1
我發佈了一個關於SO的最近問題code injection,這個是相似但不相同的。我注入DLL到Firefox,它注入成功,但在DLL中的代碼不運行。如果我將相同的代碼注入到自定義應用程序中,它就可以工作。爲什麼會這樣。這是我正在使用的代碼。Dll沒有在Firefox中加載,但加載在自定義應用程序中
Injector.exe //這就是注入代碼
#include <stdio.h>
#include <windows.h>
#define procId 2844
#define dllname "dllinject.dll" // located in same directory
int main()
{
HANDLE hProc = OpenProcess(PROCESS_ALL_ACCESS, false, procId);
LPVOID allocated = (LPVOID)VirtualAllocEx(hProc, NULL, strlen(dllname), MEM_RESERVE|MEM_COMMIT, PAGE_READWRITE);
WriteProcessMemory(hProc, (LPVOID)allocated, dllname, strlen(dllname), NULL);
LPVOID libaddr = (LPVOID)GetProcAddress(GetModuleHandle("kernel32.dll"), "LoadLibraryA");
CreateRemoteThread(hProc, NULL, NULL, (LPTHREAD_START_ROUTINE)libaddr, NULL, NULL);
CloseHandle(hProc);
return 0;
}
Simpleinjected.exe //被注入該文件
#include <stdio.h>
int main()
{
printf("Hello");
return 0;
}
dllinject.dll
文件#include <windows.h>
int message(const char *msg)
{
MessageBox(NULL, msg, "Message from Dll", MB_OK);
return 0;
}
BOOL WINAPI DLLMain(HINSTANCE hInstDll, DWORD ulReason, LPVOID lpReserved)
{
switch(ulReason)
{
case DLL_PROCESS_ATTACH:
message("process attach");
break;
case DLL_THREAD_ATTACH:
message("thread attach");
break;
case DLL_PROCESS_DETACH:
message("process detach");
break;
case DLL_THREAD_DETACH:
message("thread detach");
break;
}
return true;
}
它在注入到simpleinjected.exe時工作,但是當在Firefox中注入時,即使dll被成功注入也沒有任何反應。