Description: 本程序显示桌面所有图标的标题。代码示范了如何使用VirtualAlloc(),WriteProcessMemory() 和 ReadProcessMemory() 在不同的进程中分配内存。用Windows的消息获得图标的名称。- This program display tabletop all charts sign title. How did
the code demonstrate has used VirtualAlloc (), WriteProcessMemory ()
and ReadProcessMemory () assigned the memory in the different
advancement. Obtains the chart sign with the Windows news the name.
Platform: |
Size: 9216 |
Author:周磊 |
Hits:
Description: 通过hook的方式的方式来写内存的例子:通常这一技术使用在外挂和内存注册机中,对初学hook的朋友有一定价值-hook through the modalities of the way to write the memory examples : Typically, the technology used in store and memory RI, on the hook when a friend has a certain value Platform: |
Size: 90112 |
Author:Alan |
Hits:
Description: 实现可执行程序的自删除功能,程序运行结束后自动删除可执行程序文件,在 vc6和vc8直接编译就行。用到了 shellcode,老外写的,我把文件删除的功能提取了出来。另外用到 CreateProcess,
WriteProcessMemory等函数。学习进程和shellcode很不错的例子。-Executable programs to achieve self-delete function, the program automatically delete after running the executable program file, in vc6 and vc8 direct the compiler will do. Used in the shellcode, written by a foreigner, I delete the function of the document extracted out. In addition to use CreateProcess, WriteProcessMemory such function. Shellcode learning process and a good example. Platform: |
Size: 34816 |
Author:nulng |
Hits:
Description: 收集几款VC++代码注入程序,不同时期的都有,通过这些示例你会明白如何将代码注入不同的进程地址空间,随后在该进程的上下文中执行注入的代码。这里主要是三种方法:
1、Windows 钩子
2、CreateRemoteThread 和 LoadLibrary 技术 ——进程间通信
3、CreateRemoteThread 和WriteProcessMemory 技术
——如何用该技术子类化远程控件
——何时使用该技术-Collection of several VC++ code into the process, have different periods, through these examples you will understand how to code the process into a different address space, and then in the process into the context of the implementation of the code. Here are mainly three methods: 1, Windows hook 2, CreateRemoteThread and LoadLibrary technology- the process of communication 3, CreateRemoteThread and WriteProcessMemory technology- how to use the technology sub-class of remote control- when to use the technology Platform: |
Size: 48128 |
Author:300 |
Hits:
Description: VB多线程游戏修改器源程序,在vb6下编译通过,含有一个测试程序。程序主要是利用readprocessmemory+writeprocessmemory,多线程部分用了予心居的tls方法的代码,感觉比较稳定,程序现在还是个半成品,不过已经实现了游戏修改器的最基本的功能,还有注入到进程内部之类的功能。
-Multi-threaded games modify VB source code browser, compiler of the vb6 passed, contains a test procedure. Procedure is to use the main readprocessmemory+ writeprocessmemory, part of multi-threaded to the heart using the methods of home tls code, feel more stable, the program is still a semi-finished products, but has been modified to achieve the game' s most basic functions, there is injected into the processes such as internal functions. Platform: |
Size: 1413120 |
Author:huanhuan |
Hits:
Description: 本程序显示桌面所有图标的标题。代码示范了如何使用VirtualAlloc(),WriteProcessMemory() 和 ReadProcessMemory() 在不同的进程中分配内存。用Windows的消息获得图标的名称。
-This program displays all the desktop icons title. Code demonstrates how to use VirtualAlloc (), WriteProcessMemory () and ReadProcessMemory () in a different process to allocate memory. Windows, the icon with the name of the message received. Platform: |
Size: 9216 |
Author:zhengjun |
Hits:
Description: 使用WriteProcessMemory函数将DLL的路径名写入到远程进程的内存空间-WriteProcessMemory function using the DLL path name to write to remote process memory space Platform: |
Size: 164864 |
Author:小路 |
Hits:
Description: WriteProcessMemory function using the DLL path name to write to remote process memory space Platform: |
Size: 2048 |
Author:fefegf |
Hits:
Description: 冒險島外掛製做的一個演示,當中hProcess為進程 以WriteProcessMemory寫入內存,可用CheatEngine來檢視欲寫入的Bytes,然後反向寫進去,例如 12 34 即可寫成&H3412 後面還有個&HXXXXX 那是欲寫入數據的Addre-Adventure Island, making a demonstration plug-in which hProcess WriteProcessMemory for the process to write memory, available to view CheatEngine
To write Bytes, and then back into it, such as 1234 can be written as & H3412 & HXXXXX after that there are a desire to write data that is
Address Platform: |
Size: 22528 |
Author:kea |
Hits:
Description: 跨进程内存读取.通常,跨进程读写内存,用到ReadProcessMemory, WriteProcessMemory, 但需要进程句柄,如果目标进程受到保护,可能获得进程句柄会失败.不同的进程的虚拟地址被映射到了物理内存中不同的页面.每个进程的虚拟地址的范围是相同的,但是实际的映射却是物理内存内中的不同部分.假如我们直接读取目标进程的虚拟地址映射的物理地址,是否可以达到预期的要求.当然这是肯定的,!-Cross-process memory read. In general, cross-process access to memory, use ReadProcessMemory, WriteProcessMemory, but need the process handle, if the target process is protected, you may get the process handle will fail. Different process' s virtual address is mapped to the physical different pages in memory. each process' s virtual address range is the same, but the actual physical memory map is within the different parts. If we read the target process directly to the virtual address mapping the physical address, can achieve expected demand. Of course, this is certain,! Platform: |
Size: 693248 |
Author:qiurun |
Hits:
Description: 向其他进程注入代码
目录:
●导言
●Windows 钩子(Hooks)
●CreateRemoteThread 和LoadLibrary 技术
○进程间通讯
●CreateRemoteThread 和 WriteProcessmemory 技术
○如何使用该技术子类(SubClass)其他进程中的控件
○什-Into the code to other processes
Directory:
● Introduction
● Windows hook (Hooks)
● CreateRemoteThread and LoadLibrary Technology
○ inter-process communication
● CreateRemoteThread and WriteProcessmemory Technology
○ How to use the technology subclass (SubClass) the control of other processes
What ○
Platform: |
Size: 245760 |
Author:魍酆 |
Hits: