冰楓論壇
標題:
關於劫持dwk.dll (已設作者)
[打印本頁]
作者:
BeeBan
時間:
2022-1-10 10:18
標題:
關於劫持dwk.dll (已設作者)
本帖最後由 yuanzhan 於 2022-11-1 19:55 編輯
#include "Form_Main.h"
#include <Windows.h>
#pragma comment(linker, "/EXPORT:InstallDWK=_AheadLib_InstallDWK,@1")
#pragma comment(linker, "/EXPORT:UninstallDWK=_AheadLib_UninstallDWK,@2")
#define EXTERNC extern "C"
#define NAKED __declspec(naked)
#define EXPORT __declspec(dllexport)
#define ALCPP EXPORT NAKED
#define ALSTD EXTERNC EXPORT NAKED void __stdcall
#define ALCFAST EXTERNC EXPORT NAKED void __fastcall
#define ALCDECL EXTERNC NAKED void __cdecl
namespace AheadLib
{
HMODULE m_hModule = NULL;
DWORD m_dwReturn[2] = {0};
inline BOOL WINAPI Load()
{
TCHAR tzPath[MAX_PATH];
TCHAR tzTemp[MAX_PATH * 2];
lstrcpy(tzPath, TEXT("dwk"));
m_hModule = LoadLibrary(tzPath);
return (m_hModule != NULL);
}
inline VOID WINAPI Free()
{
if (m_hModule)
{
FreeLibrary(m_hModule);
}
}
FARPROC WINAPI GetAddress(PCSTR pszProcName)
{
FARPROC fpAddress;
CHAR szProcName[16];
TCHAR tzTemp[MAX_PATH];
fpAddress = GetProcAddress(m_hModule, pszProcName);
if (fpAddress == NULL)
{
if (HIWORD(pszProcName) == 0)
{
pszProcName = szProcName;
}
ExitProcess(-2);
}
return fpAddress;
}
}
using namespace AheadLib;
BOOL WINAPI DllMain(HMODULE hModule, DWORD dwReason, PVOID pvReserved)
{
if (dwReason == DLL_PROCESS_ATTACH)
{
DisableThreadLibraryCalls(hModule);
return Load();
}
else if (dwReason == DLL_PROCESS_DETACH)
{
Free();
}
return TRUE;
}
ALCDECL AheadLib_InstallDWK(void)
{
GetAddress("InstallDWK");
__asm JMP EAX;
}
ALCDECL AheadLib_UninstallDWK(void)
{
GetAddress("UninstallDWK");
__asm JMP EAX;
}
以上這些是劫持出來的,只是我將DWK.dll放置爆爆王資料夾裡面的時候
有跑出我撰寫的輔助介面,但只有一瞬間,一瞬間過去又消失了...
不知道是哪有出問題 還請各位指點迷津..
劫持的DLL為:DWK.DLL
歡迎光臨 冰楓論壇 (https://bingfong.com/)
Powered by 冰楓