远程dll示例,学习远程线程的例子
masm32 v11 免费下载
Windows环境下32位汇编语言程序设计中13章的远程注入dll的例子
说明HideDll.dll既是nc.dll(改了个名,军刀netcat的动态链接库版),相当于nc -LP 66。
loader.exe取自Windows应用程序捆绑核心编程。
也可以用Windows环境下32位汇编语言程序设计RemoteThreadDll中的Load.exe。直接就捆绑到了explorer.exe。
szDesktopClass db 'Progman',0
szDesktopWindow db 'Program Manager',0
环境可以下载上面的masm32 v11,然后下载Windows环境下32位汇编语言程序设计中13章的远程注入dll的例子。
}
开始的时候没有CreateThread(),直接调用了Dll的主函数EntryPoint(),结果注入了dll也没发挥作用。
原来,需要在DllMain()函数里再创建一个线程。
把netcat.dll注入到calc.exe,但是连接后还是出现cmd.exe
http://v.youku.com/v_show/id_XNTU0MzE2ODky.html
能不能把cmd.exe也隐藏了?
tasklistt /m 可以看出所有的进程加载了哪些dll,我们的dll.dll显示了出来!
explorer.exe 3764 ntdll.dll, kernel32.dll, ADVAPI32.dll,
RPCRT4.dll, Secur32.dll, BROWSEUI.dll,
GDI32.dll, USER32.dll, msvcrt.dll,
ole32.dll, SHLWAPI.dll, OLEAUT32.dll,
SHDOCVW.dll, CRYPT32.dll, MSASN1.dll,
CRYPTUI.dll, NETAPI32.dll, VERSION.dll,
WININET.dll, Normaliz.dll, urlmon.dll,
iertutil.dll, WINTRUST.dll, IMAGEHLP.dll,
WLDAP32.dll, SHELL32.dll, UxTheme.dll,
ShimEng.dll, AcGenral.DLL, WINMM.dll,
MSACM32.dll, USERENV.dll, IMM32.DLL,
LPK.DLL, USP10.dll, comctl32.dll,
comctl32.dll, msctfime.ime,
GOOGLEPINYIN2.IME, MSIMG32.dll, gdiplus.dll,
dbghelp.dll, appHelp.dll, CLBCATQ.DLL,
COMRes.dll, NetdiskExt.dll, MPR.dll,
PSAPI.DLL, 360UDiskGuard.dll, SETUPAPI.dll,
cscui.dll, CSCDLL.dll, themeui.dll,
xpsp2res.dll, msxml3.dll, ACTXPRXY.DLL,
SAMLIB.dll, msi.dll, LINKINFO.dll,
ntshrui.dll, ATL.DLL, ieframe.dll,
stobject.dll, BatMeter.dll, POWRPROF.dll,
WTSAPI32.dll, WINSTA.dll, MSCTF.dll,
wdmaud.drv, msacm32.drv, midimap.dll,
NETSHELL.dll, credui.dll, dot3api.dll,
rtutils.dll, dot3dlg.dll, OneX.DLL,
eappcfg.dll, MSVCP60.dll, eappprxy.dll,
iphlpapi.dll, WS2_32.dll, WS2HELP.dll,
webcheck.dll, MLANG.dll,
WPDShServiceObj.dll, WINHTTP.dll,
fzshellext.dll, mydocs.dll,
PortableDeviceTypes.dll,
PortableDeviceApi.dll, SXS.DLL,
SoftMgrLiteLauncher.dll, safemon.dll,
Safehmpg.dll, iNetSafe.dll, 360Util.dll,
rsaenh.dll, browselc.dll, drprov.dll,
davclnt.dll, DUSER.dll, MSGINA.dll,
ODBC32.dll, comdlg32.dll, odbcint.dll,
wiashext.dll, sti.dll, CFGMGR32.dll,
PDFShell.dll, MSVCP90.dll, MSVCR90.dll,
Dll.dll, WSOCK32.dll,
net_monitor2.0.2.7.dll, MSVCP71.dll,
MSVCR71.dll, mswsock.dll, hnetcfg.dll,
wshtcpip.dll
360Util.dll是360安全卫士注入的。