好的,我不久前在 VB.net 中制作了一个 DLL 注入器。它适用于除我之外的任何 DLL。所以我知道问题出在DLL上。这是注入器的代码:
Private Function Inject(ByVal pID As Integer, ByVal dllLocation As String) As Boolean
Dim hProcess As Integer = OpenProcess(&H1F0FFF, 1, pID)
If hProcess = 0 Then
Return False
MessageBox.Show("Could not open process!")
End If
Dim dllBytes As Byte() = System.Text.Encoding.ASCII.GetBytes(dllLocation)
Dim allocAddress As Integer = VirtualAllocEx(hProcess, 0, dllBytes.Length, &H1000, &H4)
If allocAddress = Nothing Then
Return False
MessageBox.Show("Could not allocate the address!")
End If
Dim kernelMod As Integer = GetModuleHandle("kernel32.dll")
Dim loadLibAddr = GetProcAddress(kernelMod, "LoadLibraryA")
If (kernelMod = 0) Then
MessageBox.Show("Could not get the Module")
Return False
End If
If (loadLibAddr = 0) Then
MessageBox.Show("get the Process address!")
Return False
End If
WriteProcessMemory(hProcess, allocAddress, dllBytes, dllBytes.Length, 0)
Dim libThread As Integer = CreateRemoteThread(hProcess, 0, 0, loadLibAddr, allocAddress, 0, 0)
If libThread = 0 Then
Return False
MessageBox.Show("Error Creating thread!")
Else
WaitForSingleObject(libThread, 5000)
CloseHandle(libThread)
End If
CloseHandle(hProcess)
Threading.Thread.Sleep(1000)
Return True
End Function
这将写入进程内存并创建一个远程线程。
现在我的项目有两个文件:头文件和 CPP 文件。
标题:
#ifdef MAINLIB_EXPORTS
#define MAINLIB_API __declspec(dllexport)
#else
#define MAINLIB_API __declspec(dllexport)
#endif
extern "C" MAINLIB_API DWORD TestFunction();
和 CPP:
#define WIN32_LEAN_AND_MEAN
#include <windows.h>
#include <stdio.h>
#include "dll.h"
#include "Urlmon.h"
BOOL APIENTRY DllMain( HANDLE hModule, DWORD ul_reason_for_call, LPVOID lpReserved)
{
hModule;
lpReserved;
switch (ul_reason_for_call)
{
case DLL_PROCESS_ATTACH:
case DLL_THREAD_ATTACH:
case DLL_THREAD_DETACH:
case DLL_PROCESS_DETACH:
break;
}
return TRUE;
}
DWORD TestFunction()
{
MessageBox(0, TEXT("LOL"), TEXT("LMAO"), MB_OK);
return 1;
}
据我了解,这应该在注入时运行 TestFunction。但事实并非如此。我可以使用任何解决方案/有用的页面吗?