Welcome![Sign In][Sign Up]
Front-page it | Collect it | [中国-简体中文]
FAQ Fav
Location:
Search - CreateRemoteThread

Search list

[Hook apisfileopen_hook

Description: DLL注入器,CreateRemoteThread, SetWindowHook例子源代码-DLL injector, CreateRemoteThread, SetWindowHook example source code, etc.! ! !
Platform: | Size: 67584 | Author: 汤子兵 | Hits:

[Hook apiIAT-API-Hook

Description: Delphi IAT Hook API(沒使用到Dll,我打算用CreateRemoteThread來實現Hook,可以說還沒完成)-Delphi IAT Hook API
Platform: | Size: 357376 | Author: asd | Hits:

[Hook apiInjection[src-a-Bin]

Description: DLL注入的源码和bin文件,简单易用学习远程线程的好例子-nice example for DLL injection. use createremotethread. include bin and src
Platform: | Size: 203776 | Author: linzhixin | Hits:

[Hook apiCreateRemoteThread

Description: 创建远程线程,DLL注入,写函数-Create remote thread, the DLL infuse, write function
Platform: | Size: 1024 | Author: luffy | Hits:

[Windows DevelopPThrreadUtillr

Description: 提升程序源码权限,创建远程线程的源码。在别的进程中创建一个自己写的线程。创建线程本来只是一个函数的事,CreateRemoteThread()。其中的参数包含线程函数体。但是这是在远程进程的地盘上,所所以此此函数体的地址必须映射到远程进程的空间中去。线程中引用的全部地址,包含函数与指针与字符串等等,都必须映射到远程进程的空间中去。映射的步骤有三1、在远程进程中分配空间,函数VirtualAllocE -Permission to enhance the program source code, source to create a remote thread. In the other process to create a thread to write their own. Create a thread was just a function, CreateRemoteThread (). Which parameter contains the thread function body. But this is a remote process on the site, the address of this function must be mapped to the remote process space. Address referenced in the thread that contains the function pointer with string, and so on, must be mapped to the remote process space. Mapping steps 1, the space allocated in the remote process, function VirtualAllocE
Platform: | Size: 58368 | Author: guli | Hits:

[OtherInjector1.1

Description: 一个Dll注入工具,使用CreateRemoteThread实现-A Dll injection tool, use CreateRemoteThread achieve
Platform: | Size: 301056 | Author: 雷小创 | Hits:

[Hook apiInjLib

Description: 使用CreateRemoteThread函数来注入D-To use CreateRemoteThread function is to inject a DLL
Platform: | Size: 191488 | Author: 雨中林 | Hits:

[OS programRemoteThreadDll

Description: DLL注入之远线程方式 每个进程都有自己的虚拟地址空间,对32位进程来说,这个地址空间的大小为4GB。因为每个进程都有自己专有的地址空间,当进程的各个线程运行的时候,它们只能够访问属于自己进程的内存。这样做的一个好处是维护系统的安全,防止进程的私有空间被入侵。世界上有了矛就有了盾,windows也撕开了一个小口,提供了一些函数来让其它进程对另一个进程进行操作,当然亦邪亦正,全在于你。大名鼎鼎的CreateRemoteThread就是属于这样的函数。 远线程注入的基本原理就是通过在另一个进程中创建远程线程的方法进入目标进程的内存地址空间。使用插入到目标进程中的远程线程将该DLL插入到目标进程的地址空间,即利用该线程通过调用Windows API LoadLibrary函数来加载DLL,从而实现获取目标进程空间的使用权。如下摘自ReactOS 3.14的代码所示,CreateRemoteThread实际实现的功能就是调用NtCreateThread创建一个属于目标进程的线程。-DLL injection far thread
Platform: | Size: 3013632 | Author: ljh | Hits:

[Hook apiCode-injection-three-methods

Description: 代码注入的三种方法:WindowsHook,CreateRemoteThread和WriteProcessMemory,CreateRemoteThread和LoadLibrary-The code injection three methods: WindowsHook CreateRemoteThread and WriteProcessMemory CreateRemoteThread and LoadLibrary
Platform: | Size: 53248 | Author: 微妙 | Hits:

[Windows DevelopcbNotepad

Description: 这个示例演示了如何将一个DLL到一个远程过程CreateRemoteThread使用。具体地说,这个应用程序工具栏添加一个Windows记事本应用程序。这个程序适用于Windows NT、2000和XP。-This sample demonstrates how to inject a DLL into a remote process using CreateRemoteThread. Specifically, this application adds a toolbar to the Windows Notepad application. This program will work on Windows NT, 2000 and XP.
Platform: | Size: 36864 | Author: 小打小闹 | Hits:

[Driver DevelopNP_Source

Description: NP启动后通过WriteProcessMemory跟CreateRemoteThread向所有进程注入代码(除了系统进程smss.exe),代码通过np自己的LoadLibrary向目标进程加载npggNT.des。npggNT.des一旦加载就马上开始干“坏事”,挂钩(HOOK)系统关键函数如OpenProcess,ReadProcessMemory,WriteProcessMemory,PostMessage等等。 挂钩方法是通过改写系统函数头,在函数开始JMP到npggNT.des中的替换函数。用户调用相应的系统函数时,会首先进入到npggNT.des模块等待NP的检查,-NP starts with CreateRemoteThread via WriteProcessMemory inject code to all processes (in addition to system process smss.exe), np own code through LoadLibrary to load the target process npggNT.des. npggNT.des Once loaded immediately start doing "bad", hooks (HOOK) system-critical functions such as OpenProcess, ReadProcessMemory, WriteProcessMemory, PostMessage and so on. Hook method is through rewriting system function head start in the function of JMP to npggNT.des replacement function. Users call the corresponding system function, will first enter into npggNT.des module waits for NP examination,
Platform: | Size: 129024 | Author: ghgh | Hits:

[Hook apiCodeCave

Description: win7下利用CreateRemoteThread函数hook记事本,弹出一个对话框-Under win7 use CreateRemoteThread hook notepad function, a dialog box pops up
Platform: | Size: 3072 | Author: cqs | Hits:

[Hook apisniff

Description: 使用了 CreateRemoteThread 注入目标行程,然后使用替换式 API HOOK.-use createRemoteThread inject into target, switch api hook
Platform: | Size: 139264 | Author: teenlove | Hits:

[OS programCreateRemoteThread

Description: 远程注入线程 支持 x64 和 x86 需要可以-Remote injection thread support x64 and x86 need to look at
Platform: | Size: 16840704 | Author: cailei | Hits:

[ADO-ODBCos_createremotethread

Description: Win7下CreateRemoteThread的代替函数-Win7 substitute for the function under the CreateRemoteThread
Platform: | Size: 1024 | Author: fflql647baz | Hits:
« 1 2 3»

CodeBus www.codebus.net