Location:
Search - dll hook inject
Search list
Description: 我在XP下用过detour,也是用钩子将dll注入到其他进程进行API拦截,当时拦截的是 ShowWindow以及文件操作的一些API,感觉没什么问题阿.你可以先用Detour拦截一下其他的API试试,比如 CreateProcess,这个API我拦截过,Detour能拦截的
-I used the XP detour. also used to hook dll injected into other processes API interception, then intercept the ShowWindow and some file manipulation API, A feeling no problems. You can use Detour to intercept a few other API try. For example CreateProcess, I intercept the API that can intercept the Detour
Platform: |
Size: 2048 |
Author: byron |
Hits:
Description: 注入DLL到进程,hook游戏成功的例子-Injected DLL into the process, hook examples of successful games
Platform: |
Size: 344064 |
Author: 是啊 |
Hits:
Description: 与inject.rar程序配套的,注入到第三方进程中的程序,用来实现hook第三方指定API的功能-Matching procedures and inject.rar injected into third-party process procedures, used to hook a third party to achieve the specified API function
Platform: |
Size: 2417664 |
Author: 安丙春 |
Hits:
Description: | |
| 实现原理: |
| 锁定 Ctrl+Alt+Del 使用远程线程、代码注入及子类化技术 |
| 其它键盘消息使用普通钩子技术 |
| |
| 本模块向 VB 程序员展示远程线程、代码注入等似乎被列入 |
| 只有Delphi、VC程序员才可能使用的技术,同时目前诸多木马 |
| 也同样大量使用这些技术。注入的方式比 Dll 钩入更加隐蔽。 |
| 注入后无进程、无文件
-| | | Principle: | | lock Ctrl+ Alt+ Del the use of remote threads, code injection and sub-class technology | | other information using an ordinary keyboard hook technology | | | | of the module to the VB programmer to display the remote thread, code seem to be included into the | | only Delphi, VC programmers could use the technology, while at present many Trojan | | is also large-scale use of these technologies. Dll injection than hook into the more hidden. | | Inject no process, no file
Platform: |
Size: 14336 |
Author: kidy |
Hits:
Description: 一个DLL库,帮助你通过独立线程inject并Hook其他程序.对有兴趣做系统编程的朋友很有价值.-A DLL library to help you inject through independent threads and other procedures Hook. The interest has to do system programming friend of great value.
Platform: |
Size: 7168 |
Author: jiang |
Hits:
Description: XPoker Bot AI analysis. Hook / dll inject into process and send fake keyboard / mouse messages.-XPoker Bot AI analysis. Hook/dll inject into process and send fake keyboard/mouse messages.
Platform: |
Size: 211968 |
Author: Daemn |
Hits:
Description: 本文从难易程度上主要分三块详细介绍:一.用户模式Hook:IAT-hook,Dll-inject 二.内核模式Hook:ssdt-hook,idt-hook,int 2e/sysenter-hook 三.Inline Function Hook -In this paper, Difficulty Level 3 detail the main points: 1. User Mode Hook: IAT-hook, Dll-inject 2. Kernel-mode Hook: ssdt-hook, idt-hook, int 2e/sysenter-hook 3. Inline Function Hook
Platform: |
Size: 14336 |
Author: lee |
Hits:
Description: 一个TXT记事本的键盘消息钩子,可以钩住所有的打开的TXT,实现无法键盘输入功能-TXT message notepad keyboard hook, you can hook all the open TXT, no keyboard input to achieve
Platform: |
Size: 17009664 |
Author: YuMy |
Hits:
Description: 注入DLL是做全局钩子或者拦截类软件都有可能用到的技术,如果做外挂的话我们也有可能需要注入一个DLL到游戏进程中去干点什么“坏事”。 但我们知道现在要注入DLL是越来越难了。-Into the global hook DLL is doing or have the potential to intercept class software technology used, so if we do plug-in may need to inject a DLL into the game process to what to do with " bad." But we know now is more and more difficult to inject a DLL.
Platform: |
Size: 4096 |
Author: wwe |
Hits:
Description: 使用代码注入来实现进程隐藏 而不是使用DLL注入来实现进程隐藏
没有什么高级技术 纯体力活 原理就不说了 只是没有通过DLL注入 来实现HOOK API
纯粹注入代码 邪恶二进制上 也有个代码注入的 只是用了一个未公开的函数,我还看不懂
本来想用汇编写的 发现汇编注入代码远比C注入代码来的繁 所以用C实现了
主要功能就是 隐藏进程 不过RING3的似乎没多大用 练习而已-Use code injection to achieve the process of hide instead of using DLL injection process to achieve the advanced technology hidden no principle of pure manual labor is not said is not achieved through DLL injection into the code is purely evil HOOK API also has a binary code injection is used an undisclosed function, I can not understand originally wanted to write in assembly code than the C found to inject into the assembly code to the prosperity it achieved with the C main function is to hide the process, however, seems not much RING3 only with practice
Platform: |
Size: 4096 |
Author: 张做像 |
Hits:
Description: d3d8thk.dll 这是一份dll劫持源码,很多外挂都是通过dll劫持来注入到游戏中,,VS2005编写的,,编译绝对没问题!-This is a dll hijack d3d8thk.dll source, a lot of plug-hijacked through dll to inject into the game,, VS2005 prepared, compiled absolutely no problem!
Platform: |
Size: 7168 |
Author: 胡小 |
Hits:
Description: API钩子系统一般框架
通常,我们把拦截API的调用的这个过程称为是安装一个API钩子(API Hook)。一个API钩子基本是由两个模块组成:一个是钩子服务器(Hook Server)模块,一般为EXE的形式;一个是钩子驱动器(Hook Driver)模块,一般为DLL的形式。
钩子服务器主要负责向目标进程注入钩子驱动器,使得钩子驱动器运行在目标进程的地址空间中,这是关键的第一步,而钩子驱动器则负责实际的API拦截处理工作,以便在我们所关心的API函数调用的之前或之后能做一些我们所希望的工作。一个比较常见的API钩子的例子就是一些实时翻译软件(像金山词霸)中必备的的功能:屏幕抓词。它主要是对一些Win32 API中的GDI函数进行了拦截,获取它们的输入参数中的字符串,然后在自己的窗口中显示出来。
针对上述关于API钩子的两个部分,有以下两点需要我们重点考虑的: 选用何种DLL注入技术,以及采用何种API拦截机制。
本篇文章来源于 黑基网-中国最大的网络安全站点 原文链接:file:///C:/Documents 20and 20Settings/jingtianzi/桌面/最新资料/黑客编程:hook系统函数-学院-黑基网.mht-General framework for API hook system
Usually, we called this process intercept API calls is to install an API hook (API Hook,). An API hooks basically consists of two modules: one is the hook server (Hook, Server) module, generally in the form of EXE a hook drive (Hook Driver) module, generally in the form of a DLL.
Hook server is mainly responsible to the target process inject hook driver device, hook-driven devices running on the target process address space, a critical first step, while the hook-driven device is responsible for the actual API to intercept processing so that in we are concerned with API functions before or after the call to do something we want. Example of a common API hook is some real-time translation software (such as necessary.) Function: screen grab word. It is mainly to intercept some of the Win32 API GDI functions to obtain the string in the input parameters, and then displayed in its own window.
For the two parts of the API hook, the following two ke
Platform: |
Size: 555008 |
Author: 刘永 |
Hits:
Description: 外挂作坊所有的注入例程,有分层注入,钩子注入,连环注入,输入法注入,网络注入,线程注入,新进程注入,注入内存DLL对于新手提高有帮助-Plug workshops injection routine, stratified injection hook into comic injected input method injection network inject threads into the new process injection, inject memory DLL for the novice to improve
Platform: |
Size: 35840 |
Author: 张俊 |
Hits:
Description: 将dll注入一个进程,用来hook。本人亲自测试过,可用-Dll will inject a process that is used to hook. I personally tested, available
Platform: |
Size: 43008 |
Author: andy |
Hits:
Description: 别类的的注入方法实现 (解析PE结构写入目标DLL)-othe inject HOOK
Platform: |
Size: 4096 |
Author: 任晓枫 |
Hits:
Description: 哈弗曼加密程序 哈弗曼加密程序--Plug workshops injection routine, stratified injection hook into comic injected input method injection network inject threads into the new process injection, inject memory DLL for the novice to improve
Platform: |
Size: 289792 |
Author: mggdx |
Hits:
Description: dll注入模板,支持3种方式
远程线程注入 hook键盘注入-dll inject spanel
Platform: |
Size: 16384 |
Author: yanfeng |
Hits:
Description: 一个DLL库,帮助你通过独立线程inject并Hook其他程序.对有兴趣做系统编程的朋友很有价值.-A DLL library to help you inject through independent threads and other procedures Hook. The interest has to do system programming friend of great value.
Platform: |
Size: 8192 |
Author: zzeee601leii941 |
Hits:
Description: 使用到的工具 IDA6.0 LordPE C32Asm
由于自己写了个MemoryLoader注入所以一开始考虑的是找不到hyxd.exe进程导致的注入失败
后修改为FindWindow通过窗口标题注入进程也无法正常使用 于是打开IDA 分析DLL流程(DLL Hook FindWindowA)
Platform: |
Size: 2448384 |
Author: 城主呐 |
Hits:
Description: 软件用于在频道内自动给刚刚进入频道的游客上马甲,适合所有类型YY频道,上马甲可选择临时嘉宾/嘉宾/会员/红马/皇马。软件操作快速,一秒最多可上5个号,使用YY开发平台调用API代码,DLL置入程序,挂机操作更加稳定。
1、手动打开YY频道
2、打开频道后软件自动载入卡马甲界面
3、开马甲可以选嘉宾-绿马-蓝马-粉马-红马-黄马
4、下载天黑黑应用程序并打开软件会自动注入工具
5、卡马甲途中请勿推出频道,否则失败,软件由dll注入(The software is used to automatically give a visitor to the channel on the channel. It is suitable for all types of YY channels. The upper vest can choose a temporary guest / guest / Member / red horse / Real Madrid. The software operates fast, and can be up to 5 at a second. The API code is invoked by the YY development platform, and the DLL is put into the program. The hook operation is more stable.
1, open the YY channel manually
2. After opening the channel, the software will automatically load the card vest interface.
3, can choose the yellow horse vest guest greenhorse Lanma - - - - red horse horse powder
4, download the dark application and open the software will automatically inject tools.
5, please do not launch the channel on the way of the card. Otherwise, the software will be injected by DLL.)
Platform: |
Size: 1362944 |
Author: Zyy1 |
Hits: