DLL injection VC tutorial

1. Create an mfc extension dll, which will be done by anyone I want to use VC -! The name is mydll.

2. Click "File"-"CREATE" select a File "and create a Header File. The File name is" Hook ".

3. Copy the following functions to the Hook. h file you just created.

Extern "C" lresult callback keybordproc (int code, WPARAM wparam, LPARAM lparam); // hook processing function

Extern "C" bool WINAPI starthook (DWORD threadID); // start the hook

Extern "C" bool WINAPI stophook (); // stop the hook

4. Add the following content under # include "stdafx. h" of mydll. CPP.

# Include "Hook. h"

# Pragma data_seg ("publicdata ")

HHOOK hhook = NULL;

HINSTANCE pinstance = NULL;

# Pragma data_seg ()

5. Find DllMain ....... Initialize in

Pinstance = hInstance;

6. At the same time, find the blank area in mydll. CPP and copy the following code.

Extern "C" bool WINAPI starthook (DWORD threadID) // open the hook function

{

Hhook = setwindowshookex (wh_getmessage, keybordproc, pinstance, threadid );

If (hhook! = NULL)

Return true;

Else

Return false;

}

Extern "C" bool winapi stophook () // close the hook function

{

Unhookwindowshookex (hhook );

If (hhook = NULL)

Return true;

Else

Return false;

}

7. Copy the following code and pay attention to the following afxmessagebox ("hhhhh"); then, you can replace the Assembly you have written, such

Dword addr = 0x0056fc80;

_ ASM

{

Pushad

Call ADDR

Popad

}

The preceding if statement means that pressing the H key will cause subsequent events. Here is a dialog box.

Extern "C" lresult callback keybordproc (INT code, wparam, lparam)

{

If (code = hc_action)

{

MSG * msg = (MSG *) lparam;

If (msg-> message = WM_CHAR)

{

If (msg-> wParam = 'H') AfxMessageBox ("hhhhh"); // if the keyboard message is received as the key h, a dialog box is displayed.

}

}

Return CallNextHookEx (hhook, code, wparam, lparam );

}

8. Add the following content to the EXPORTS file in the mydll. def file:

Starthook @ 1

Stophook @ 2

Start compiling. In Debug, A mydll. dll and mydll. lib are displayed.

9. Project-add to project-create a pure Dialog EXE and compile it... Then copy mydll. dll and mydll. lib in the above Debug to the newly created EXE.

In the Debug directory of the folder and EXE, and then set the project to find the connection and add mydll. lib to the object/Library module.

10. Add two buttons for your Dialog to test whether the injection is successful. The functions are as follows:

Void CWULINtestDlg: OnButton1 ()

{

HWND mhwnd =: FindWindow (NULL, "Spring and Autumn q Online (version 0.6.17 )");

If (mhwnd = 0 ){

AfxMessageBox ("error ");

}

Else {

DWORD threadid = GetWindowThreadProcessId (mhwnd, NULL );

Starthook (threadid); // open the hook

}

}

Void CWULINtestDlg: OnButton2 ()

{

HWND hwnd =: FindWindow (NULL, "Spring and Autumn q Online (version 0.6.17 )");

If (hwnd = 0)

AfxMessageBox ("error ");

Else {

: PostMessage (hwnd, WM_KEYDOWN,); // 72 is the key value of h.

}

}

11 first press the injection button and then press the command to see if a dialog box is displayed. You can also change the function in the dll to the CALL you want to inject.