bool LoadMod(DWORD dwPID, const TCHAR* pszModuleFile) { HANDLE hProcess = NULL; HANDLE hThread = NULL; DWORD dwSize = 0; DWORD dwWritten = 0; LPVOID lpBuf = NULL; LPVOID lpThreadFun = NULL; hProcess = ::OpenProcess(PROCESS_CREATE_THREAD | PROCESS_VM_OPERATION | PROCESS_VM_WRITE, FALSE, dwPID); if (!hProcess) { return false; } dwSize = (DWORD)_tcslen(pszModuleFile); lpBuf = ::VirtualAllocEx(hProcess, NULL, dwSize, MEM_COMMIT, PAGE_READWRITE); if (!lpBuf) { ::CloseHandle(hProcess); return false; } if (!::WriteProcessMemory(hProcess, lpBuf, (LPVOID)pszModuleFile, dwSize, &dwWritten)) { ::VirtualFreeEx(hProcess, lpBuf, dwSize, MEM_DECOMMIT); ::CloseHandle(hProcess); return false; } if (dwSize != dwWritten) { ::VirtualFreeEx(hProcess, lpBuf, dwSize, MEM_DECOMMIT); ::CloseHandle(hProcess); return false; } #ifdef _UNICODE lpThreadFun = ::GetProcAddress(::GetModuleHandle(_T("Kernel32")), "LoadLibraryW"); #else lpThreadFun = ::GetProcAddress(::GetModuleHandle(_T("Kernel32")), "LoadLibraryA"); #endif hThread = ::CreateRemoteThread(hProcess, NULL, 0, (LPTHREAD_START_ROUTINE)lpThreadFun, lpBuf, 0, &dwPID); ::WaitForSingleObject(hThread, INFINITE); ::VirtualFreeEx(hProcess, lpBuf, dwSize, MEM_DECOMMIT); ::CloseHandle(hThread); ::CloseHandle(hProcess); return true; }
64,639
社区成员
250,578
社区内容
加载中
试试用AI创作助手写篇文章吧