DLL自卸载无模块注入源码

Directory: Network develop
Plat: EasyLanguage易语言
Size: 38KB
Downloads: 4
Upload time: 2017-12-02 19:09:39
Uploader: 额反反复复
Description:   Version 2 HFile = CreateFileA (strFileName, #GENERIC_READ, #FILE_SHARE_READ, 0, #OPEN_EXISTING, #FILE_ATTRIBUTE_NORMAL, 0) If true (hFile = -1) Return (false) If it is over PFileBuff = 0 NFileSize = GetFileSize (hFile, 0) If true (nFileSize = 0) Return (false) If it is over PFileBuff = VirtualAlloc (0, nFileSize, #MEM_COMMIT, #PAGE_EXECUTE_READWRITE) DwReadSize = 0 If true (ReadFile (hFile, pFileBuff, nFileSize, dwReadSize, 0) = false) Return (false) If it is over PBase = pFileBuff 'whether the judgment is PE P strong turn array [1] = forced conversion (pIDH, pFileBuff) If (pIDH.e_magic = 23117) Return (false) If it is over PTMP = PFileBuff read memory integer type (-1, PFileBuff60) P strong turn array [2] = forced conversion (pINH, PTMP) If (pINH.Signature = 17744) Return (false) If it is over DwMemSize = nFileSize PAllocMem = pFileBuff Forced conversion (pIDH, P strong turn array [1]) Forced conversion (pINH, P strong turn array [2]) Return to (true)

File list:
DLL自卸载无模块注入源码.e, 125760, 2017-01-13

Download users:

Relate files:

Comment: Add Comment

Favorite users: