关于LdrLoadDll
调用过程:LoadLibraryA->LoadLibraryW->LdrLoadDll……针对有些未加载kernel32.dll的进程,可以用ShellCode+LdrLoadDll进行DLL注入
还有就是可以用LdrGetProcedureAddress代替GetProcAddress
使用方法:
Private Declare Function LdrLoadDll Lib "NTDLL.DLL" (PathToFile As String, ByVal Flags As Long, ModuleFileName As UNICODE_STRING, ModuleHandle As Long) As Long
Private Type UNICODE_STRING
Length As Integer
MaximumLength As Integer
Buffer As Long
End Type
Private Sub xx()
Dim uPath As UNICODE_STRING
Dim hModule As Long
uPath.Buffer = StrPtr(dllPath)
uPath.Length = LenB(dllPath)
uPath.MaximumLength = uPath.Length
LdrLoadDll vbNullString, 0, uPath, hModule
End Sub
页:
[1]