时间戳

首页 > 解决方案 > DLL不注入?

c# - DLL不注入?

问题描述

我在 C# winforms 中创建了一个 dll 注入器,但它似乎不起作用。您从列表中选择一个进程,然后选择您的 dll。进程和 dll 路径是正确的,除了返回 0 的 CreateRemoteThread 之外,一切都正确返回。如果这是问题所在,我该如何解决?我也用 64 位程序和 dll 进行了测试。这是我的代码:

private void Inject(string DllPath, Process InjectProcess)
        {
            IntPtr hProcess = Win32.OpenProcess(1082, false, InjectProcess.Id);
            Console.WriteLine(hProcess);
            IntPtr procAddress = Win32.GetProcAddress(Win32.GetModuleHandle("kernel32.dll"), "LoadLibraryA");
            Console.WriteLine(procAddress);
            uint num = (uint)((DllPath.Length + 1) * Marshal.SizeOf(typeof(char)));
            Console.WriteLine(num);
            IntPtr intPtr = Win32.VirtualAllocEx(hProcess, IntPtr.Zero, num, 12288U, 4U);
            Console.WriteLine(intPtr);
            UIntPtr uintPtr;
            Console.WriteLine(Win32.WriteProcessMemory(hProcess, intPtr, Encoding.Default.GetBytes(DllPath), num, out uintPtr));
            
            Console.WriteLine(Win32.CreateRemoteThread(hProcess, IntPtr.Zero, 0U, procAddress, intPtr, 0U, IntPtr.Zero));
            MessageBox.Show("Injected " + this.openFileDialog1.SafeFileName + " into Process " + this.listBox1.GetItemText(this.listBox1.SelectedItem) + "!");
        }

private void button1_Click(object sender, EventArgs e)
        {
            string processname = this.listBox1.GetItemText(this.listBox1.SelectedItem);
            Process[] chosenprocess = Process.GetProcessesByName(processname); 
            this.Inject(this.openFileDialog1.FileName, chosenprocess[0]);
        }

public static class Win32
{
    // Token: 0x06000012 RID: 18
    [DllImport("kernel32.dll")]
    public static extern int SuspendThread(IntPtr hThread);

    // Token: 0x06000013 RID: 19
    [DllImport("kernel32.dll")]
    public static extern int ResumeThread(IntPtr hThread);

    // Token: 0x06000014 RID: 20
    [DllImport("kernel32.dll")]
    public static extern IntPtr OpenThread(int dwDesiredAccess, bool bInheritHandle, int dwThreadId);

    // Token: 0x06000015 RID: 21
    [DllImport("kernel32.dll", SetLastError = true)]
    public static extern bool CloseHandle(IntPtr hHandle);

    // Token: 0x06000016 RID: 22
    [DllImport("kernel32.dll")]
    public static extern IntPtr OpenProcess(int dwDesiredAccess, bool bInheritHandle, int dwProcessId);

    // Token: 0x06000017 RID: 23
    [DllImport("kernel32", CharSet = CharSet.Ansi, ExactSpelling = true, SetLastError = true)]
    public static extern IntPtr GetProcAddress(IntPtr hModule, string procName);

    // Token: 0x06000018 RID: 24
    [DllImport("kernel32.dll", CharSet = CharSet.Auto)]
    public static extern IntPtr GetModuleHandle(string lpModuleName);

    // Token: 0x06000019 RID: 25
    [DllImport("kernel32.dll", ExactSpelling = true, SetLastError = true)]
    public static extern IntPtr VirtualAllocEx(IntPtr hProcess, IntPtr lpAddress, uint dwSize, uint flAllocationType, uint flProtect);

    // Token: 0x0600001A RID: 26
    [DllImport("kernel32.dll", SetLastError = true)]
    public static extern bool WriteProcessMemory(IntPtr hProcess, IntPtr lpBaseAddress, byte[] lpBuffer, uint nSize, out UIntPtr lpNumberOfBytesWritten);

    // Token: 0x0600001B RID: 27
    [DllImport("kernel32.dll")]
    public static extern IntPtr CreateRemoteThread(IntPtr hProcess, IntPtr lpThreadAttributes, uint dwStackSize, IntPtr lpStartAddress, IntPtr lpParameter, uint dwCreationFlags, IntPtr lpThreadId);
}

标签: c#winforms

解决方案

推荐阅读