使用CreateRemoteThread注入dll未调用dllmain函数
我正在学习给进程注入dll,使用LoadLibrary导入dll是会正确触发dllmain函数,但是通过CreateRemoteThread函数来给其它进程注入发现dllmain没有被执行,但是dll应该注入成功了,因为其返回值不是NULL
这是我的dll项目内容,由code blocks自动生成,我只是在dll_process_attach事件中增加了MessageBox的提示,也正是由此得知该dllmain函数未触发
#include "main.h"
// a sample exported function
void DLL_EXPORT SomeFunction(const LPCSTR sometext)
{
MessageBoxA(0, sometext, "DLL Message", MB_OK | MB_ICONINFORMATION);
}
extern "C" DLL_EXPORT BOOL APIENTRY DllMain(HINSTANCE hinstDLL, DWORD fdwReason, LPVOID lpvReserved)
{
switch (fdwReason)
{
case DLL_PROCESS_ATTACH:
// attach to process
// return FALSE to fail DLL load
MessageBox(NULL, "called", "title", MB_OK);
break;
case DLL_PROCESS_DETACH:
// detach from process
break;
case DLL_THREAD_ATTACH:
// attach to thread
break;
case DLL_THREAD_DETACH:
// detach from thread
break;
}
return TRUE; // succesful
}以下是注入的C++代码
#include<windows.h>
#include<iostream>
using namespace std;
void injectMain(int, const char*);
int main()
{
// 进程号和DLL文件路径
injectMain(8636, "D:\\CPRO\\MyDLL\\bin\\Debug\\MyDLL.dll");
return 0;
}
void injectMain(int pId, const char* path)
{
//HANDLE hProcess = GetCurrentProcess();
HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS,FALSE,pId);
//cout<<hProcess<<endl;
int pathSize = strlen(path) + 1;
LPVOID pAddress = VirtualAllocEx(hProcess, NULL, pathSize,MEM_COMMIT, PAGE_READWRITE);
WriteProcessMemory(hProcess, pAddress, path, pathSize, NULL);
HMODULE hKernel32 = LoadLibrary("Kernel32.dll");
if(hKernel32 == NULL){
cout<<"missing kernel32.dll"<<endl;
}
LPTHREAD_START_ROUTINE lpStartAddress = (LPTHREAD_START_ROUTINE)GetProcAddress(hKernel32, "LoadLibraryW");
HANDLE hResult = CreateRemoteThread(hProcess, NULL,0, lpStartAddress, pAddress, 0, NULL);
if(hResult == INVALID_HANDLE_VALUE){
cout<<"inject dll failed"<<endl;
}else{
cout<<hResult<<endl;
}
WaitForSingleObject(hResult, INFINITE);
cout<<GetLastError()<<endl;
VirtualFreeEx(hProcess, pAddress, pathSize, MEM_DECOMMIT);
}
执行结果如下,但是并没有弹出对话框, 0x84是CreateRemoteThread返回的句柄,0是GetLastError返回的结果
不得其解,望大佬们指点指点
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论