标题:关于进程注入DLL的问题。
取消只看楼主
发掘梦
Rank: 1
等 级:新手上路
帖 子:13
专家分:1
注 册:2009-11-8
结帖率:100%
 问题点数:0 回复次数:0 
关于进程注入DLL的问题。
       #region DllImport
        [DllImport("kernel32.dll")] //声明API函数  
        public static extern int VirtualAllocEx(IntPtr hwnd, int lpaddress, int size, int type, int tect);
        [DllImport("kernel32.dll")]
        public static extern int WriteProcessMemory(IntPtr hwnd, int baseaddress, string buffer, int nsize, int filewriten);
        [DllImport("kernel32.dll")]
        public static extern int GetProcAddress(int hwnd, string lpname);
        [DllImport("kernel32.dll")]
        public static extern int GetModuleHandleA(string name);
        [DllImport("kernel32.dll")]
        public static extern int CreateRemoteThread(IntPtr hwnd, int attrib, int size, int address, int par, int flags, int threadid);
        #endregion
        private void button1_Click(object sender, EventArgs e)
        {
            int ok1;
            int baseaddress;
            int temp = 0;
            int hack;
            int yan;
            string dllname=AppDomain.CurrentDomain.BaseDirectory+"mana.dll";
            dllname =dllname.Insert(2,"\\");
            int dlllength;
            dlllength = dllname.Length + 1;
            Process[] pname = Process.GetProcesses(); //取得所有进程  
            foreach (Process name in pname) //遍历进程  
            {
                if (name.ProcessName.ToLower().IndexOf("note") != -1) //进程名,那么下面开始注入  
                {

                    baseaddress = VirtualAllocEx(name.Handle, 0, dlllength, 4096, 4); //申请内存空间
                    if (baseaddress == 0) //返回0则操作失败,下面都是  
                    {
                        MessageBox.Show("申请内存空间失败!!");
                        Application.Exit();
                    }
                    ok1 = WriteProcessMemory(name.Handle, baseaddress, dllname, dlllength, temp); //写内存  
                    if (ok1 == 0)
                    {

                        MessageBox.Show("写内存失败!!");
                        Application.Exit();
                    }
                    hack = GetProcAddress(GetModuleHandleA("Kernel32"), "LoadLibraryA"); //取得loadlibarary在kernek32.dll地址  
                    if (hack == 0)
                    {
                        MessageBox.Show("无法取得函数的入口点!!");
                        Application.Exit();
                    }
                    yan = CreateRemoteThread(name.Handle, 0, 0, hack, baseaddress, 0, temp); //创建远程线程。  
                    if (yan == 0)
                    {
                        MessageBox.Show("创建远程线程失败!!");
                        Application.Exit();
                    }
                    else
                    {
                        MessageBox.Show("注入dll成功!");
                        Application.Exit();
                    }

                }

            }
        }
这段代码,想实现按下按钮把同级目录下的dll注入到进程中去,我把程序和dll放在桌面按下按钮成功注入,但是当我把程序和dll文件放到比较长的目录下不行。。。例如:放到这么长的目录下就不行。D:\1\新建文件夹\abc\新建文件夹\新建文件夹\新建文件夹\as\cv\cf...它同样会显示注入成功,但是dll中的功能没加进到进程中去。。。
搜索更多相关主题的帖子: 声明 public 
2011-06-18 19:10



参与讨论请移步原网站贴子:https://bbs.bccn.net/thread-343297-1-1.html




关于我们 | 广告合作 | 编程中国 | 清除Cookies | TOP | 手机版

编程中国 版权所有,并保留所有权利。
Powered by Discuz, Processed in 0.073770 second(s), 8 queries.
Copyright©2004-2024, BCCN.NET, All Rights Reserved