Delphi callµ÷ÓÃÀý×Ó
ÔÚȺÀï¿´µ½ÓÐÈË·¢Á˸ö±ðÈË·¢¸øËûµÄ
ÎÒ¿´ÁËдµÄ±È½ÏÉú¶¯ ÔÚÕâת¸ø´ó¼Ò¿´¿´
ºÃµÄ Ê°È¡ÎïÌ庯ÊýдºÃÁË Ï²½ÊÇÈçºÎ½«´úÂë×¢Èëµ½ÓÎÏ·½ø³ÌÖÐÖ´ÐÐ??
1) С͵¿ªÃÅ
PHND:= OpenProcess (PROCESS_ALL_ACCESS, False, PID);µÃµ½ÓÎÏ·´°¿Ú¾ä±ú»ñµÃȨÏÞ
2)С͵ÔÚ·¿¼ä¸ã¸ö·Å×÷°¸·½°¸µÄµØ·½
TAdd := VirtualAllocEx(PHND, nil, 4096, MEM_COMMIT, PAGE_EXECUTE_READWRITE)
ÔÚÓÎÏ·½ø³ÌÖÐÉêÇë4096×ֽڵĿռäÓÃÀ´´æ·Åº¯Êý´úÂë
3)С͵°Ñ×÷°¸·½°¸·ÅÈë×÷°¸¿Õ¼ä
WriteProcessMemory(TPHND, TAdd,PickCall,4096 , WriteCount);
°Ñ´úÂëдµ½ÓÎÏ·½ø³ÌÖÐ ¿ªÊ¼µÄµØÖ·Êǵڶþ²½µÃµ½µÄλÖÃ
4)С͵ÔÚ·¿¼äÖиã¸ö·Å×÷°¸¹¤¾ßµÄµØ·½
PAdd := VirtualAllocEx(PHND, nil, 128, MEM_COMMIT, PAGE_EXECUTE_READWRITE)
ÔÚÓÎÏ·½ø³ÌÖÐÉêÇë128×ֽڵĿռäÓÃÀ´´æ·Å²ÎÊý
5)С͵°Ñ×÷°¸¹¤¾ß·ÅÈë·¿¼ä
WriteProcessMemory(TPHND, TAdd,param,128 , WriteCount);
дÈë²ÎÊý
6)Ò»Æð¾Í¾ÍÐ÷ ¿ªÊ¼×÷°¸
TmpHandle := CreateRemoteThread(TPHND, nil, 0, TAdd, padd, 0, WriteCount);
WaitForSingleObject(TmpHandle, INFINITE);//µÈ´ý×÷°¸Íê³É
CloseHandle(TmpHandle); //¹Ø±ÕÔ¶³ÌµÄ¾ä±ú ×÷°¸Íê³Éºó¹ØÃÅÉÁÈË
µ½ÕâÀï »ù±¾¶¼¸ãÇå³þ×¢Èë´úÂëµÄÓ÷¨ÁË,ѧϰÖصãÊÇ
1)Àí½âCreateRemoteThreadº¯Êý¸÷¸ö²ÎÊýµÄÒâÒå
2)Êý¾Ý½á¹¹µÄÓ÷¨
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
procedure runCall;stdcall; // ×ß·call
var
Address:Pointer;
begin
Address:=Pointer($004537E4); //º¯ÊýÈë¿ÚµØÖ·
asm
pushad //±£´æ¼Ä´æÆ÷»·¾³
mov eax,47 //²Î¿¼ÉÏÃæµÄ·´»ã±à
call Address //Õýʽµ÷Óú¯Êý
popad //»Ö¸´¼Ä´æÆ÷»·¾³
end;
end;
//-------------------------×¢Èë´úÂëµÄº¯Êý----------------------------
//²ÎÊý˵Ã÷:
//InHWND:±»×¢ÈëµÄ´°¿Ú¾ä±ú
//Func:×¢ÈëµÄº¯ÊýµÄÖ¸Õë
//Param:²ÎÊýµÄÖ¸Õë
//ParamSize:²ÎÊýµÄ´óС
//
procedure InjectFunc(InHWND: HWND; Func: Pointer; Param: Pointer; ParamSize: DWORD);
var
hProcess_N: T
Ïà¹ØÎĵµ£º
ÀàµÄʼþ
unit Unit1;
interface
uses
Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
Dialogs, StdCtrls;
type
TMyEvent = procedure of object; //²»´ø²ÎÊýµÄ¹ý³Ì
TMyEventExt = procedure(AName: string) of object; //´ø²ÎÊýµÄ¹ý³Ì
TForm1 = class(TForm)
......
²éÕÒÁíÍâÒ»¸ö´°¿ÚµÄ¾ä±ú£º handle := FindWindow(nil,PChar('´°¿ÚµÄ±êÌâ'));//²éµ½´°Ìå¾ä±ú
²éÕÒ×Ó´°Ì壺childHandle := FindWindowEx(handle,0,'×Ó´°ÌåÀà','×Ó´°Ìå±êÌâ');
ÁíÍâÓиöö¾Ù×Ó´°ÌåµÄAPI£¬EnumChildWindows(Ö÷´´Ìå¾ä±ú,@»Øµ÷º¯Êý,Óû§²ÎÊý);
ÓÃÕâ¸öº¯ÊýÐèÒª×Ô¼ºÐ´Ò»¸ö»Øµ÷µÄº¯Êý£¬±ÈÈ磺
function EnumChil ......
¼¼Êõ½»Á÷,DH½²½â. Õâ¸ö¹¤¾ßÊǺÃÔçºÃÔçÒÔǰдµÄ,ÎÒÕâ¸öϲ»¶Ôڼұ߿´µçÓ°±ßдд´úÂë»òÕß¿´µç×ÓÊé,ËùÒÔ¾³£»á½«ÍøÒ³ÒƵ½ÆÁÄ»µÄ×óÉϽǻòÕßÓÒÉϽÇ,¶øÇÒÒªÖö¥.ËùÒÔ¾ÍдÁËÕâÑùÒ»¸ö¹¤¾ß,Õâ¸ö¹¤¾ßÖ÷ÒªÊǶԾä±úµÄ²Ù×÷,»¹ÓоÍÊÇ´°ÌåÑùʽÒÔ¼°¼¸¸öAPIµÄÀý×Ó,±È½Ï»ù´¡. Õû¸öÎļþÔÚ here(Can't Input Chinese:() ÏÂÃæ°Ñ´úÂëÌù³öÀ´,Ï£Íû ......
unit Unit1;
interface
uses
Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
Dialogs, StdCtrls, TlHelp32;
type
TForm1 = class(TForm)
Button1: TButton;
procedure Button1Click(Sender: TObject);
private
{ Private declarations }
public
{ Pub ......
ȷʵºÜÓÐÓ㬵«ÊÇÕâ¸öÔõô°Ñ¿Õ¸ñҲĬÈÏΪ·Ö¸î·ûÁËÄØ£¬ËÖªµÀÔõÑù°Ñ¿Õ¸ñ²»ÈÏΪÊÇ·Ö¸î·ûµÄ£¿£¿ TStringsÊÇÒ»¸ö³éÏóÀ࣬ÔÚʵ¼Ê¿ª·¢ÖУ¬ÊdzýÁË»ù±¾ÀàÐÍÍ⣬ӦÓõÃ×î¶àµÄ¡£ ³£¹æµÄÓ÷¨´ó¼Ò¶¼ÖªµÀ£¬ÏÖÔÚÀ´ÌÖÂÛËüµÄһЩ¸ß¼¶µÄÓ÷¨¡£ ÏÈ°ÑÒªÌÖÂ۵ļ¸¸öÊôÐÔÁгöÀ´£º 1
ȷʵºÜÓÐÓ㬵«ÊÇÕâ¸öÔõô°Ñ¿Õ¸ñҲĬÈÏΪ·Ö¸î·ûÁËÄØ£¬ËÖªµÀÔõÑ ......
