使用writeprocess写机器码改变代码执行状态

最新推荐文章于 2021-05-18 04:33:28 发布

飞天赤狐

最新推荐文章于 2021-05-18 04:33:28 发布

阅读量518

点赞数

文章标签： include byte user

本文链接：https://blog.csdn.net/xiaoqiang321/article/details/4493862

版权

#include <windows.h>
#include <tchar.h>
#include <windef.h>

typedef int (*PFNMESSAGEW)(HWND,LPCWSTR,LPCWSTR,UINT);

int sum(int a,int b);

LPCWSTR STR_OK=_T("ok");
LPCWSTR STR_WORDS=_T("it work well");

PFNMESSAGEW pfnMessageBoxW=NULL;
int WinMain(HINSTANCE hInstance,HINSTANCE,LPSTR lpCmdLine,int nShowCmd)
{
DWORD dwNum=0;

    BYTE OBJ_CODE[]={0xe9,0x0,0x0,0x0,0x0};//jmp code

    HMODULE hUser32=::LoadLibraryA("user32");
    pfnMessageBoxW=(PFNMESSAGEW)GetProcAddress(hUser32,"MessageBoxW");

    //获取__MESSAGEBOX地址
    DWORD dwMessageAddr=0;
    _asm
    {
        push       ebx
        mov        ebx, __MESSAGEBOX
        mov        dwMessageAddr,ebx
        pop        ebx
    }

//计算改变后的地址地址
    dwMessageAddr-=(DWORD)sum+5;
    memcpy(&OBJ_CODE[1],&dwMessageAddr,sizeof(DWORD));

    DWORD dwSumAddr=(DWORD)sum;
    ::WriteProcessMemory(::GetCurrentProcess(),(LPVOID)dwSumAddr,OBJ_CODE,5,&dwNum);

    int s=sum(3,5);

    _asm
    {
__MESSAGEBOX:
        push    MB_OK
        push    STR_OK
        push    STR_WORDS
        push    0
        call    pfnMessageBoxW
        add        esp,16
    }
    FreeLibrary(hUser32);

    return 0;
}

int sum(int a,int b)
{

    return 5;
}