地址
		WinHttpFreeProxySettings = GetProcAddress(hValve, "WinHttpFreeProxySettings");//获取所有的导出函数地址
		WinHttpGetDefaultProxyConfiguration = GetProcAddress(hValve, "WinHttpGetDefaultProxyConfiguration");//获取所有的导出函数地址
		WinHttpGetIEProxyConfigForCurrentUser = GetProcAddress(hValve, "WinHttpGetIEProxyConfigForCurrentUser");//获取所有的导出函数地址
		WinHttpGetProxyForUrl = GetProcAddress(hValve, "WinHttpGetProxyForUrl");//获取所有的导出函数地址
		WinHttpGetProxyForUrlEx = GetProcAddress(hValve, "WinHttpGetProxyForUrlEx");//获取所有的导出函数地址
		WinHttpGetProxyForUrlEx2 = GetProcAddress(hValve, "WinHttpGetProxyForUrlEx2");//获取所有的导出函数地址
		WinHttpGetProxyForUrlHvsi = GetProcAddress(hValve, "WinHttpGetProxyForUrlHvsi");//获取所有的导出函数地址
		WinHttpGetProxyResult = GetProcAddress(hValve, "WinHttpGetProxyResult");//获取所有的导出函数地址
		WinHttpGetProxyResultEx = GetProcAddress(hValve, "WinHttpGetProxyResultEx");//获取所有的导出函数地址
		WinHttpGetProxySettingsVersion = GetProcAddress(hValve, "WinHttpGetProxySettingsVersion");//获取所有的导出函数地址
		WinHttpGetTunnelSocket = GetProcAddress(hValve, "WinHttpGetTunnelSocket");//获取所有的导出函数地址
		WinHttpOpen = GetProcAddress(hValve, "WinHttpOpen");//获取所有的导出函数地址
		WinHttpOpenRequest = GetProcAddress(hValve, "WinHttpOpenRequest");//获取所有的导出函数地址
		WinHttpPacJsWorkerMain = GetProcAddress(hValve, "WinHttpPacJsWorkerMain");//获取所有的导出函数地址
		WinHttpProbeConnectivity = GetProcAddress(hValve, "WinHttpProbeConnectivity");//获取所有的导出函数地址
		WinHttpQueryAuthSchemes = GetProcAddress(hValve, "WinHttpQueryAuthSchemes");//获取所有的导出函数地址
		WinHttpQueryDataAvailable = GetProcAddress(hValve, "WinHttpQueryDataAvailable");//获取所有的导出函数地址
		WinHttpQueryHeaders = GetProcAddress(hValve, "WinHttpQueryHeaders");//获取所有的导出函数地址
		WinHttpQueryOption = GetProcAddress(hValve, "WinHttpQueryOption");//获取所有的导出函数地址
		WinHttpReadData = GetProcAddress(hValve, "WinHttpReadData");//获取所有的导出函数地址
		WinHttpReadProxySettings = GetProcAddress(hValve, "WinHttpReadProxySettings");//获取所有的导出函数地址
		WinHttpReadProxySettingsHvsi = GetProcAddress(hValve, "WinHttpReadProxySettingsHvsi");//获取所有的导出函数地址
		WinHttpReceiveResponse = GetProcAddress(hValve, "WinHttpReceiveResponse");//获取所有的导出函数地址
		WinHttpResetAutoProxy = GetProcAddress(hValve, "WinHttpResetAutoProxy");//获取所有的导出函数地址
		WinHttpSaveProxyCredentials = GetProcAddress(hValve, "WinHttpSaveProxyCredentials");//获取所有的导出函数地址
		WinHttpSendRequest = GetProcAddress(hValve, "WinHttpSendRequest");//获取所有的导出函数地址
		WinHttpSetCredentials = GetProcAddress(hValve, "WinHttpSetCredentials");//获取所有的导出函数地址
		WinHttpSetDefaultProxyConfiguration = GetProcAddress(hValve, "WinHttpSetDefaultProxyConfiguration");//获取所有的导出函数地址
		WinHttpSetOption = GetProcAddress(hValve, "WinHttpSetOption");//获取所有的导出函数地址
		WinHttpSetStatusCallback = GetProcAddress(hValve, "WinHttpSetStatusCallback");//获取所有的导出函数地址
		WinHttpSetTimeouts = GetProcAddress(hValve, "WinHttpSetTimeouts");//获取所有的导出函数地址
		WinHttpTimeFromSystemTime = GetProcAddress(hValve, "WinHttpTimeFromSystemTime");//获取所有的导出函数地址
		WinHttpTimeToSystemTime = GetProcAddress(hValve, "WinHttpTimeToSystemTime");//获取所有的导出函数地址
		WinHttpWebSocketClose = GetProcAddress(hValve, "WinHttpWebSocketClose");//获取所有的导出函数地址
		WinHttpWebSocketCompleteUpgrade = GetProcAddress(hValve, "WinHttpWebSocketCompleteUpgrade");//获取所有的导出函数地址
		WinHttpWebSocketQueryCloseStatus = GetProcAddress(hValve, "WinHttpWebSocketQueryCloseStatus");//获取所有的导出函数地址
		WinHttpWebSocketReceive = GetProcAddress(hValve, "WinHttpWebSocketReceive");//获取所有的导出函数地址
		WinHttpWebSocketSend = GetProcAddress(hValve, "WinHttpWebSocketSend");//获取所有的导出函数地址
		WinHttpWebSocketShutdown = GetProcAddress(hValve, "WinHttpWebSocketShutdown");//获取所有的导出函数地址
		WinHttpWriteData = GetProcAddress(hValve, "WinHttpWriteData");//获取所有的导出函数地址
		WinHttpWriteProxySettings = GetProcAddress(hValve, "WinHttpWriteProxySettings");//获取所有的导出函数地址
	}
}


FARPROC WinHttpForward::GetFileVersionInfoA;
FARPROC WinHttpForward::GetFileVersionInfoByHandle;
FARPROC WinHttpForward::GetFileVersionInfoExA;
FARPROC WinHttpForward::GetFileVersionInfoExW;
FARPROC WinHttpForward::GetFileVersionInfoSizeA;
FARPROC WinHttpForward::GetFileVersionInfoSizeExA;
FARPROC WinHttpForward::GetFileVersionInfoSizeExW;
FARPROC WinHttpForward::GetFileVersionInfoSizeW;
FARPROC WinHttpForward::GetFileVersionInfoW;
FARPROC WinHttpForward::Private1;
FARPROC WinHttpForward::SvchostPushServiceGlobals;
FARPROC WinHttpForward::VerFindFileA;
FARPROC WinHttpForward::VerFindFileW;
FARPROC WinHttpForward::VerInstallFileA;
FARPROC WinHttpForward::VerInstallFileW;
FARPROC WinHttpForward::VerLanguageNameA;
FARPROC WinHttpForward::VerLanguageNameW;
FARPROC WinHttpForward::VerQueryValueA;
FARPROC WinHttpForward::VerQueryValueW;
FARPROC WinHttpForward::WinHttpAddRequestHeaders;
FARPROC WinHttpForward::WinHttpAutoProxySvcMain;
FARPROC WinHttpForward::WinHttpCheckPlatform;
FARPROC WinHttpForward::WinHttpCloseHandle;
FARPROC WinHttpForward::WinHttpConnect;
FARPROC WinHttpForward::WinHttpConnectionDeletePolicyEntries;
FARPROC WinHttpForward::WinHttpConnectionDeleteProxyInfo;
FARPROC WinHttpForward::WinHttpConnectionFreeNameList;
FARPROC WinHttpForward::WinHttpConnectionFreeProxyInfo;
FARPROC WinHttpForward::WinHttpConnectionFreeProxyList;
FARPROC WinHttpForward::WinHttpConnectionGetNameList;
FARPROC WinHttpForward::WinHttpConnectionGetProxyInfo;
FARPROC WinHttpForward::WinHttpConnectionGetProxyList;
FARPROC WinHttpForward::WinHttpConnectionSetPolicyEntries;
FARPROC WinHttpForward::WinHttpConnectionSetProxyInfo;
FARPROC WinHttpForward::WinHttpConnectionUpdateIfIndexTable;
FARPROC WinHttpForward::WinHttpCrackUrl;
FARPROC WinHttpForward::WinHttpCreateProxyResolver;
FARPROC WinHttpForward::WinHttpCreateUrl;
FARPROC WinHttpForward::WinHttpDetectAutoProxyConfigUrl;
FARPROC WinHttpForward::WinHttpFreeProxyResult;
FARPROC WinHttpForward::WinHttpFreeProxyResultEx;
FARPROC WinHttpForward::WinHttpFreeProxySettings;
FARPROC WinHttpForward::WinHttpGetDefaultProxyConfiguration;
FARPROC WinHttpForward::WinHttpGetIEProxyConfigForCurrentUser;
FARPROC WinHttpForward::WinHttpGetProxyForUrl;
FARPROC WinHttpForward::WinHttpGetProxyForUrlEx;
FARPROC WinHttpForward::WinHttpGetProxyForUrlEx2;
FARPROC WinHttpForward::WinHttpGetProxyForUrlHvsi;
FARPROC WinHttpForward::WinHttpGetProxyResult;
FARPROC WinHttpForward::WinHttpGetProxyResultEx;
FARPROC WinHttpForward::WinHttpGetProxySettingsVersion;
FARPROC WinHttpForward::WinHttpGetTunnelSocket;
FARPROC WinHttpForward::WinHttpOpen;
FARPROC WinHttpForward::WinHttpOpenRequest;
FARPROC WinHttpForward::WinHttpPacJsWorkerMain;
FARPROC WinHttpForward::WinHttpProbeConnectivity;
FARPROC WinHttpForward::WinHttpQueryAuthSchemes;
FARPROC WinHttpForward::WinHttpQueryDataAvailable;
FARPROC WinHttpForward::WinHttpQueryHeaders;
FARPROC WinHttpForward::WinHttpQueryOption;
FARPROC WinHttpForward::WinHttpReadData;
FARPROC WinHttpForward::WinHttpReadProxySettings;
FARPROC WinHttpForward::WinHttpReadProxySettingsHvsi;
FARPROC WinHttpForward::WinHttpReceiveResponse;
FARPROC WinHttpForward::WinHttpResetAutoProxy;
FARPROC WinHttpForward::WinHttpSaveProxyCredentials;
FARPROC WinHttpForward::WinHttpSendRequest;
FARPROC WinHttpForward::WinHttpSetCredentials;
FARPROC WinHttpForward::WinHttpSetDefaultProxyConfiguration;
FARPROC WinHttpForward::WinHttpSetOption;
FARPROC WinHttpForward::WinHttpSetStatusCallback;
FARPROC WinHttpForward::WinHttpSetTimeouts;
FARPROC WinHttpForward::WinHttpTimeFromSystemTime;
FARPROC WinHttpForward::WinHttpTimeToSystemTime;
FARPROC WinHttpForward::WinHttpWebSocketClose;
FARPROC WinHttpForward::WinHttpWebSocketCompleteUpgrade;
FARPROC WinHttpForward::WinHttpWebSocketQueryCloseStatus;
FARPROC WinHttpForward::WinHttpWebSocketReceive;
FARPROC WinHttpForward::WinHttpWebSocketSend;
FARPROC WinHttpForward::WinHttpWebSocketShutdown;
FARPROC WinHttpForward::WinHttpWriteData;
FARPROC WinHttpForward::WinHttpWriteProxySettings;

转发头文件


#ifndef WinHttpForward_H
#define WinHttpForward_H

class WinHttpForward
{
public:
	static void InitWinHttpForward();
	static FARPROC GetFileVersionInfoA;
	static FARPROC GetFileVersionInfoByHandle;
	static FARPROC GetFileVersionInfoExA;
	static FARPROC GetFileVersionInfoExW;
	static FARPROC GetFileVersionInfoSizeA;
	static FARPROC GetFileVersionInfoSizeExA;
	static FARPROC GetFileVersionInfoSizeExW;
	static FARPROC GetFileVersionInfoSizeW;
	static FARPROC GetFileVersionInfoW;
	static FARPROC Private1;
	static FARPROC SvchostPushServiceGlobals;
	static FARPROC VerFindFileA;
	static FARPROC VerFindFileW;
	static FARPROC VerInstallFileA;
	static FARPROC VerInstallFileW;
	static FARPROC VerLanguageNameA;
	static FARPROC VerLanguageNameW;
	static FARPROC VerQueryValueA;
	static FARPROC VerQueryValueW;
	static FARPROC WinHttpAddRequestHeaders;
	static FARPROC WinHttpAutoProxySvcMain;
	static FARPROC WinHttpCheckPlatform;
	static FARPROC WinHttpCloseHandle;
	static FARPROC WinHttpConnect;
	static FARPROC WinHttpConnectionDeletePolicyEntries;
	static FARPROC WinHttpConnectionDeleteProxyInfo;
	static FARPROC WinHttpConnectionFreeNameList;
	static FARPROC WinHttpConnectionFreeProxyInfo;
	static FARPROC WinHttpConnectionFreeProxyList;
	static FARPROC WinHttpConnectionGetNameList;
	static FARPROC WinHttpConnectionGetProxyInfo;
	static FARPROC WinHttpConnectionGetProxyList;
	static FARPROC WinHttpConnectionSetPolicyEntries;
	static FARPROC WinHttpConnectionSetProxyInfo;
	static FARPROC WinHttpConnectionUpdateIfIndexTable;
	static FARPROC WinHttpCrackUrl;
	static FARPROC WinHttpCreateProxyResolver;
	static FARPROC WinHttpCreateUrl;
	static FARPROC WinHttpDetectAutoProxyConfigUrl;
	static FARPROC WinHttpFreeProxyResult;
	static FARPROC WinHttpFreeProxyResultEx;
	static FARPROC WinHttpFreeProxySettings;
	static FARPROC WinHttpGetDefaultProxyConfiguration;
	static FARPROC WinHttpGetIEProxyConfigForCurrentUser;
	static FARPROC WinHttpGetProxyForUrl;
	static FARPROC WinHttpGetProxyForUrlEx;
	static FARPROC WinHttpGetProxyForUrlEx2;
	static FARPROC WinHttpGetProxyForUrlHvsi;
	static FARPROC WinHttpGetProxyResult;
	static FARPROC WinHttpGetProxyResultEx;
	static FARPROC WinHttpGetProxySettingsVersion;
	static FARPROC WinHttpGetTunnelSocket;
	static FARPROC WinHttpOpen;
	static FARPROC WinHttpOpenRequest;
	static FARPROC WinHttpPacJsWorkerMain;
	static FARPROC WinHttpProbeConnectivity;
	static FARPROC WinHttpQueryAuthSchemes;
	static FARPROC WinHttpQueryDataAvailable;
	static FARPROC WinHttpQueryHeaders;
	static FARPROC WinHttpQueryOption;
	static FARPROC WinHttpReadData;
	static FARPROC WinHttpReadProxySettings;
	static FARPROC WinHttpReadProxySettingsHvsi;
	static FARPROC WinHttpReceiveResponse;
	static FARPROC WinHttpResetAutoProxy;
	static FARPROC WinHttpSaveProxyCredentials;
	static FARPROC WinHttpSendRequest;
	static FARPROC WinHttpSetCredentials;
	static FARPROC WinHttpSetDefaultProxyConfiguration;
	static FARPROC WinHttpSetOption;
	static FARPROC WinHttpSetStatusCallback;
	static FARPROC WinHttpSetTimeouts;
	static FARPROC WinHttpTimeFromSystemTime;
	static FARPROC WinHttpTimeToSystemTime;
	static FARPROC WinHttpWebSocketClose;
	static FARPROC WinHttpWebSocketCompleteUpgrade;
	static FARPROC WinHttpWebSocketQueryCloseStatus;
	static FARPROC WinHttpWebSocketReceive;
	static FARPROC WinHttpWebSocketSend;
	static FARPROC WinHttpWebSocketShutdown;
	static FARPROC WinHttpWriteData;
	static FARPROC WinHttpWriteProxySettings;

};


#endif //PCH_H

进入主函数

// dllmain.cpp : 定义 DLL 应用程序的入口点。
#include "pch.h"

BOOL APIENTRY DllMain( HMODULE hModule,
                       DWORD  ul_reason_for_call,
                       LPVOID lpReserved
                     )
{
    switch (ul_reason_for_call)
    {
    case DLL_PROCESS_ATTACH:
    case DLL_THREAD_ATTACH:
    case DLL_THREAD_DETACH:
    case DLL_PROCESS_DETACH:
        break;
    }
    return TRUE;
}

//设置导出函数
//DLLEXPORT void GetFileVersionInfoA() { WinHttpForward::GetFileVersionInfoA(); };
DLLEXPORT void GetFileVersionInfoByHandle() { WinHttpForward::GetFileVersionInfoByHandle(); };
//DLLEXPORT void GetFileVersionInfoExA() { WinHttpForward::GetFileVersionInfoExA(); };
//DLLEXPORT void GetFileVersionInfoExW() { WinHttpForward::GetFileVersionInfoExW(); };
//DLLEXPORT void GetFileVersionInfoSizeA() { WinHttpForward::GetFileVersionInfoSizeA(); };
//DLLEXPORT void GetFileVersionInfoSizeExA() { WinHttpForward::GetFileVersionInfoSizeExA(); };
//DLLEXPORT void GetFileVersionInfoSizeExW() { WinHttpForward::GetFileVersionInfoSizeExW(); };
//DLLEXPORT void GetFileVersionInfoSizeW() { WinHttpForward::GetFileVersionInfoSizeW(); };
//DLLEXPORT void GetFileVersionInfoW() { WinHttpForward::GetFileVersionInfoW(); };
DLLEXPORT void Private1() { WinHttpForward::Private1(); };
DLLEXPORT void SvchostPushServiceGlobals() { WinHttpForward::SvchostPushServiceGlobals(); };
//DLLEXPORT void VerFindFileA() { WinHttpForward::VerFindFileA(); };
//DLLEXPORT void VerFindFileW() { WinHttpForward::VerFindFileW(); };
//DLLEXPORT void VerInstallFileA() { WinHttpForward::VerInstallFileA(); };
//DLLEXPORT void VerInstallFileW() { WinHttpForward::VerInstallFileW(); };
//DLLEXPORT void VerLanguageNameA() { WinHttpForward::VerLanguageNameA(); };
//DLLEXPORT void VerLanguageNameW() { WinHttpForward::VerLanguageNameW(); };
//DLLEXPORT void VerQueryValueA() { WinHttpForward::VerQueryValueA(); };
//DLLEXPORT void VerQueryValueW() { WinHttpForward::VerQueryValueW(); };
DLLEXPORT void WinHttpAddRequestHeaders() { WinHttpForward::WinHttpAddRequestHeaders(); };
DLLEXPORT void WinHttpAutoProxySvcMain() { WinHttpForward::WinHttpAutoProxySvcMain(); };
DLLEXPORT void WinHttpCheckPlatform() { WinHttpForward::WinHttpCheckPlatform(); };
DLLEXPORT void WinHttpCloseHandle() { WinHttpForward::WinHttpCloseHandle(); };
DLLEXPORT void WinHttpConnect() { WinHttpForward::WinHttpConnect(); };
DLLEXPORT void WinHttpConnectionDeletePolicyEntries() { WinHttpForward::WinHttpConnectionDeletePolicyEntries(); };
DLLEXPORT void WinHttpConnectionDeleteProxyInfo() { WinHttpForward::WinHttpConnectionDeleteProxyInfo(); };
DLLEXPORT void WinHttpConnectionFreeNameList() { WinHttpForward::WinHttpConnectionFreeNameList(); };
DLLEXPORT void WinHttpConnectionFreeProxyInfo() { WinHttpForward::WinHttpConnectionFreeProxyInfo(); };
DLLEXPORT void WinHttpConnectionFreeProxyList() { WinHttpForward::WinHttpConnectionFreeProxyList(); };
DLLEXPORT void WinHttpConnectionGetNameList() { WinHttpForward::WinHttpConnectionGetNameList(); };
DLLEXPORT void WinHttpConnectionGetProxyInfo() { WinHttpForward::WinHttpConnectionGetProxyInfo(); };
DLLEXPORT void WinHttpConnectionGetProxyList() { WinHttpForward::WinHttpConnectionGetProxyList(); };
DLLEXPORT void WinHttpConnectionSetPolicyEntries() { WinHttpForward::WinHttpConnectionSetPolicyEntries(); };
DLLEXPORT void WinHttpConnectionSetProxyInfo() { WinHttpForward::WinHttpConnectionSetProxyInfo(); };
DLLEXPORT void WinHttpConnectionUpdateIfIndexTable() { WinHttpForward::WinHttpConnectionUpdateIfIndexTable(); };
DLLEXPORT void WinHttpCrackUrl() { WinHttpForward::WinHttpCrackUrl(); };
DLLEXPORT void WinHttpCreateProxyResolver() { WinHttpForward::WinHttpCreateProxyResolver(); };
DLLEXPORT void WinHttpCreateUrl() { WinHttpForward::WinHttpCreateUrl(); };
DLLEXPORT void WinHttpDetectAutoProxyConfigUrl() { WinHttpForward::WinHttpDetectAutoProxyConfigUrl(); };
DLLEXPORT void WinHttpFreeProxyResult() { WinHttpForward::WinHttpFreeProxyResult(); };
DLLEXPORT void WinHttpFreeProxyResultEx() { WinHttpForward::WinHttpFreeProxyResultEx(); };
DLLEXPORT void WinHttpFreeProxySettings() { WinHttpForward::WinHttpFreeProxySettings(); };
DLLEXPORT void WinHttpGetDefaultProxyConfiguration() { WinHttpForward::WinHttpGetDefaultProxyConfiguration(); };
DLLEXPORT void WinHttpGetIEProxyConfigForCurrentUser() { WinHttpForward::WinHttpGetIEProxyConfigForCurrentUser(); };
DLLEXPORT void WinHttpGetProxyForUrl() { WinHttpForward::WinHttpGetProxyForUrl(); };
DLLEXPORT void WinHttpGetProxyForUrlEx() { WinHttpForward::WinHttpGetProxyForUrlEx(); };
DLLEXPORT void WinHttpGetProxyForUrlEx2() { WinHttpForward::WinHttpGetProxyForUrlEx2(); };
DLLEXPORT void WinHttpGetProxyForUrlHvsi() { WinHttpForward::WinHttpGetProxyForUrlHvsi(); };
DLLEXPORT void WinHttpGetProxyResult() { WinHttpForward::WinHttpGetProxyResult(); };
DLLEXPORT void WinHttpGetProxyResultEx() { WinHttpForward::WinHttpGetProxyResultEx(); };
DLLEXPORT void WinHttpGetProxySettingsVersion() { WinHttpForward::WinHttpGetProxySettingsVersion(); };
DLLEXPORT void WinHttpGetTunnelSocket() { WinHttpForward::WinHttpGetTunnelSocket(); };
DLLEXPORT void WinHttpOpen() { WinHttpForward::WinHttpOpen(); };
DLLEXPORT void WinHttpOpenRequest() { WinHttpForward::WinHttpOpenRequest(); };
DLLEXPORT void WinHttpPacJsWorkerMain() { WinHttpForward::WinHttpPacJsWorkerMain(); };
DLLEXPORT void WinHttpProbeConnectivity() { WinHttpForward::WinHttpProbeConnectivity(); };
DLLEXPORT void WinHttpQueryAuthSchemes() { WinHttpForward::WinHttpQueryAuthSchemes(); };
DLLEXPORT void WinHttpQueryDataAvailable() { WinHttpForward::WinHttpQueryDataAvailable(); };
DLLEXPORT void WinHttpQueryHeaders() { WinHttpForward::WinHttpQueryHeaders(); };
DLLEXPORT void WinHttpQueryOption() { WinHttpForward::WinHttpQueryOption(); };
DLLEXPORT void WinHttpReadData() { WinHttpForward::WinHttpReadData(); };
DLLEXPORT void WinHttpReadProxySettings() { WinHttpForward::WinHttpReadProxySettings(); };
DLLEXPORT void WinHttpReadProxySettingsHvsi() { WinHttpForward::WinHttpReadProxySettingsHvsi(); };
DLLEXPORT void WinHttpReceiveResponse() { WinHttpForward::WinHttpReceiveResponse(); };
DLLEXPORT void WinHttpResetAutoProxy() { WinHttpForward::WinHttpResetAutoProxy(); };
DLLEXPORT void WinHttpSaveProxyCredentials() { WinHttpForward::WinHttpSaveProxyCredentials(); };
DLLEXPORT void WinHttpSendRequest() { WinHttpForward::WinHttpSendRequest(); };
DLLEXPORT void WinHttpSetCredentials() { WinHttpForward::WinHttpSetCredentials(); };
DLLEXPORT void WinHttpSetDefaultProxyConfiguration() { WinHttpForward::WinHttpSetDefaultProxyConfiguration(); };
DLLEXPORT void WinHttpSetOption() { WinHttpForward::WinHttpSetOption(); };
DLLEXPORT void WinHttpSetStatusCallback() { WinHttpForward::WinHttpSetStatusCallback(); };
DLLEXPORT void WinHttpSetTimeouts() { WinHttpForward::WinHttpSetTimeouts(); };
DLLEXPORT void WinHttpTimeFromSystemTime() { WinHttpForward::WinHttpTimeFromSystemTime(); };
DLLEXPORT void WinHttpTimeToSystemTime() { WinHttpForward::WinHttpTimeToSystemTime(); };
DLLEXPORT void WinHttpWebSocketClose() { WinHttpForward::WinHttpWebSocketClose(); };
DLLEXPORT void WinHttpWebSocketCompleteUpgrade() { WinHttpForward::WinHttpWebSocketCompleteUpgrade(); };
DLLEXPORT void WinHttpWebSocketQueryCloseStatus() { WinHttpForward::WinHttpWebSocketQueryCloseStatus(); };
DLLEXPORT void WinHttpWebSocketReceive() { WinHttpForward::WinHttpWebSocketReceive(); };
DLLEXPORT void WinHttpWebSocketSend() { WinHttpForward::WinHttpWebSocketSend(); };
DLLEXPORT void WinHttpWebSocketShutdown() { WinHttpForward::WinHttpWebSocketShutdown(); };
DLLEXPORT void WinHttpWriteData() { WinHttpForward::WinHttpWriteData(); };
DLLEXPORT void WinHttpWriteProxySettings() { WinHttpForward::WinHttpWriteProxySettings(); };

hook mono函数

#ifndef _MonoFun_H_
#define _MonoFun_H_

class MonoFun
{
public:
	static FARPROC mono_fun_init(HMODULE hModule);
	static FARPROC InitVerionApiDebug(HMODULE hModule, LPCSTR lpString1);

	//--------------成员------------
	static Mono_thread_current_Fun mono_thread_current ;
	static Mono_thread_set_main_Fun mono_thread_set_main;
	static Mono_jit_init_version_Fun mono_jit_init_version ;
	static Mono_domain_assembly_open_Fun mono_domain_assembly_open ;
	static Mono_assembly_get_image_Fun mono_assembly_get_image ;
	static Mono_runtime_invoke_Fun mono_runtime_invoke;
	static Mono_method_desc_new_Fun mono_method_desc_new;
	static Mono_method_desc_search_in_image_Fun mono_method_desc_search_in_image ;
	static Mono_method_desc_free_Fun mono_method_desc_free;
	static Mono_method_signature_Fun mono_method_signature;
	static Mono_signature_get_param_count_Fun mono_signature_get_param_count ;
	static Mono_domain_set_config_Fun mono_domain_set_config ;
	static Mono_array_new_Fun mono_array_new ;
	static Mono_get_string_class_Fun mono_get_string_class;
	static Mono_assembly_getrootdir_Fun mono_assembly_getrootdir ;
	static Mono_set_dirs_Fun mono_set_dirs ;
	static Mono_config_parse_Fun mono_config_parse ;
	static Mono_set_assemblies_path_Fun mono_set_assemblies_path ;
	static Mono_object_to_string_Fun mono_object_to_string;
	static Mono_string_to_utf8_Fun mono_string_to_utf8 ;
	static Mono_free_Fun mono_free;
	static Mono_image_open_from_data_with_name_Fun mono_image_open_from_data_with_name ;
	static Mono_assembly_load_from_full_Fun mono_assembly_load_from_full ;
	static Mono_jit_parse_options_Fun mono_jit_parse_options ;
	static Mono_debug_init_Fun mono_debug_init ;
	static Mono_debug_domain_create_Fun mono_debug_domain_create;
	static Mono_debug_enabled_Fun mono_debug_enabled ;


};

#endif

hook 头文件

#include "pch.h"
#include "Mono.h"
#include "MonoFun.h"


Mono_thread_current_Fun MonoFun::mono_thread_current;
Mono_thread_set_main_Fun MonoFun::mono_thread_set_main;
Mono_jit_init_version_Fun MonoFun::mono_jit_init_version;
Mono_domain_assembly_open_Fun MonoFun::mono_domain_assembly_open;
Mono_assembly_get_image_Fun MonoFun::mono_assembly_get_image;
Mono_runtime_invoke_Fun MonoFun::mono_runtime_invoke;
Mono_method_desc_new_Fun MonoFun::mono_method_desc_new;
Mono_method_desc_search_in_image_Fun MonoFun::mono_method_desc_search_in_image;
Mono_method_desc_free_Fun MonoFun::mono_method_desc_free;
Mono_method_signature_Fun MonoFun::mono_method_signature;
Mono_signature_get_param_count_Fun MonoFun::mono_signature_get_param_count;
Mono_domain_set_config_Fun MonoFun::mono_domain_set_config;
Mono_array_new_Fun MonoFun::mono_array_new;
Mono_get_string_class_Fun MonoFun::mono_get_string_class;
Mono_assembly_getrootdir_Fun MonoFun::mono_assembly_getrootdir;
Mono_set_dirs_Fun MonoFun::mono_set_dirs;
Mono_config_parse_Fun MonoFun::mono_config_parse;
Mono_set_assemblies_path_Fun MonoFun::mono_set_assemblies_path;
Mono_object_to_string_Fun MonoFun::mono_object_to_string;
Mono_string_to_utf8_Fun MonoFun::mono_string_to_utf8;
Mono_free_Fun MonoFun::mono_free;
Mono_image_open_from_data_with_name_Fun MonoFun::mono_image_open_from_data_with_name;
Mono_assembly_load_from_full_Fun MonoFun::mono_assembly_load_from_full;
Mono_jit_parse_options_Fun MonoFun::mono_jit_parse_options;
Mono_debug_init_Fun MonoFun::mono_debug_init;
Mono_debug_domain_create_Fun MonoFun::mono_debug_domain_create;
Mono_debug_enabled_Fun MonoFun::mono_debug_enabled;

FARPROC MonoFun::mono_fun_init(HMODULE hModule) {
	FARPROC result =NULL; // eax

	mono_thread_current =(Mono_thread_current_Fun) GetProcAddress(hModule, "mono_thread_current");
	mono_thread_set_main = (Mono_thread_set_main_Fun)GetProcAddress(hModule, "mono_thread_set_main");
	mono_jit_init_version = (Mono_jit_init_version_Fun)GetProcAddress(hModule, "mono_jit_init_version");
	mono_domain_assembly_open = (Mono_domain_assembly_open_Fun)GetProcAddress(hModule, "mono_domain_assembly_open");
	mono_assembly_get_image = (Mono_assembly_get_image_Fun)GetProcAddress(hModule, "mono_assembly_get_image");
	mono_runtime_invoke = (Mono_runtime_invoke_Fun)GetProcAddress(hModule, "mono_runtime_invoke");
	mono_method_desc_new = (Mono_method_desc_new_Fun)GetProcAddress(hModule, "mono_method_desc_new");
	mono_method_desc_search_in_image = (Mono_method_desc_search_in_image_Fun)GetProcAddress(hModule, "mono_method_desc_search_in_image");
	mono_method_desc_free = (Mono_method_desc_free_Fun)GetProcAddress(hModule, "mono_method_desc_free");
	mono_method_signature = (Mono_method_signature_Fun)GetProcAddress(hModule, "mono_method_signature");
	mono_signature_get_param_count = (Mono_signature_get_param_count_Fun)GetProcAddress(hModule, "mono_signature_get_param_count");
	mono_domain_set_config = (Mono_domain_set_config_Fun)GetProcAddress(hModule, "mono_domain_set_config");
	mono_array_new = (Mono_array_new_Fun)GetProcAddress(hModule, "mono_array_new");
	mono_get_string_class = (Mono_get_string_class_Fun)GetProcAddress(hModule, "mono_get_string_class");
	mono_assembly_getrootdir = (Mono_assembly_getrootdir_Fun)GetProcAddress(hModule, "mono_assembly_getrootdir");
	mono_set_dirs = (Mono_set_dirs_Fun)GetProcAddress(hModule, "mono_set_dirs");
	mono_config_parse = (Mono_config_parse_Fun)GetProcAddress(hModule, "mono_config_parse");
	mono_set_assemblies_path = (Mono_set_assemblies_path_Fun)GetProcAddress(hModule, "mono_set_assemblies_path");
	mono_object_to_string = (Mono_object_to_string_Fun)GetProcAddress(hModule, "mono_object_to_string");
	mono_string_to_utf8 = (Mono_string_to_utf8_Fun)GetProcAddress(hModule, "mono_string_to_utf8");
	mono_free = (Mono_free_Fun)GetProcAddress(hModule, "mono_free");
	mono_image_open_from_data_with_name = (Mono_image_open_from_data_with_name_Fun)GetProcAddress(hModule, "mono_image_open_from_data_with_name");
	mono_assembly_load_from_full = (Mono_assembly_load_from_full_Fun)GetProcAddress(hModule, "mono_assembly_load_from_full");
	mono_jit_parse_options = (Mono_jit_parse_options_Fun)GetProcAddress(hModule, "mono_jit_parse_options");
	mono_debug_init = (Mono_debug_init_Fun)GetProcAddress(hModule, "mono_debug_init");
	mono_debug_domain_create = (Mono_debug_domain_create_Fun)GetProcAddress(hModule, "mono_debug_domain_create");
	mono_debug_enabled = (Mono_debug_enabled_Fun)GetProcAddress(hModule, "mono_debug_enabled");

	return result;

}

FARPROC MonoFun::InitVerionApiDebug(HMODULE hModule, LPCSTR lpString1) {


	bool IsglobaFlag = false;

	if (lstrcmpA(lpString1, "il2cpp_init"))
	{
		if (lstrcmpA(lpString1, "mono_jit_init_version"))
		{
			if (lstrcmpA(lpString1, "mono_image_open_from_data_with_name"))
			{
				if (lstrcmpA(lpString1, "mono_jit_parse_options"))
				{
					if (lstrcmpA(lpString1, "mono_debug_init"))
					{
						return GetProcAddress(hModule, lpString1);
					}
					else
					{
						if (!IsglobaFlag)
						{
							IsglobaFlag = true;
							//sub_10001BA1(hModule);
							mono_fun_init(hModule);
						}
						//return sub_100026B7;
					}
				}
				else
				{
					if (!IsglobaFlag)
					{
						IsglobaFlag = true;
						//sub_10001BA1(hModule);
						mono_fun_init(hModule);
					}
					//return (FARPROC)&sub_100027D1;
				}
			}
			else
			{
				if (!IsglobaFlag)
				{
					IsglobaFlag = true;
					//sub_10001BA1(hModule);
					mono_fun_init(hModule);
				}
				//return (FARPROC)sub_100026C7;
			}
		}
		else
		{
			if (!IsglobaFlag)
			{
				IsglobaFlag = true;
				//sub_10001BA1(hModule);
				mono_fun_init(hModule);
			}
			//return (FARPROC)sub_10002AA7;
		}
	}
	else
	{
		if (!IsglobaFlag)
		{
			IsglobaFlag = true;
			//sub_10001EEB(hModule);
		}
		//return sub_10002A7F;
	}




	return GetProcAddress(hModule, lpString1);









}

hook 函数声明

#ifndef _MONO_H_
#define _MONO_H_

typedef bool gboolean;
typedef unsigned short guint16;
typedef unsigned int guint32;
typedef bool mono_bool;
typedef int int32_t;

typedef struct _MonoMethodDesc {
	char* name_space;
	char* klass;
	char* name;
	char* args;
} MonoMethodDesc;

typedef struct _MonoImage {
	int   ref_count;
	void* raw_data_handle;
	char* raw_data;
	unsigned int raw_data_len;

	//Others...
} MonoImage;

typedef struct _MonoAssembly {

	//Others...
} MonoAssembly;

typedef  struct _MonoMethod {
	guint16 flags;  /* method flags */
	guint16 iflags; /* method implementation flags */
	guint32 token;
	void* klass; /* To what class does this method belong */
	void* signature;
	/* name is useful mostly for debugging */
	const char* name;
	/* this is used by the inlining algorithm */
	unsigned int inline_info : 1;
	unsigned int inline_failure : 1;
	unsigned int wrapper_type : 5;
	unsigned int string_ctor : 1;
	unsigned int save_lmf : 1;
	unsigned int dynamic : 1; /* created & destroyed during runtime */
	unsigned int sre_method : 1; /* created at runtime using Reflection.Emit */
	unsigned int is_generic : 1; /* whenever this is a generic method definition */
	unsigned int is_inflated : 1; /* whether we're a MonoMethodInflated */
	unsigned int skip_visibility : 1; /* whenever to skip JIT visibility checks */
	unsigned int _unused : 2; /* unused */
	signed int slot : 16;
} MonoMethod;

typedef  struct _MonoMethodSignature {
	void* ret;

} MonoMethodSignature;

typedef enum {
	MONO_DEBUG_FORMAT_NONE,
	MONO_DEBUG_FORMAT_MONO,
	/* Deprecated, the mdb debugger is not longer supported. */
	MONO_DEBUG_FORMAT_DEBUGGER
} MonoDebugFormat;

typedef struct _MonoObject {
	void* vtable;
	void* synchronisation;
} MonoObject;

typedef enum {
	MONO_IMAGE_OK,
	MONO_IMAGE_ERROR_ERRNO,
	MONO_IMAGE_MISSING_ASSEMBLYREF,
	MONO_IMAGE_IMAGE_INVALID
} MonoImageOpenStatus;

typedef MonoImage* (*Mono_image_open_from_data_with_name_Fun) (char* data, unsigned int data_len, bool need_copy, MonoImageOpenStatus* status, bool refonly, const char* name);

typedef MonoAssembly* (*Mono_assembly_load_from_full_Fun) (MonoImage* image, const char* fname, MonoImageOpenStatus* status, gboolean refonly);

typedef void (*Mono_jit_parse_options_Fun)(int argc, char* argv[]);

typedef MonoMethodDesc* (*Mono_method_desc_new_Fun)(const char* name, gboolean include_namespace);


typedef MonoMethod* (*Mono_method_desc_search_in_image_Fun)(MonoMethodDesc* desc, MonoImage* image);

typedef void (*Mono_method_desc_free_Fun)(MonoMethodDesc* desc);

typedef  MonoMethodSignature* (*Mono_method_signature_Fun)(MonoMethod* method);


typedef  guint32 (*Mono_signature_get_param_count_Fun)(MonoMethodSignature* sig);

typedef  struct _MonoDomain {

} MonoDomain;

typedef  struct _MonoThread {
	MonoObject obj;
	void* *internal_thread;
	MonoObject *start_obj;
	void* pending_exception;
} MonoThread;

typedef  struct _MonoArray {
	MonoObject obj;
	/* bounds is NULL for szarrays */
	void *bounds;
	/* total number of elements of the array */

} MonoArray;

typedef  struct _MonoClass {
	void* element_class;
	void*  cast_class;
} MonoClass;

typedef  struct _MonoString {
	MonoObject object;
	int32_t length;

} MonoString;

typedef  MonoObject* (*Mono_runtime_invoke_Fun)(MonoMethod* method, void* obj, void** params,MonoObject** exc);

typedef  void (*Mono_debug_init_Fun)(MonoDebugFormat format);

typedef  void (*Mono_debug_domain_create_Fun)(MonoDomain* domain);

typedef  mono_bool (*Mono_debug_enabled_Fun)(void);

typedef  void (*Mono_config_parse_Fun)(const char* filename);

typedef  void (*Mono_set_assemblies_path_Fun)(const char* path);

typedef  void (*Mono_free_Fun) (void *);


typedef  MonoImage* (*Mono_assembly_get_image_Fun) (MonoAssembly *assembly);

typedef  void (*Mono_domain_set_config_Fun)(MonoDomain *domain, const char *base_dir, const char *config_file_name);

typedef  MonoArray* (*Mono_array_new_Fun) (MonoDomain *domain, MonoClass *eclass, uintptr_t n);

typedef  MonoClass* (*Mono_get_string_class_Fun) (void);

typedef  char* (*Mono_assembly_getrootdir_Fun) (void);

typedef  void  (*Mono_set_dirs_Fun) (const char *assembly_dir, const char *config_dir);



typedef  MonoThread* (*Mono_thread_current_Fun) (void);


typedef  void  (*Mono_thread_set_main_Fun) (MonoThread *thread);

typedef  MonoDomain* (*Mono_jit_init_version_Fun)(const char *root_domain_name, const char *runtime_version);


typedef  MonoAssembly* (*Mono_domain_assembly_open_Fun) (MonoDomain* domain, const char* name);

typedef  MonoString* (*Mono_object_to_string_Fun) (MonoObject *obj, MonoObject **exc);

typedef  char* (*Mono_string_to_utf8_Fun) (MonoString* s);


#endif

qq_52308245
关注
  • 2
    点赞
  • 0
    收藏
    觉得还不错? 一键收藏
  • 1
    评论
winhttp.dll
12-27
winhttp
WinHttp类模块5.1.rar
04-05
WinHttp类模块5.1.rar WinHttp类模块5.1.rar WinHttp类模块5.1.rar WinHttp类模块5.1.rar WinHttp类模块5.1.rar WinHttp类模块5.1.rar
安全课程设计DLL注入设计
毕业作品网站
01-12 452
C:\Users\22057\Documents\Study\Class\GameSecurity\《校企合作课》-客户端-FlappyBird\FlappyBird_Data\Mono\EmbedRuntime\mono_original.dll。C:\Users\22057\Documents\Study\Class\GameSecurity\《校企合作课》-客户端-FlappyBird\FlappyBird_Data\Mono\EmbedRuntime\mono.dll。2、 DLL 劫持注入 2。
DllMain操作不当造成死锁
CoderAldrich的专栏
05-20 963
背景是这样的,做驻留模块的时候用到了dll劫持,需要在黑DLL(A)里面的dllmain里面调用驻留DLL(B)中的一些功能,但是在实际操作过程中却遇到了问题,现象是B中的功能没有被执行,连打印的DBG信息都没了(其实也就是死锁了),尝试过在dllmain中直接调用函数加载B,也尝试了在dllmain中创建线程加载B,都会出现一些问题,实在不想继续对dllmain云里雾里,于是决定去搞清楚。 ...
资深渗透测试工程师的渗透技巧总结(67个Tips)
tzyyyyyy的博客
11-16 1398
本质上是DLL文件,后缀名为cpl,包含一个导出函数CPLApplet(c实现可不指定)执行方法:(1)双击直接运行(2)cmd(3)cmd(4)vbsDim obj(5)js参考:《CPL文件利用介绍》
JavaScript Phishing
weixin_34288121的博客
03-08 180
三好学生 · 2016/01/27 14:430x00 前言前段时间分享了JavaScript Backdoor技术,着重对其功能的开发、Bug的优化做了介绍,这次研究一下JavaScript Backdoor在实际渗透测试中的利用方法。0x01 简介特点:通过cmd执行代码即可弹回shell优势:免杀简便较隐蔽利用思路:综合其优势特点,JavaScript作为Phishing Payload有着...
Eltima 端口虚拟化软件授权分析
Chivalrys的博客
01-07 1181
可以通过两种方式实现本地授权,一是重新生成RSA2048秘钥对,替换可执行文件内的公钥,用私钥加密授权文件保存为act文件,既可实现授权许可;把编译好的WinHttp.dll复制到程序根目录下,USB Network Gate 有64位版本,需要复制Win64目录下的WinHttp.dll,32位版本的复制Win32目录下的WinHttp.dll。新的函数首先调用原来的解密函数,得到返回值后通过ModifyLicense函数,修改返回的license再返回给程序。提供先进的推理,复杂的指令,更多的创造力。
有哪些新手小白不知道的渗透小技巧?
zkaqlaoniao的博客
10-25 3853
目录 Tips 1. 手动端口探测 Tips 2. Windows系统从Kali下载文件 Tips 3. 配置工作组计算机,使其支持net use远程连接 Tips 4. Windows日志清除 Tips 5. 破坏Windows日志记录功能 Tips 6. Win7和Windows Server 2008 R2下的进程隐藏 Tips 7. 同名exe和com文件执行顺序 Tips 8. Windows系统证书生成与注册 Tips 9. hta执行vbs,加载powershell T
Pentest-and-Development-Tips
Grey的博客
04-08 2661
Pentest-and-Development-TipsA collection of pentest and development tipsAuthor: 3gstudent声明以下技巧不应用于非法用途Tips 1. 手动端口探测nmap的-sV可以探测出服务版本,但有些情况下必须手动探测去验证使用Wireshark获取响应包未免大材小用,可通过nc简单判断eg.对于8001端口,nc连接上去...
深入探究Windows平台客户端安全问题-进程地址空间入侵和白加黑高阶利用
热门推荐
Less Is More
05-28 1万+
标 题: 深入探究Windows平台客户端安全问题-进程地址空间入侵和白加黑高阶利用 时 间: 2014-09-08,00:03:51 前言 为了避免被读者骂“标题党”,笔者在文章开头先澄清一下这个高大尚的“进程地址空间入侵”的可替代词语—注入。 看完第一句还能看到这里的读者一般有两种:1.初学者,实在是不懂所以需要学习的同学 2.大牛,只是想看看笔者打算怎么来炒“注入”这
Win7的WinHTTP支持TLS1.2,修复WinHttp.WinHttpRequest或msxml3.dll出现安全频道支
02-02
描述中提到的“修复WinHttp.WinHttpRequest或msxml3.dll出现安全频道支持出错问题”,是指在使用WinHttp.WinHttpRequest对象(一个用于发起HTTP请求的COM对象)或msxml3.dll(Microsoft XML Core Services的一个旧...
易语言WinHttp模块
08-16
易语言WinHttp模块是专为易语言编程环境设计的一个组件,它基于Windows的WinHttp API,使得易语言程序能够方便地进行HTTP通信,包括发送HTTP请求、接收响应数据等网络操作。这个模块对于开发需要与互联网交互的应用...
C++ Primer Plus第五版》
风中的默默
06-26 944
连续分段空间,由一段一段的连续空间构成的,用一小块连续的内存空间map作为主控(不是STL的map容器),里面的每一个元素都是一个指针,指向另一段连续性内存空间,称作缓冲区,默认使用 512 字节大小。假设我们定义一个双向链表,把链表上节点都定义成shared_ptr智能指针,当其中两个节点互相引用的时候,就会出现循环引用的现象。堆是我们通过new关键字来动态申请的内存空间,堆上分配的内存需要我们手动管理,堆是不连续的内存区域,以链表的形式分配的,如果我们没有正确释放堆上的内存可能会出现内存泄漏。
关键路径——C语言(理论)
最新发布
2302_80790488的博客
06-28 753
关键路径,是项目网络中从起始事件到终止事件的最长路径,决定了项目的最短完成时间。 关键路径中的任务没有任何可调整的余地,如果任何一个任务被延迟,整个项目的完成时间也会被延迟。
C语言-二级指针应用场景
gopher9511的博客
06-26 928
使用二级指针的主要目的是为了安全地管理和修改指针,避免悬挂指针问题。在函数内部,能够直接修改调用者的指针,使其指向 NULL,从而提升代码的健壮性。
C++精解【7】
应用数学
06-27 1057
使用一种存储顺序的矩阵和数组可以分配给使用另一种存储顺序的矩阵和数组,就像上面的程序中使用Acolmajor初始化Arowmajor时发生的那样。3.缺省情况下,Eigen是列为主的。这意味着,尽管我们的目标是透明地支持列为主和行为主的存储顺序,但Eigen库可能最适合列为主的矩阵。2.当矩阵以行为主的顺序存储时,由于更好的数据局部性,逐行遍历矩阵的算法将运行得更快。为了找出适合您的特定应用程序的更快的方法,进行一些实验可能是值得的。或者,您可以使用Eigen以外的其他库,这些库可能需要特定的存储顺序。
C语言从头学26——函数说明符
m0_72128260的博客
06-26 1023
本文简要介绍一下extern、static、const等函数说明符的含义及使用。
什么野指针(c++
qq_35374791的博客
06-24 8909
野指针(Wild Pointer)是指向不确定位置或者非法地址的指针。当一个指针指向的内存被释放后,如果没有将其设置为NULL,那么这个指针就变成了野指针。使用野指针会导致未定义行为,可能引发程序崩溃或数据损坏。
使用 Winhttp.dll 下载一张图片
07-11
你可以使用 Winhttp.dll 来下载图片。下面是一个使用 Winhttp.dll 下载图片的示例代码: ```cpp #include #include <Winhttp.h> #include #include #pragma comment(lib, "Winhttp.lib") int main() { // ...

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论 1
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值