delphi代码注入的问题。。。望高手解答下
代码注入目标进程后,该怎么运行代码?比如跨进程调用目标进程的一个CALL,先要注入代码,然后怎么办?
////////////////
var
{要注入线程的窗口句柄和临时存放的句柄}
TmpHandle: THandle;
ThreadID: Thandle;
ThreadAdd:pointer;
WriteCount: DWORD;
begin
ThreadAdd := VirtualAllocEx(Hid, nil, 128, MEM_COMMIT, PAGE_EXECUTE_READWRITE);//在目标进程建立内存空间
WriteProcessMemory(Hid, ThreadAdd,FunName, 128, WriteCount);//将要注入的过程写到上面建立的内存空间中
TmpHandle := CreateRemoteThread(Hid, nil, 0, ThreadAdd, nil, CREATE_SUSPENDED, ThreadID);//获得注入后过程的句柄ID
result:=TmpHandle;//返回句柄ID
end;
////////////////
result:=TmpHandle; 这个隐含变量返回哪里? 这个没必要返回吧,当一个过程调用,这里有个例子,我是菜鸟
procedure InjectFunc(N_Pid: THandle; FunName: Pointer; Param: Pointer; ParamSize:DWORD);stdcall;
var
FunNameaddr: pointer; //申请函数内存地址
Paramaddr: pointer; //申请参数内存地址
NumberOfByte: Dword; //辅助返回值
TempHandle, phandle: Thandle; //远程句
begin
phandle := OpenProcess(PROCESS_ALL_ACCESS, False, N_Pid);
//通过进程ID取得进程句柄
FunNameaddr := VirtualAllocEx(phandle, nil, 2048, MEM_COMMIT,
PAGE_EXECUTE_READWRITE); //申请内
Paramaddr := VirtualAllocEx(phandle, nil, ParamSize, MEM_COMMIT,
PAGE_EXECUTE_READWRITE); //写内存
WriteProcessMemory(phandle, FunNameaddr, FunName, 2048, NumberOfByte);
WriteProcessMemory(phandle, Paramaddr, Param, ParamSize, NumberOfByte);
TempHandle := CreateRemoteThread(phandle, nil, 0, FunNameaddr, Paramaddr, 0,
NumberOfByte); //远程运行
WaitForSingleObject(TempHandle, INFINITE); //等待执行完成
VirtualFreeEx(phandle, FunNameaddr, 2048, MEM_RELEASE); //释放申请有内存
VirtualFreeEx(phandle, Paramaddr, ParamSize, MEM_RELEASE);
CloseHandle(TempHandle); //释放远程句柄
CloseHandle(phandle); //关闭进程句柄
end;
页:
[1]