1
嘿傢伙我似乎無法讓我的代碼按照我想要的方式工作。 我正在等待一個啓動過程,AKA顯示在我的任務管理器中。 雖然沒有找到該過程,但我保持循環;如果發現進程然後斷開while循環並執行AKA下面的邏輯注入DLL。我有斷點,但我的代碼只是保持循環,所以它的過程從來沒有找到,雖然它顯示在任務管理器。等待進程啓動C#
public static int inject(string dllPath, Process tProcess)
{
Process targetProcess = tProcess;
string dllName = dllPath;
const string PROCESSNAME = "BatteryLife.exe";
// Length == 0 = False?
while (Process.GetProcessesByName(PROCESSNAME).Length == 0)
{
var test3 = "";
Thread.Sleep(100);
// Length == 1 = True?
if (Process.GetProcessesByName(PROCESSNAME).Length == 1)
break;
var test = "";
}
var test2 = "";
// the target process
// geting the handle of the process - with required privileges
IntPtr procHandle = OpenProcess(PROCESS_CREATE_THREAD | PROCESS_QUERY_INFORMATION | PROCESS_VM_OPERATION | PROCESS_VM_WRITE | PROCESS_VM_READ, false, targetProcess.Id);
// searching for the address of LoadLibraryA and storing it in a pointer
IntPtr loadLibraryAddr = GetProcAddress(GetModuleHandle("kernel32.dll"), "LoadLibraryA");
// name of the dll we want to inject
// alocating some memory on the target process - enough to store the name of the dll
// and storing its address in a pointer
IntPtr allocMemAddress = VirtualAllocEx(procHandle, IntPtr.Zero, (uint)((dllName.Length + 1) * Marshal.SizeOf(typeof(char))), MEM_COMMIT | MEM_RESERVE, PAGE_READWRITE);
// writing the name of the dll there
UIntPtr bytesWritten;
WriteProcessMemory(procHandle, allocMemAddress, Encoding.Default.GetBytes(dllName), (uint)((dllName.Length + 1) * Marshal.SizeOf(typeof(char))), out bytesWritten);
// creating a thread that will call LoadLibraryA with allocMemAddress as argument
CreateRemoteThread(procHandle, IntPtr.Zero, 0, loadLibraryAddr, allocMemAddress, 0, IntPtr.Zero);
return 0;
}
PROCESSNAME實際上是「BatteryLife.exe」而不僅僅是「BatteryLife」? –
可能重複的[如何知道一個進程是否正在運行?](http://stackoverflow.com/questions/262280/how-can-i-know-if-a-process-is-running) – Gabe