留个档,特点就是注入后只有ntdll加载了,其他系统模块都没加载,所以需要自己搞点东西
void reg_inject_dll(LPCTSTR lpszExeName,LPCTSTR lpszDllName)
{
HKEY hKey;
int dwFlag = 0x100;
TCHAR szKey[MAX_PATH] = {};
StringCbPrintf(szKey,sizeof(szKey),
_T("Software\\Microsoft\\Windows NT\\CurrentVersion\\Image File Execution Options\\%s"),
lpszExeName);
RegCreateKeyEx(HKEY_LOCAL_MACHINE,
szKey,
0, NULL,
0, KEY_ALL_ACCESS,
NULL, &hKey, NULL);
RegSetValueEx(hKey, _T("VerifierDlls"), 0, REG_SZ, (BYTE *)lpszDllName, (lstrlen(lpszDllName) + 1) * sizeof(char));
RegSetValueEx(hKey, _T("GlobalFlag"), 0, REG_DWORD, (BYTE *)&dwFlag, sizeof(dwFlag));
RegCloseKey(hKey);
}