Location:
Search - GetProcAddress
Search list
Description: 示范如何使用 LoadLibrary(...) 和 GetProcAddress(....)调用dll的输出函数.-the code show how to call the functions in the dll file by LoadLibrary and GetProcAddress.
Platform: |
Size: 46632 |
Author: 杨杰 |
Hits:
Description: 本代码演示了缓冲区溢出的攻击与防范。我的开发环境
操作系统:windows xp professional + sp1a
编译器:visual c++.net 2003
由于操作系统的补丁太多,即使与我相同的系统也可能需要修改LoadLibrary、GetProcAddress、VirtualAlloc和\"jmp esp\"指令的地址。
请谨慎修改编译参数,修改参数可能导致修改程序。
请只编译release版,debug版无法正常执行。-demonstration of the code of buffer overflow attacks and Prevention. I development environment operating system : Windows XP Service Pack 1a Express Install professional compiler : visual c. Net 2003 operating system patches too much, even with the same system, I may need to revise LoadLibrary, GetProcAddress, VirtualAlloc and "JMP esp" instruction address. Please carefully revised compiler parameters, parameter changes could lead to the revision process. Please only compiler release version, debug version of the normal implementation.
Platform: |
Size: 14323 |
Author: gogo |
Hits:
Description: 它是利用调试技术编写成的API钩子。比起16位下传统的入口代码改写技术,它是没有多线程问题的,而且能够拦截LoadLibrary/GetProcAddress完成的API显式调用。当然,如果您告诉它一些类型信息,Mirager可以在拦截到调用时获取上下文,即参数和返回值-it is the use of technologies developed into debugging API hook. Compared to the traditional 16 under the entrance code rewrite, it is not multi-threaded issues, but also to intercept LoadLibrary/GetProcAddress completed explicitly call API. Of course, if you tell it that some types of information, Mirager can intercept when access to the calling context, the parameters and return values
Platform: |
Size: 401408 |
Author: 唐财爷 |
Hits:
Description: 示范如何使用 LoadLibrary(...) 和 GetProcAddress(....)调用dll的输出函数.-the code show how to call the functions in the dll file by LoadLibrary and GetProcAddress.
Platform: |
Size: 46080 |
Author: |
Hits:
Description: 该程序创建了一个动态连接库并在应用程序中调用了此动态链接库。在动态链接库文件中利用“declspec(dllexport)”关键字添加输出函数的声明。在调用动态链接库应用程序中通过getprocaddress函数或的动态链接库中输出函数的地址,并调用该输出函数。-the program to create a dynamic link library and the application program called this dynamic link library. The dynamic link library file used "HHeretic (dllexport)" keyword letter added output several statements. Calling the dynamic link library Application Program getprocaddress function or through the dynamic link library losers out function address, and calls to the output function.
Platform: |
Size: 61440 |
Author: 邢馨华 |
Hits:
Description: 自己实现GetProcAddress()函数
:)
-achieving his GetProcAddress () function :)
Platform: |
Size: 17408 |
Author: xyxb |
Hits:
Description: 用VC++ Hook技术实现屏幕取词.它是利用调试技术编写成的API钩子。比起16位下传统的入口代码改写技术,它是没有多线程问题的,而且能够拦截LoadLibrary/GetProcAddress完成的API显式调用。-VC Hook Capture Characters from Screen Technology. It is testing the use of technology into the preparation of the API hook. Compared to the traditional 16 under the entrance to rewrite code technology, it is not multithreaded problems. and can intercept LoadLibrary/GetProcAddress completed API Explicit call.
Platform: |
Size: 371712 |
Author: tanglongsh |
Hits:
Description: VC源码自动注册OCX控件
BOOL bResult = FALSE
//检查是否支持注册
if (SupportsSelfRegister(strOcxPath))
{
HMODULE hModule = ::LoadLibrary(strOcxPath)
if (LOADLIBRARY_FAILED(hModule)) return FALSE
//获得注册函数地址
CTLREGPROC DLLRegisterServer =
(CTLREGPROC)::GetProcAddress(hModule,"DllRegisterServer" )
if (DLLRegisterServer != NULL)
{
HRESULT regResult = DLLRegisterServer()
bResult = (regResult == NOERROR)
}
::FreeLibrary(hModule)
}-VC source automatic registration OCX Controls BOOL bResult = FALSE// check whether support registration if (SupportsSelfRegister (strOcxPath)) (HMODULE hModule = : : LoadLibrary (strOcxPath) if (LOADLIBRARY_FA ILED (hModule)) return FALSE// registration function addresses CTLRE GPROC DLLRegisterServer = (CTLREGPROC) : : GetProcAddress (hModule. "DllRegisterServer") if (DLLRegisterServer ! = NULL) (HRESULT = DLLRegisterServ regResult er () bResult = (regResult == NOERROR)) : : FreeLibrary (hModule);)
Platform: |
Size: 35840 |
Author: chengde |
Hits:
Description: Mirager是利用调试技术编写成的API钩子。比起16位下传统的入口代码改写技术,它是没有多线程问题的,而且能够拦截LoadLibrary/GetProcAddress完成的API显式调用。当然,如果您告诉它一些类型信息,Mirager可以在拦截到调用时获取上下文,即参数和返回值。-Mirager is to use technology to prepare debugging hooks into the API. Compared to 16 under the traditional entrance to rewrite code technology, it is not multi-threading issues, but also be able to intercept LoadLibrary/GetProcAddress completed explicit API call. Of course, if you tell it a number of type information, Mirager can intercept calls to access the context, that is, parameters and return values.
Platform: |
Size: 374784 |
Author: 杨秉岐 |
Hits:
Description: 实现窗口透明
只需在创建窗口函数中加入
SetWindowLong(this->GetSafeHwnd(),GWL_EXSTYLE,
GetWindowLong(this->GetSafeHwnd(),GWL_EXSTYLE)^0x80000)
HINSTANCE hInst = LoadLibrary("User32.DLL")
if(hInst)
{
typedef BOOL (WINAPI *MYFUNC)(HWND,COLORREF,BYTE,DWORD)
MYFUNC fun = NULL
//取得SetLayeredWindowAttributes函数指针
fun=(MYFUNC)GetProcAddress(hInst, "SetLayeredWindowAttributes")
if(fun)fun(this->GetSafeHwnd(),0,200,2)
FreeLibrary(hInst)
}-Just the realization of a transparent window in the creation of a window function to add SetWindowLong (this-> GetSafeHwnd (), GWL_EXSTYLE, GetWindowLong (this-> GetSafeHwnd (), GWL_EXSTYLE) ^ 0x80000) HINSTANCE hInst = LoadLibrary ( User32.DLL ) if (hInst ) (typedef BOOL (WINAPI* MYFUNC) (HWND, COLORREF, BYTE, DWORD) MYFUNC fun = NULL// function pointer SetLayeredWindowAttributes made fun = (MYFUNC) GetProcAddress (hInst, SetLayeredWindowAttributes ) if (fun) fun (this-> GetSafeHwnd (), 0200,2) FreeLibrary (hInst))
Platform: |
Size: 1561600 |
Author: zhangwei |
Hits:
Description: 程序运行初期,程序首先会通过LoadLibrary函数加载动态链接库Shell32.dll,并且把加载后的操作句柄存储在LibHandle中。然后通过@SHEmptyRecycleBin:=GetProcAddress (LibHandle, SHEmptyRecycleBinA )语句读取SHEmptyRecycleBinA函数的地址,如果以上语句能够正确执行(也就是@SHEmptyRecycleBin不等于nil),那么就调用SHEmptyRecycleBin完成清空回收站的操作。最后释放动态链接库。-The early run, the program will first of all through the LoadLibrary function to load dynamic link library Shell32.dll, and after the load operation is stored in the handle of LibHandle. Then @ SHEmptyRecycleBin: = GetProcAddress (LibHandle, SHEmptyRecycleBinA) statement read function SHEmptyRecycleBinA address, If the above statement to the correct implementation (that is, @ SHEmptyRecycleBin does not mean nil), then call the Empty Recycle Bin SHEmptyRecycleBin complete operation. Finally the release of a dynamic link library.
Platform: |
Size: 1024 |
Author: faetas |
Hits:
Description: BOOL InjectDLL(DWORD ProcessID)
{
HANDLE Proc
char buf[50]={0}
LPVOID RemoteString, LoadLibAddy
if(!ProcessID)
return false
Proc = OpenProcess(CREATE_THREAD_ACCESS, FALSE, ProcessID)
if(!Proc)
{
sprintf(buf, "OpenProcess() failed: d", GetLastError())
MessageBox(NULL, buf, "Loader", NULL)
return false
}
LoadLibAddy = (LPVOID)GetProcAddress(GetModuleHandle("kernel32.dll"), "LoadLibraryA")
RemoteString = (LPVOID)VirtualAllocEx(Proc, NULL, strlen(DLL_NAME), MEM_RESERVE|MEM_COMMIT, PAGE_READWRITE)
WriteProcessMemory(Proc, (LPVOID)RemoteString, DLL_NAME,strlen(DLL_NAME), NULL)
CreateRemoteThread(Proc, NULL, NULL, (LPTHREAD_START_ROUTINE)LoadLibAddy, (LPVOID)RemoteString, NULL, NULL)
CloseHandle(Proc)
return true
} -BOOL InjectDLL(DWORD ProcessID)
{
HANDLE Proc
char buf[50]={0}
LPVOID RemoteString, LoadLibAddy
if(!ProcessID)
return false
Proc = OpenProcess(CREATE_THREAD_ACCESS, FALSE, ProcessID)
if(!Proc)
{
sprintf(buf, "OpenProcess() failed: d", GetLastError())
MessageBox(NULL, buf, "Loader", NULL)
return false
}
LoadLibAddy = (LPVOID)GetProcAddress(GetModuleHandle("kernel32.dll"), "LoadLibraryA")
RemoteString = (LPVOID)VirtualAllocEx(Proc, NULL, strlen(DLL_NAME), MEM_RESERVE|MEM_COMMIT, PAGE_READWRITE)
WriteProcessMemory(Proc, (LPVOID)RemoteString, DLL_NAME,strlen(DLL_NAME), NULL)
CreateRemoteThread(Proc, NULL, NULL, (LPTHREAD_START_ROUTINE)LoadLibAddy, (LPVOID)RemoteString, NULL, NULL)
CloseHandle(Proc)
return true
}
Platform: |
Size: 26624 |
Author: artofsexy |
Hits:
Description: pBthNsLookupServiceBegin = (BTHNSLOOKUPSERVICEBEGIN)GetProcAddress(m_DLL, _T("BthNsLookupServiceBegin"))
pBthNsLookupServiceNext = (BTHNSLOOKUPSERVICENEXT )GetProcAddress(m_DLL, _T("BthNsLookupServiceNext"))
pBthNsLookupServiceEnd = (BTHNSLOOKUPSERVICEEND )GetProcAddress(m_DLL, _T("BthNsLookupServiceEnd"))
- pBthNsLookupServiceBegin = (BTHNSLOOKUPSERVICEBEGIN)GetProcAddress(m_DLL, _T("BthNsLookupServiceBegin"))
pBthNsLookupServiceNext = (BTHNSLOOKUPSERVICENEXT )GetProcAddress(m_DLL, _T("BthNsLookupServiceNext"))
pBthNsLookupServiceEnd = (BTHNSLOOKUPSERVICEEND )GetProcAddress(m_DLL, _T("BthNsLookupServiceEnd"))
Platform: |
Size: 4656128 |
Author: ybb_pub |
Hits:
Description: 我的开发环境
操作系统:windows xp professional + sp1a
编译器:visual c++.net 2003
由于操作系统的补丁太多,即使与我相同的系统也可能需要修改LoadLibrary、GetProcAddress、VirtualAlloc和"jmp esp"指令的地址。
请谨慎修改编译参数,修改参数可能导致修改程序。
请只编译release版,debug版无法正常执行。-My Development Environment operating system: windows xp professional+ sp1a compiler: visual c++. Net 2003 operating system patches as much, even if the same system and I may need to modify the LoadLibrary, GetProcAddress, VirtualAlloc, and " jmp esp" instruction address. Please modify careful compilation parameters, modify the parameters may lead to modify the program. Please only compile the release version, debug version not working properly.
Platform: |
Size: 48128 |
Author: jackson |
Hits:
Description: GetProcAddress Api Replacement Using Inline ASM
Platform: |
Size: 1024 |
Author: osman kemal |
Hits:
Description: 通过对PE的学习,实现了系统函数GetProcAddress()的功能,感兴趣的朋友可以下载来看看。有一定的借鉴价值。-Through the study of PE to achieve the system function GetProcAddress () function, and interested friends can download to see. A certain reference value.
Platform: |
Size: 9216 |
Author: majikang |
Hits:
Description: 获得Windows XP 内部版本号,vc++ MFC程序,通用分析PE格式,自己实现的GetProcAddress ,写壳会用到的东西-Windows XP build number vc++ MFC program, general analysis PE format, to achieve their own GetProcAddress write what shell will be used
Platform: |
Size: 24576 |
Author: 黄振荣 |
Hits:
Description: 通过对PE的学习,实现了系统函数GetProcAddress()的功能,感兴趣的朋友可以下载来看看。有一定的借鉴价值。-Through the study of PE to achieve the system function GetProcAddress () function, and interested friends can download to see. A certain reference value.
Platform: |
Size: 9216 |
Author: vvmsm269keb |
Hits:
Description: 通过对PE的学习,实现了系统函数GetProcAddress()的功能,感兴趣的朋友可以下载来看看。有一定的借鉴价值。-Through the study of PE to achieve the system function GetProcAddress () function, and interested friends can download to see. A certain reference value.
Platform: |
Size: 9216 |
Author: q4yxyyongyu |
Hits:
Description: Kernel getprocaddress
Platform: |
Size: 5018 |
Author: malpwn |
Hits: