Warning: file_get_contents(/data/phpspider/zhask/data//catemap/6/cplusplus/156.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
C++ CreateRemoteThread不能与DLL一起工作_C++_Dll Injection_Createremotethread - Fatal编程技术网
Fatal编程技术网
  • cplusplus/
  • C++ CreateRemoteThread不能与DLL一起工作

C++ CreateRemoteThread不能与DLL一起工作

c++

C++ CreateRemoteThread不能与DLL一起工作,c++,dll-injection,createremotethread,C++,Dll Injection,Createremotethread,我试图注入一个简单的dll,在目标进程中创建一个MessageBox。使用www中的喷油器工作时没有任何问题。但是,使用我自己的代码进行注入根本不起任何作用(我在notepad.exe上使用它) 我在VS2017中将dll和此代码编译为x64调试。Injector创建为Win32控制台项目 代码中的所有阶段都通过了。我得到了进程的句柄,线程句柄也是有效的。但是GetExitCode返回0,所以它总是失败,但我不知道为什么 HANDLE process = OpenProcess(PROC

我试图注入一个简单的dll,在目标进程中创建一个MessageBox。使用www中的喷油器工作时没有任何问题。但是,使用我自己的代码进行注入根本不起任何作用(我在notepad.exe上使用它)

我在VS2017中将dll和此代码编译为x64调试。Injector创建为Win32控制台项目

代码中的所有阶段都通过了。我得到了进程的句柄,线程句柄也是有效的。但是GetExitCode返回0,所以它总是失败,但我不知道为什么

    HANDLE process = OpenProcess(PROCESS_ALL_ACCESS, false, pid);

if (process == NULL)
{
    std::cout << "Error opening process." << std::endl;
    return false;
}

const char * dllString = "C:\\test.dll";

// load memory for dll

int bytes = sizeof(dllString);


PVOID mem = VirtualAllocEx(process, NULL, sizeof(dllString) + 1, MEM_COMMIT, PAGE_READWRITE);

if (mem == NULL)
{
    std::cout << "Unable to allocate mem." << std::endl;
    CloseHandle(process);
    return false;
}

// write dll path to that location
SIZE_T bytesWritten;
BOOL status = WriteProcessMemory(process, mem, dllString, sizeof(dllString) + 1, &bytesWritten);

if (!status)
{
    std::cout << "Writing dll path failed." << std::endl;
    VirtualFreeEx(process, mem, sizeof(dllString) + 1, MEM_RELEASE);
    CloseHandle(process);
    return false;
}

FARPROC loadLibrary = GetProcAddress(GetModuleHandle("kernel32.dll"), "LoadLibraryA");

HANDLE thread = CreateRemoteThread(process, NULL, NULL, reinterpret_cast<LPTHREAD_START_ROUTINE>(loadLibrary), mem, NULL, NULL);

if (thread == INVALID_HANDLE_VALUE)
{
    std::cout << "Unable to create thread in remote process. " << std::endl;
    VirtualFreeEx(process, mem, sizeof(dllString) + 1, MEM_RELEASE);
    CloseHandle(process);
}


WaitForSingleObject(thread, INFINITE);

DWORD exitCode = 0;
GetExitCodeThread(thread, &exitCode);

if (exitCode != 0)
    std::cout << "DLL loaded successfully." << std::endl;
else
    std::cout << "DLL loading failed." << std::endl;

CloseHandle(thread);
VirtualFreeEx(process, mem, sizeof(dllString) + 1, MEM_RELEASE);
CloseHandle(process);
return true;

HANDLE process=OpenProcess(process\u ALL\u ACCESS,false,pid);
if(进程==NULL)
{

std::cout刚刚自己解决了这个问题。实际上是一个noob问题。sizeof实际上是返回指针的大小,对于x64是64位,而不是我需要分配的内存的字符串长度。因此,将其更改为strlen后,它就起作用了