|
发表于 2018-1-10 17:30:10
|
显示全部楼层
河南省商丘市
void WINAPI myMessageBox()
{
::MessageBoxA(NULL, "myMessageBoxA", "Caption:", MB_OK);
}
void CMFCApplication1Dlg::OnBnClickedOk()
{
//写内存字节集(-1, 函数地址, { 184 } + 到字节集(&myMessageBox) + { 255, 224 })
char pBuffer1[2] = { 255, 224 };
PVOID 地址 = VirtualAlloc(NULL, 40, MEM_COMMIT, PAGE_EXECUTE_READWRITE);
DWORD dwWriteSize = 0;
char pBuffer[100] = { 0 };
DWORD dwMyMessageBox = (DWORD)myMessageBox;
pBuffer[0] = 184;
memcpy(&pBuffer[1], (char*)&dwMyMessageBox, 4);
memcpy(&pBuffer[5], pBuffer1, 2);
WriteProcessMemory(INVALID_HANDLE_VALUE, 地址, pBuffer, 7, &dwWriteSize);
__asm call 地址
} |
|