日韩性视频-久久久蜜桃-www中文字幕-在线中文字幕av-亚洲欧美一区二区三区四区-撸久久-香蕉视频一区-久久无码精品丰满人妻-国产高潮av-激情福利社-日韩av网址大全-国产精品久久999-日本五十路在线-性欧美在线-久久99精品波多结衣一区-男女午夜免费视频-黑人极品ⅴideos精品欧美棵-人人妻人人澡人人爽精品欧美一区-日韩一区在线看-欧美a级在线免费观看

歡迎訪問 生活随笔!

生活随笔

當前位置: 首頁 > 编程资源 > 编程问答 >内容正文

编程问答

简单的CreateRemoteThread例程-初学者必看

發布時間:2025/3/15 编程问答 33 豆豆
生活随笔 收集整理的這篇文章主要介紹了 简单的CreateRemoteThread例程-初学者必看 小編覺得挺不錯的,現在分享給大家,幫大家做個參考.
簡單的CreateRemoteThread例程-初學者必看

// _remotethreaddemo.cpp : Defines the entry point for the console application.
// Author:秋鎮菜

#include "stdafx.h"
#include "windows.h"


// ========== 定義一個代碼結構,本例為一個對話框============
struct MyData
{
?char sz[64]; // 對話框顯示內容
?DWORD dwMessageBox; // 對話框的地址
};

// ========== 遠程線程的函數 ==============================
DWORD __stdcall RMTFunc(MyData *pData)
{
?typedef int(__stdcall*MMessageBox)(HWND,LPCTSTR,LPCTSTR,UINT);
?MMessageBox MsgBox = (MMessageBox)pData->dwMessageBox;
?MsgBox(NULL, pData->sz, NULL, MB_OK);
?return 0;
}
int main(int argc, char* argv[])
{
// ===== 獲得需要創建REMOTETHREAD的進程句柄 ===============================
?HWND hWnd = FindWindow("notepad", NULL); // 以NOTEPAD為例
?DWORD dwProcessId;
?::GetWindowThreadProcessId(hWnd, &dwProcessId);
?HANDLE hProcess = OpenProcess(
????????PROCESS_ALL_ACCESS,
????????FALSE,
????????dwProcessId);

// ========= 代碼結構 ================================================
?MyData data;
?ZeroMemory(&data, sizeof (MyData));
?strcat(data.sz, "對話框的內容.");
?HINSTANCE hUser = LoadLibrary("user32.dll");
?if (! hUser)
?{
??printf("Can not load library./n");
??return 0;
?}
?data.dwMessageBox = (DWORD)GetProcAddress(hUser, "MessageBoxA");
?FreeLibrary(hUser);
?if (! data.dwMessageBox)
??return 0;

// ======= 分配空間 ===================================================
?void *pRemoteThread
??= VirtualAllocEx(hProcess, 0,
??????1024*4, MEM_COMMIT|MEM_RESERVE,
??????PAGE_EXECUTE_READWRITE);
?if (! pRemoteThread)
??return 0;
?if (! WriteProcessMemory(hProcess, pRemoteThread, &RMTFunc, 1024*4, 0))
??return 0;

?MyData *pData
??= (MyData*)VirtualAllocEx(hProcess, 0,
??????sizeof (MyData), MEM_COMMIT,
??????PAGE_READWRITE);
?if (!pData)
??return 0;

?if (! WriteProcessMemory(hProcess, pData, &data, sizeof (MyData), 0))
??return 0;

// =========== 創建遠程線程 ===========================================
?HANDLE hThread
??= CreateRemoteThread(hProcess, 0,
???????0, (LPTHREAD_START_ROUTINE)pRemoteThread,
???????pData, 0, 0);
?if (! hThread)
?{
??printf("遠程線程創建失敗");
??return 0;
?}
?CloseHandle(hThread);
?VirtualFreeEx(hProcess, pRemoteThread, 1024*3, MEM_RELEASE);
?VirtualFreeEx(hProcess, pData, sizeof (MyData), MEM_RELEASE);
?CloseHandle(hProcess);
?printf("Hello World!/n");
?return 0;
}

總結

以上是生活随笔為你收集整理的简单的CreateRemoteThread例程-初学者必看的全部內容,希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網站內容還不錯,歡迎將生活随笔推薦給好友。