hooking_study_1
hooking 2009. 10. 23. 13:39 |dll injection을 통해 crackme인증우회(메모리 변경)
=============인젝션할 dll=========================================
#include <stdio.h>
#include <windows.h>
#define EXPORT extern "C" __declspec(dllexport)
// DLL을 로드한 곳에서 EXPORT한 함수명을 쓸수있게 함
BOOL Change()
{
BYTE *pJumpAddr; //조건분기문 주소 포인터
DWORD dwOldProtect;
DWORD dw;
pJumpAddr = (BYTE *)0x00401160; //조건분기문위치
//GetProcAddress 필요없음
VirtualProtect(pJumpAddr, 2, PAGE_WRITECOPY, &dwOldProtect);
*pJumpAddr = 0x90; //nop
*(pJumpAddr + 1) = 0x90; //nop
VirtualProtect(pJumpAddr, 2, dwOldProtect, &dw);
return TRUE;
}
BOOL APIENTRY DllMain(HANDLE hModule,
DWORD ul_reason_for_call,
LPVOID lpReserved)
{
switch(ul_reason_for_call)
{
case DLL_PROCESS_ATTACH:
Change();
break;
case DLL_PROCESS_DETACH:
break;
}
return TRUE;
}
=============인젝션할 dll=========================================
#include <stdio.h>
#include <windows.h>
#define EXPORT extern "C" __declspec(dllexport)
// DLL을 로드한 곳에서 EXPORT한 함수명을 쓸수있게 함
BOOL Change()
{
BYTE *pJumpAddr; //조건분기문 주소 포인터
DWORD dwOldProtect;
DWORD dw;
pJumpAddr = (BYTE *)0x00401160; //조건분기문위치
//GetProcAddress 필요없음
VirtualProtect(pJumpAddr, 2, PAGE_WRITECOPY, &dwOldProtect);
*pJumpAddr = 0x90; //nop
*(pJumpAddr + 1) = 0x90; //nop
VirtualProtect(pJumpAddr, 2, dwOldProtect, &dw);
return TRUE;
}
BOOL APIENTRY DllMain(HANDLE hModule,
DWORD ul_reason_for_call,
LPVOID lpReserved)
{
switch(ul_reason_for_call)
{
case DLL_PROCESS_ATTACH:
Change();
break;
case DLL_PROCESS_DETACH:
break;
}
return TRUE;
}
invalid-file
invalid-file'hooking' 카테고리의 다른 글
| outputdebugstring사용 (0) | 2011.06.25 |
|---|---|
| [펌]메시지훅 예제 (0) | 2009.11.02 |
| 지뢰찾기 핵 (0) | 2009.11.01 |
| DLL Injector (0) | 2009.10.02 |