35 lines
1.4 KiB
C++
Raw Normal View History

2024-01-20 11:31:41 +08:00
#include <iostream>
2024-04-02 15:36:52 +08:00
#include <Windows.h>
int dllinjectwmain(int argc, wchar_t *argv[])
2024-01-08 23:37:00 +08:00
{
2024-04-02 15:36:52 +08:00
for (int i = 1; i < argc - 1; i += 1)
{
auto PROCESS_INJECT_ACCESS = (PROCESS_CREATE_THREAD |
PROCESS_QUERY_INFORMATION |
PROCESS_VM_OPERATION |
PROCESS_VM_WRITE |
PROCESS_VM_READ);
2024-01-08 23:37:00 +08:00
auto pid = _wtoi(argv[i]);
auto hProcess = OpenProcess(PROCESS_INJECT_ACCESS, 0, pid);
2024-04-02 15:36:52 +08:00
if (hProcess == 0)
return 0;
auto size = (wcslen(argv[argc - 1]) + 1) * sizeof(wchar_t);
2024-01-08 23:37:00 +08:00
auto remoteData = VirtualAllocEx(hProcess,
2024-04-02 15:36:52 +08:00
nullptr,
size,
MEM_RESERVE | MEM_COMMIT,
PAGE_READWRITE);
if (remoteData == 0)
return 0;
WriteProcessMemory(hProcess, remoteData, argv[argc - 1], size, 0);
2024-01-08 23:37:00 +08:00
auto hThread = CreateRemoteThread(hProcess, 0, 0, (LPTHREAD_START_ROUTINE)LoadLibraryW, remoteData, 0, 0);
2024-04-02 15:36:52 +08:00
// if (hThread == 0) return 0;很奇怪为0但是成功
2024-01-08 23:37:00 +08:00
WaitForSingleObject(hThread, 10000);
CloseHandle(hThread);
VirtualFreeEx(hProcess, remoteData, size, MEM_RELEASE);
CloseHandle(hProcess);
2024-04-02 15:36:52 +08:00
}
2024-01-08 23:37:00 +08:00
return 1;
}