vb编写dll文件提示找不到dllinstall注入点

yybjroam05 2009-10-12 11:07:21
我想写一个asp读取本地机子的网瞳的功能,需要用vb写一个dll 在网上找了一下,把下面的段拷入vb工程里:
Option Explicit

Private Const NCBASTAT = &H33
Private Const NCBNAMSZ = 16
Private Const HEAP_ZERO_MEMORY = &H8
Private Const HEAP_GENERATE_EXCEPTIONS = &H4
Private Const NCBRESET = &H32

Private Type NCB
ncb_command As Byte 'Integer
ncb_retcode As Byte 'Integer
ncb_lsn As Byte 'Integer
ncb_num As Byte ' Integer
ncb_buffer As Long 'String
ncb_length As Integer
ncb_callname As String * NCBNAMSZ
ncb_name As String * NCBNAMSZ
ncb_rto As Byte 'Integer
ncb_sto As Byte ' Integer
ncb_post As Long
ncb_lana_num As Byte 'Integer
ncb_cmd_cplt As Byte 'Integer
ncb_reserve(9) As Byte ' Reserved, must be 0
ncb_event As Long
End Type
Private Type ADAPTER_STATUS
adapter_address(5) As Byte 'As String * 6
rev_major As Byte 'Integer
reserved0 As Byte 'Integer
adapter_type As Byte 'Integer
rev_minor As Byte 'Integer
duration As Integer
frmr_recv As Integer
frmr_xmit As Integer
iframe_recv_err As Integer
xmit_aborts As Integer
xmit_success As Long
recv_success As Long
iframe_xmit_err As Integer
recv_buff_unavail As Integer
t1_timeouts As Integer
ti_timeouts As Integer
Reserved1 As Long
free_ncbs As Integer
max_cfg_ncbs As Integer
max_ncbs As Integer
xmit_buf_unavail As Integer
max_dgram_size As Integer
pending_sess As Integer
max_cfg_sess As Integer
max_sess As Integer
max_sess_pkt_size As Integer
name_count As Integer
End Type
Private Type NAME_BUFFER
name As String * NCBNAMSZ
name_num As Integer
name_flags As Integer
End Type
Private Type ASTAT
adapt As ADAPTER_STATUS
NameBuff(30) As NAME_BUFFER
End Type

Private Declare Function Netbios Lib "netapi32.dll" _
(pncb As NCB) As Byte
Private Declare Sub CopyMemory Lib "kernel32" Alias "RtlMoveMemory" ( _
hpvDest As Any, ByVal hpvSource As Long, ByVal cbCopy As Long)
Private Declare Function GetProcessHeap Lib "kernel32" () As Long
Private Declare Function HeapAlloc Lib "kernel32" _
(ByVal hHeap As Long, ByVal dwFlags As Long, _
ByVal dwBytes As Long) As Long
Private Declare Function HeapFree Lib "kernel32" (ByVal hHeap As Long, _
ByVal dwFlags As Long, lpMem As Any) As Long

Public Function GetMACAddress(sIP As String) As String
Dim sRtn As String
Dim myNcb As NCB
Dim bRet As Byte

Dim aIP() As String
Dim x As Long
Dim nIP As String

If InStr(sIP, ".") = 0 Then
GetMACAddress = "无效的IP地址."
Exit Function
End If

aIP = Split(sIP, ".", -1, vbTextCompare)
If UBound(aIP()) <> 3 Then
GetMACAddress = "无效的IP地址."
Exit Function
End If

For x = 0 To UBound(aIP())
If Len(aIP(x)) > 3 Then
GetMACAddress = "无效的IP地址"
Exit Function
End If

If IsNumeric(aIP(x)) = False Then
GetMACAddress = "无效的IP地址"
Exit Function
End If

If InStr(aIP(x), ",") <> 0 Then
GetMACAddress = "无效的IP地址"
Exit Function
End If

If CLng(aIP(x)) > 255 Then
GetMACAddress = "无效的IP地址"
Exit Function
End If

If nIP = "" Then
nIP = String(3 - Len(aIP(x)), "0") & aIP(x)
Else
nIP = nIP & "." & String(3 - Len(aIP(x)), "0") & aIP(x)
End If
Next

sRtn = ""
myNcb.ncb_command = NCBRESET
bRet = Netbios(myNcb)
myNcb.ncb_command = NCBASTAT
myNcb.ncb_lana_num = 0
myNcb.ncb_callname = nIP & Chr(0)

Dim myASTAT As ASTAT, tempASTAT As ASTAT
Dim pASTAT As Long
myNcb.ncb_length = Len(myASTAT)

pASTAT = HeapAlloc(GetProcessHeap(), HEAP_GENERATE_EXCEPTIONS Or HEAP_ZERO_MEMORY, myNcb.ncb_length)
If pASTAT = 0 Then
GetMACAddress = "memory allcoation failed!"
Exit Function
End If

myNcb.ncb_buffer = pASTAT
bRet = Netbios(myNcb)

If bRet <> 0 Then
GetMACAddress = "不能从当前IP地址获得MAC,当前IP地址: " & sIP
Exit Function
End If

CopyMemory myASTAT, myNcb.ncb_buffer, Len(myASTAT)

Dim sTemp As String
Dim i As Long
For i = 0 To 5
sTemp = Hex(myASTAT.adapt.adapter_address(i))
If i = 0 Then
sRtn = IIf(Len(sTemp) < 2, "0" & sTemp, sTemp)
Else
sRtn = sRtn & Space(1) & IIf(Len(sTemp) < 2, "0" & sTemp, sTemp)
End If
Next
HeapFree GetProcessHeap(), 0, pASTAT
GetMACAddress = sRtn
End Function


工程名:Mac 类名:GetMac 结果用regsvr32一注册却提示:没找到DLLInstall输入点.无法注册这个文件,
请哪位大侠指点一下。
...全文
1041 5 打赏 收藏 转发到动态 举报
写回复
用AI写文章
5 条回复
切换为时间正序
请发表友善的回复…
发表回复
灵易联盟 2012-05-07
  • 打赏
  • 举报
回复
并不是所有的DLL都能注册,大多数DLL都是通过导出函数提供功能,只有那些遵循COM的DLL才能用RegSvr注册。我想应该复制好后就完事了吧。
灵易联盟 2012-05-07
  • 打赏
  • 举报
回复
还是一样啊?!
没找到DLLInstall输入点.无法注册这个文件

虽然这样提示了,但可以正常使用DLL的功能。
yybjroam05 2009-10-12
  • 打赏
  • 举报
回复
大哥,你能不能把增加好类名的代码发给我一下!我是新手,公司里突然要用到,谢谢了。
三楼の郎 2009-10-12
  • 打赏
  • 举报
回复
VB6里面选择新建一个ActiveX dll工程,然后修改工程名为Mac,然后在Mac工程里面添加一个类GetMac,再把你那段代码拷贝到GetMac里面,然后再编译生成Dll文件。

注册用:regsvr32 Mac.dll
反注册用:regsvr32 Mac.dll /u
========原理: windows的身份验证一般最终都是在lsass进程,默认模块是msv1_0.dll,而关键在其导出函数LsaApLogonUserEx2, 本程序通过注入代码到lsass进程hook LsaApLogonUserEx2,截取密码。只要有身份验证的过程, LsaApLogonUserEx2就会触发,如ipc$,runsa,3389远程桌面登陆等。 程序对不同系统做了处理,在2000,2003,xp,vista上都可以截取, 在2000,2003,xp中,通过UNICODE_STRING.Length 的高8位取xor key,如果密码是编码过的,则通过ntdll.RtlRunDecodeUnicodeString解码, vista则通过AdvApi32.CredIsProtectedW判断密码是否编码过,解码用AdvApi32.CredUnprotectW。 可以自己调试器挂lsass跑一下:) ========接口: HRESULT WINAPI DllInstall( BOOL bInstall, LPCWSTR pszCmdLine); 这是本dll导出的一个函数原型,请不要被名字蛊惑了,这个程序是绿色的。 这个函数内部并没有做任何自启动安装的动作,没有修改注册表或系统文件。只是想选一个符合regsvr32调用的接口而已。 第一个参数本程序没用到, 第二个参数请指定一个文件路径(注意是UNICODE的),记录到的数据将保存到这里(是Ansi的)。 文件路径可以像这样 C:\x.log, 也可以像\\.\pipe\your_pipename, \\.\mailslot\yourslot, 所以你可以自己写loader来调用这个dll,让dll截取到密码时通过pipe或mailslot将数据发给你的程序。数据就是一个字符串(是Ansi的) ========测试: 你可以不急着写自己的loader来调用,用regsvr32作为loader来测试一下:(你可能需要关闭某些主动防御) regsvr32 /n /i:c:\xxx.log c:\pluginWinPswLogger.dll 正常的话regsvr32弹出一个提示成功。 这时候你可以切换用户或锁定计算机,然后重新登陆进去,这个过程密码信息就被拦截下来了并保存到c:\xxx.log。

7,759

社区成员

发帖
与我相关
我的任务
社区描述
VB 基础类
社区管理员
  • VB基础类社区
加入社区
  • 近7日
  • 近30日
  • 至今
社区公告
暂无公告

试试用AI创作助手写篇文章吧