嘿伙计们,我似乎无法让我的代码以我想要的方式工作。 我正在等待一个进程启动,AKA出现在我的任务管理器中。 虽然没有找到这个过程,但我还是继续循环;如果找到进程然后在循环中断开并执行AKA注入DLL下面的逻辑。我有断点,但是我的代码只是保持循环,所以就像它在任务管理器中显示的那样,它永远不会被找到。
public static int inject(string dllPath, Process tProcess)
{
Process targetProcess = tProcess;
string dllName = dllPath;
const string PROCESSNAME = "BatteryLife.exe";
// Length == 0 = False?
while (Process.GetProcessesByName(PROCESSNAME).Length == 0)
{
var test3 = "";
Thread.Sleep(100);
// Length == 1 = True?
if (Process.GetProcessesByName(PROCESSNAME).Length == 1)
break;
var test = "";
}
var test2 = "";
// the target process
// geting the handle of the process - with required privileges
IntPtr procHandle = OpenProcess(PROCESS_CREATE_THREAD | PROCESS_QUERY_INFORMATION | PROCESS_VM_OPERATION | PROCESS_VM_WRITE | PROCESS_VM_READ, false, targetProcess.Id);
// searching for the address of LoadLibraryA and storing it in a pointer
IntPtr loadLibraryAddr = GetProcAddress(GetModuleHandle("kernel32.dll"), "LoadLibraryA");
// name of the dll we want to inject
// alocating some memory on the target process - enough to store the name of the dll
// and storing its address in a pointer
IntPtr allocMemAddress = VirtualAllocEx(procHandle, IntPtr.Zero, (uint)((dllName.Length + 1) * Marshal.SizeOf(typeof(char))), MEM_COMMIT | MEM_RESERVE, PAGE_READWRITE);
// writing the name of the dll there
UIntPtr bytesWritten;
WriteProcessMemory(procHandle, allocMemAddress, Encoding.Default.GetBytes(dllName), (uint)((dllName.Length + 1) * Marshal.SizeOf(typeof(char))), out bytesWritten);
// creating a thread that will call LoadLibraryA with allocMemAddress as argument
CreateRemoteThread(procHandle, IntPtr.Zero, 0, loadLibraryAddr, allocMemAddress, 0, IntPtr.Zero);
return 0;
}
答案 0 :(得分:1)
我认为您需要从流程名称.exe中删除string。
Process[] pname = Process.GetProcessesByName("BatteryLife");
if (pname.Length == 0)
{
.....
}