设为首页 加入收藏

TOP

VC内嵌汇编调用api
2014-11-23 21:25:16 】 浏览:477
Tags:汇编 调用 api

void KillProc() //By ASM
{
//注意参数反向推入
long pid=0;
HANDLE hp;
printf("Input pid: ");
scanf("%ld",&pid);
HMODULE kernel32=LoadLibraryA("kernel32.dll");
PVOID op=GetProcAddress(kernel32,"OpenProcess");
PVOID tp=GetProcAddress(kernel32,"TerminateProcess");
//hp=OpenProcess(1,0,pid);
__asm
{
push pid
push 0
push 1
call op
mov hp,eax
}
//TerminateProcess(hp,0);
__asm
{
push 0
push hp
call tp
}
}
void MsgBoxByASM()
{
char sstr[]="你好,世界!!!";
char stit[]="我的标题";
PVOID s1=sstr,s2=stit;
HMODULE user32=LoadLibraryA("user32.dll");
PVOID mymsgbox=GetProcAddress(user32,"MessageBoxA");
__asm
{
push 0
push s2
push s1
push 0
call mymsgbox
}
}
void ZwOpenProcCall()
{
//init the params
long pid=0,stt;
HANDLE hp;ULONG php=(ULONG)(&hp);
CLIENT_ID cid;ULONG pcid=(ULONG)(&cid);
OBJECT_ATTRIBUTES oa;ULONG poa=(ULONG)(&oa);
printf("[KILL PROCESS]Input pid: ");scanf("%ld",&pid);
oa.Length=sizeof(oa);
oa.RootDirectory = 0;
oa.ObjectName = 0;
oa.Attributes = 0;
oa.SecurityDescriptor = 0;
oa.SecurityQualityOfService = 0;
cid.UniqueProcess=(HANDLE)pid;
cid.UniqueThread=0;
//get address and call
HMODULE ntdll=LoadLibraryA("ntdll.dll");
//RtlAdjustPrivilege(20,1,0,0);
PVOID pRtlAdjustPrivilege=GetProcAddress(ntdll,"RtlAdjustPrivilege");
int nu;int *pnu=ν
__asm
{
push pnu
push 0
push 1
push 20
call pRtlAdjustPrivilege
}
//ZwOpenProcess(&hp,1,&oa,&cid);
PVOID pZwOpenProcess=GetProcAddress(ntdll,"ZwOpenProcess");
__asm
{
push pcid
push poa
push 1
push php
call pZwOpenProcess
mov stt,eax
}
printf("NTSTATUS: %x Process Handle: %ld ",stt,hp);
//ZwTerminateProces(hp,0);
PVOID pZwTerminateProcess=GetProcAddress(ntdll,"ZwTerminateProcess");
__asm
{
push 0
push hp
call pZwTerminateProcess
}
}

】【打印繁体】【投稿】【收藏】 【推荐】【举报】【评论】 【关闭】 【返回顶部
上一篇使用VC开发程序经验谈(一) 下一篇VC中树形控件(CTreeCtrl)的使用

最新文章

热门文章

Hot 文章

Python

C 语言

C++基础

大数据基础

linux编程基础

C/C++面试题目