收藏
下载资源

进程空间中插入另一个进程的代码细节化

上传人:子 文档编号:43732114 上传时间:2018-06-07 格式:DOC 页数:18 大小:40KB
返回 下载 相关 举报
进程空间中插入另一个进程的代码细节化_第1页
第1页 / 共18页
进程空间中插入另一个进程的代码细节化_第2页
第2页 / 共18页
进程空间中插入另一个进程的代码细节化_第3页
第3页 / 共18页
进程空间中插入另一个进程的代码细节化_第4页
第4页 / 共18页
进程空间中插入另一个进程的代码细节化_第5页
第5页 / 共18页
点击查看更多>>
资源描述

《进程空间中插入另一个进程的代码细节化》由会员分享,可在线阅读,更多相关《进程空间中插入另一个进程的代码细节化(18页珍藏版)》请在金锄头文库上搜索。

1、在进程空间中插入另一个进程的代码细节化在在 InjectInject DLLDLL IntoInto ProcessProcess 的技术司空见惯的时代,江湖上出现了更令人惊的技术司空见惯的时代,江湖上出现了更令人惊 讶讶 InjectInject ThreadThread IntoInto ProcessProcess 的技术,的技术,不过这些不过这些 InjectionInjection 的功能多有局限性,如果可以的功能多有局限性,如果可以 InjectInject EXE(Process)EXE(Process) IntoInto ProcessProcess 该多好啊,习习该多好啊,习

2、习其实其实 InjectInject EXEEXE 的的技术早已不是什么新东西,只是原先的技术早已不是什么新东西,只是原先的 InjectInject EXEEXE 是是 Linux/UnixLinux/Unix 的东西,的东西, 没有几个成功被改造成没有几个成功被改造成 WindowsWindows 版的版的. */*/ 复制内容到剪贴板复制内容到剪贴板 代码代码: :#include#include “stdafx.h“stdafx.h“ #include#include “windows.h“windows.h“ #include#include “tlhelp32.h“tlhelp32

3、.h“ #include#include “ntpsapi.h“ntpsapi.h“structstruct PE_HeaderPE_Header unsignedunsigned longlong signature;signature;unsignedunsigned shortshort machine;machine;unsignedunsigned shortshort numSections;numSections;unsignedunsigned longlong timeDateStamp;timeDateStamp;unsignedunsigned longlong poin

4、terToSymbolTable;pointerToSymbolTable;unsignedunsigned longlong numOfSymbols;numOfSymbols;unsignedunsigned shortshort sizeOfOptionHeader;sizeOfOptionHeader;unsignedunsigned shortshort characteristics;characteristics; ;structstruct PE_ExtHeaderPE_ExtHeader unsignedunsigned shortshort magic;magic;unsi

5、gnedunsigned charchar majorLinkerVersion;majorLinkerVersion;unsignedunsigned charchar minorLinkerVersion;minorLinkerVersion;unsignedunsigned longlong sizeOfCode;sizeOfCode;unsignedunsigned longlong sizeOfInitializedData;sizeOfInitializedData;unsignedunsigned longlong sizeOfUninitializedData;sizeOfUn

6、initializedData;unsignedunsigned longlong addressOfEntryPoint;addressOfEntryPoint;unsignedunsigned longlong baseOfCode;baseOfCode;unsignedunsigned longlong baseOfData;baseOfData;unsignedunsigned longlong imageBase;imageBase;unsignedunsigned longlong sectionAlignment;sectionAlignment;unsignedunsigned

7、 longlong fileAlignment;fileAlignment;unsignedunsigned shortshort majorOSVersion;majorOSVersion;unsignedunsigned shortshort minorOSVersion;minorOSVersion;unsignedunsigned shortshort majorImageVersion;majorImageVersion;unsignedunsigned shortshort minorImageVersion;minorImageVersion;unsignedunsigned s

8、hortshort majorSubsystemVersion;majorSubsystemVersion;unsignedunsigned shortshort minorSubsystemVersion;minorSubsystemVersion;unsignedunsigned longlong reserved1;reserved1;unsignedunsigned longlong sizeOfImage;sizeOfImage;unsignedunsigned longlong sizeOfHeaders;sizeOfHeaders;unsignedunsigned longlon

9、g checksum;checksum;unsignedunsigned shortshort subsystem;subsystem;unsignedunsigned shortshort DLLCharacteristics;DLLCharacteristics;unsignedunsigned longlong sizeOfStackReserve;sizeOfStackReserve;unsignedunsigned longlong sizeOfStackCommit;sizeOfStackCommit;unsignedunsigned longlong sizeOfHeapRese

10、rve;sizeOfHeapReserve;unsignedunsigned longlong sizeOfHeapCommit;sizeOfHeapCommit;unsignedunsigned longlong loaderFlags;loaderFlags;unsignedunsigned longlong numberOfRVAAndSizes;numberOfRVAAndSizes;unsignedunsigned longlong exportTableAddress;exportTableAddress;unsignedunsigned longlong exportTableS

11、ize;exportTableSize;unsignedunsigned longlong importTableAddress;importTableAddress;unsignedunsigned longlong importTableSize;importTableSize;unsignedunsigned longlong resourceTableAddress;resourceTableAddress;unsignedunsigned longlong resourceTableSize;resourceTableSize;unsignedunsigned longlong ex

12、ceptionTableAddress;exceptionTableAddress;unsignedunsigned longlong exceptionTableSize;exceptionTableSize;unsignedunsigned longlong certFilePointer;certFilePointer;unsignedunsigned longlong certTableSize;certTableSize;unsignedunsigned longlong relocationTableAddress;relocationTableAddress;unsignedun

13、signed longlong relocationTableSize;relocationTableSize;unsignedunsigned longlong debugDataAddress;debugDataAddress;unsignedunsigned longlong debugDataSize;debugDataSize;unsignedunsigned longlong archDataAddress;archDataAddress;unsignedunsigned longlong archDataSize;archDataSize;unsignedunsigned lon

14、glong globalPtrAddress;globalPtrAddress;unsignedunsigned longlong globalPtrSize;globalPtrSize;unsignedunsigned longlong TLSTableAddress;TLSTableAddress;unsignedunsigned longlong TLSTableSize;TLSTableSize;unsignedunsigned longlong loadConfigTableAddress;loadConfigTableAddress;unsignedunsigned longlon

15、g loadConfigTableSize;loadConfigTableSize;unsignedunsigned longlong boundImportTableAddress;boundImportTableAddress;unsignedunsigned longlong boundImportTableSize;boundImportTableSize;unsignedunsigned longlong importAddressTableAddress;importAddressTableAddress;unsignedunsigned longlong importAddres

16、sTableSize;importAddressTableSize;unsignedunsigned longlong delayImportDescAddress;delayImportDescAddress;unsignedunsigned longlong delayImportDescSize;delayImportDescSize;unsignedunsigned longlong COMHeaderAddress;COMHeaderAddress;unsignedunsigned longlong COMHeaderSize;COMHeaderSize;unsignedunsigned longlong

展开阅读全文
相关资源
正为您匹配相似的精品文档
相关搜索

最新文档


当前位置:首页 > 生活休闲 > 科普知识

电脑版 |金锄头文库版权所有
经营许可证:蜀ICP备13022795号 | 川公网安备 51140202000112号