#include <Windows.h>
#include <stdio.h>
void CALLBACK Message()
{
SleepEx(1000,TRUE);
MessageBox(
NULL,
"QueueUserAPC Injection",
"Thread",
NULL
);
}
int main(void)
{
int i = 0;
STARTUPINFO si;
PROCESS_INFORMATION pi;
if(0)
Message();
ZeroMemory( &si, sizeof(si) );
si.cb = sizeof(si);
ZeroMemory( &pi, sizeof(pi) );
// Start the child process.
if( !CreateProcess( NULL, // No module name (use command line)
"C:\\Documents and Settings\\Administrator\\바탕 화면\\NOTEPAD_bak_org.EXE", // Command line
NULL, // Process handle not inheritable
NULL, // Thread handle not inheritable
FALSE, // Set handle inheritance to FALSE
0x8000004, // No creation flags
NULL, // Use parent's environment block
NULL, // Use parent's starting directory
&si, // Pointer to STARTUPINFO structure
&pi ) // Pointer to PROCESS_INFORMATION structure
)
{
printf( "CreateProcess failed (%d).\n", GetLastError() );
return 0;
}
LPVOID original_p = VirtualAlloc(0,0x6000,0x3000,0x40);
ReadProcessMemory(GetCurrentProcess(),(LPCVOID)0x00400000,original_p,0x6000,0);
LPVOID target_p = VirtualAllocEx(pi.hProcess,0,0x6000,0x3000,PAGE_EXECUTE_READWRITE);
WriteProcessMemory(pi.hProcess,target_p,original_p,0x6000,0);
//VirtualFree(original_p,dwsize,0x8000);
DWORD Eip = (DWORD) target_p + 0x1000;
QueueUserAPC((PAPCFUNC) Eip, pi.hThread, 0);
SleepEx(1000,TRUE);
ResumeThread(pi.hThread);
getchar();
return 0;
}
我想执行其他进程注入的代码(消息框调用)尽管恢复线程已被执行,但Messagebox未被执行..为什么..?
我当然检查其他进程注入的代码!!
请...帮助
答案 0 :(得分:0)
当然这段代码不起作用。您只将部分自我代码复制到另一个进程。但进口怎么样?你想一想吗?重新安置?没有什么可行的