我正在尝试使用windws api (windows.h) 和tlhelp32.h 在C 中进行进程注入。但我无法执行它。首先,我获取进程并进行比较,以了解我想要注入的进程是否正在执行,但是当我进行比较时,我收到一条错误,指出类型错误:
PROCESSENTRY32 pe32;
pe32.dwSize = sizeof(PROCESSENTRY32);
HANDLE snapshot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
Process32First(snapshot, &pe32);
do {
if(wcscmp(pe32.szExeFile, L"mspaint.exe")==0) {
HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, pe32.th32ProcessID);
LPVOID allocated_mem = VirtualAllocEx(hProcess, NULL, sizeof(shellcode), (MEM_RESERVE | MEM_COMMIT), PAGE_EXECUTE_READWRITE);
if (allocated_mem == NULL){
printf("Memory allocation failed: %u\n", GetLastError());
return 1;
}
printf("Memory page allocated at: 0x%p\n", allocated_mem);
WriteProcessMemory(hProcess, allocated_mem, shellcode, sizeof(shellcode), NULL);
HANDLE hThread = CreateRemoteThread(hProcess, NULL, 0, (LPTHREAD_START_ROUTINE)allocated_mem, NULL, 0, NULL);
if (hThread == NULL){
printf("Failed to obtain handle to process: %u\n", GetLastError());
return 1;
}
WaitForSingleObject(hThread, INFINITE);
VirtualFreeEx(hThread, allocated_mem, 0, MEM_RELEASE);
CloseHandle(hThread);
CloseHandle(hProcess);
break;
}
} while(Process32Next(snapshot, &pe32));
我也尝试过不检查这一点,只输入进程 ID,但它也不起作用。 shellcode(消息框)被注入到进程的内存中,但消息框没有显示,我不知道为什么。我需要帮助,蒂。
您正在使用 TLHelp32 API 的
TCHARPROCESSENTRY32Process32(First|Next)PROCESSENTRY32AProcess32(First|Next)Ape32.szExeFilecharwcscmp()wchar_t因此,您需要:
更改项目配置以启用
UNICODE_tcscmp()wcscmp()保持项目不变,但使用
strcmp()wcscmp()停止使用基于
TCHARwchar_twcscmp()