As title, is called the code of this article: http://blog.csdn.net/hyy829903/article/details/12272717
Void InjectCode (DWORD dwProcId, LPVOID mFunc, LPVOID Param, dwords ParamSize)
{
HANDLE hProcess;//handle to the remote
LPVOID mFuncAddr;//the application function memory address
LPVOID ParamAddr;//the application parameters memory address
HANDLE hThread;//thread handle
DWORD NumberOfByte;//auxiliary return value
CString str;
//open the handle to the process being injected
HProcess=OpenProcess (PROCESS_ALL_ACCESS, FALSE, dwProcId);
//the application memory
MFuncAddr=VirtualAllocEx (hProcess, NULL, 128, MEM_COMMIT, PAGE_EXECUTE_READWRITE);
ParamAddr=VirtualAllocEx (hProcess, NULL, ParamSize MEM_COMMIT, PAGE_EXECUTE_READWRITE);
//write memory
WriteProcessMemory (hProcess, mFuncAddr mFunc, 128, & amp; NumberOfByte);
WriteProcessMemory (hProcess, ParamAddr, Param ParamSize, & amp; NumberOfByte);
//create a remote thread
HThread=CreateRemoteThread (hProcess, NULL, 0, (LPTHREAD_START_ROUTINE) mFuncAddr, ParamAddr, 0, & amp; NumberOfByte);
The WaitForSingleObject (hThread, INFINITE);//waiting thread end
//release application has memory
VirtualFreeEx (hProcess, mFuncAddr, 128, MEM_RELEASE);
VirtualFreeEx (hProcess, ParamAddr ParamSize, MEM_RELEASE);
//handle to release the remote
The CloseHandle (hThread);
The CloseHandle (hProcess);
}
But, why will so??
There is something wrong with the remote thread function?? Pray god to solve!!!!!!!!!!
CodePudding user response:
remote thread function as shown in figure, I just want to pop up a message box
CodePudding user response:
You just write function address is useless.Not all of the DLL function in different processes are consistent address
Code injection is very complicated, or Microsoft detoursx64 will not charge the
Recommended to use the DLL injection
CodePudding user response:
//the application memoryMFuncAddr=VirtualAllocEx (hProcess, NULL, 128, MEM_COMMIT, PAGE_EXECUTE_READWRITE);
//write memory
WriteProcessMemory (hProcess, mFuncAddr mFunc, 128, & amp; NumberOfByte);
//create a remote thread
HThread=CreateRemoteThread (hProcess, NULL, 0, (LPTHREAD_START_ROUTINE) mFuncAddr , ParamAddr, 0, & amp; NumberOfByte);
So if that can thread function is written to the memory?
CodePudding user response:
Ha ha, now finally know why the cause of the crash, and amend the project to Release version, you can refer to this article:http://blog.csdn.net/whatday/article/details/8975930
CodePudding user response:
Own answer, sharing solution, mental commendableCodePudding user response:
Computer composition principle and DOS command to assembly language, C language (not including the C + +), code written specification and data structure, compiling principle, operating system and computer network, database principle, the regular expression to other languages (including C + +), architecture...To learn programming advice:
multi-purpose cerebellum and hand and less in the brain, eyes and mouth, will be faster to learn programming! Eye over thousand times than hand it again!
Book is better than one thousand lines of hand knock a line!
Hand knock is better than one thousand lines of a single step line!
Single step source code is better than one thousand lines of single-step the Debug version of the corresponding assembly line!
Single step the Debug version of the corresponding assembly is better than one thousand lines of single-step Release version corresponding to the assembly line!
Will not step the Release version of the corresponding assembly? In you want to step the Release version of C/C + + code snippets in the front of the temporarily add DebugBreak (); Rebuild all, and then run in the IDE, (the average person I don't tell him!
) CodePudding user response:
http://edu.csdn.net/course/detail/2344 C language pointer and assembly - a memory address. The code element