找回密码
 加入
搜索
查看: 6233|回复: 5

[求购] AU3注入DLL的问题 100元请人修改。

  [复制链接]
发表于 2014-2-8 16:12:59 | 显示全部楼层 |阅读模式
悬赏1金钱未解决
$pid0 = ProcessExists("qq.exe")
$DllPath0 = @ScriptDir & "\test.dll"
If InDll() Then
MsgBox(64,"d","成功")
Else
MsgBox(16,"d","失败")
endif
Func InDll($pid = $pid0,$DllPath = $DllPath0)
Local $hp
Local $DllLen
Local $addr
Local $ret
Local $n
If FileExists($DllPath)=0 Then Return
$r = DllCall("KERNEL32.DLL", "long", "OpenProcess", "long", 2035711,"long", 0, "long", $pid)
$hp=$r[0]
If $r[0]=0 Then Return
$DllLen=ChrLenFixed($DllPath)+1
$r = DllCall("KERNEL32.DLL", "long", "VirtualAllocEx", "long", $hp,"ptr", 0, "long", $DllLen,"long",4096,"long",4)
$addr=$r[0]
$r= DllCall("KERNEL32.DLL", "long", "WriteProcessMemory", "handle", $hp,"ptr",$addr,"str",$DllPath,"ulong_ptr",$DllLen,"ulong_ptr*",0)
If $r[0] Then
  $r=DllCall("KERNEL32.DLL", "long", "GetModuleHandle", "str","KERNEL32.DLL")
  $ret=$r[0]
  $r=DllCall("KERNEL32.DLL", "long", "GetProcAddress","LONG",$ret,"str","LoadLibraryA")
  $EntryPoint=$r[0]
  $r=DllCall("KERNEL32.DLL", "long", "CreateRemoteThread", "LONG",$hp,"long*",0,"long",0,"long",$EntryPoint,"long",$addr,"long",0,"ptr",0)
  $ret=$r[0]
  If $ret Then
   $n=1
   $r=DllCall("KERNEL32.DLL", "long", "WaitForSingleObject","LONG",$ret,"long",4294967295)
   $r=DllCall("KERNEL32.DLL", "long", "GetExitCodeThread","LONG",$ret,"long*",0)   
  EndIf
EndIf
If $addr Then $r=DllCall("KERNEL32.DLL", "long", "VirtualFreeEx", "LONG",$hp,"ptr",$addr,"long",0,"long",32768)
If $ret Then $r=DllCall("KERNEL32.DLL", "handle", "CloseHandle","LONG",$ret)
If $hp Then $r=DllCall("KERNEL32.DLL", "long", "CloseHandle","LONG",$hp)  
Return $n
EndFunc
Func ChrLenFixed($c)
        Dim $ChrL = 0, $AscNum
        For $i = 1 To StringLen($c)
                $AscNum = AscW(StringMid($c, $i, 1))
                If $AscNum < 0 Then $AscNum = $AscNum + 65536
                If $AscNum > 255 Then
                        $ChrL = $ChrL + 2
                Else
                        $ChrL = $ChrL + 1
                EndIf
        Next
        Return $ChrL
EndFunc

这个代码在WIN7 64位系统中,不能注入成功。64位的系统中,也是将32位的DLL,注入到32位的进程中。有朋友可以修改的可以加QQ:863686908

发表于 2014-2-8 21:46:43 | 显示全部楼层
QQ 貌似有驱动的吧?
发表于 2014-2-13 03:25:42 | 显示全部楼层
貌似必须要用64位的DLL来注入,否则dllcall指针是错的
发表于 2015-1-26 16:28:20 | 显示全部楼层
谢谢楼主分享!
发表于 2015-1-28 04:25:48 | 显示全部楼层
代码没问题,个别进程有保护,不让注。

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有账号?加入

×
发表于 2015-1-28 12:23:14 | 显示全部楼层
学习学习,好深奥呀
您需要登录后才可以回帖 登录 | 加入

本版积分规则

QQ|手机版|小黑屋|AUTOIT CN ( 鲁ICP备19019924号-1 )谷歌 百度

GMT+8, 2024-12-22 11:56 , Processed in 0.079645 second(s), 18 queries .

Powered by Discuz! X3.5 Licensed

© 2001-2024 Discuz! Team.

快速回复 返回顶部 返回列表