📄 ntinjectorthread.cpp
字号:
//---------------------------------------------------------------------------
//
// NtInjectorThread.cpp
//
// SUBSYSTEM:
// API Hooking system
// MODULE:
// Implements a thread that uses an NT device driver
// for monitoring process creation
//
// DESCRIPTION:
//
// AUTHOR: Ivo Ivanov (ivopi@hotmail.com)
//
//---------------------------------------------------------------------------
#include "NtInjectorThread.h"
#include "Injector.h"
//---------------------------------------------------------------------------
//
// class CNtInjectorThread
//
//---------------------------------------------------------------------------
CNtInjectorThread::CNtInjectorThread(CRemThreadInjector* pInjector):
CNtProcessMonitor(),
m_pInjector(pInjector)
{
}
CNtInjectorThread::~CNtInjectorThread()
{
}
void CNtInjectorThread::OnCreateProcess(DWORD dwProcessId)
{
m_pInjector->InjectModuleInto(dwProcessId);
}
void CNtInjectorThread::OnTerminateProcess(DWORD dwProcessId)
{
//
// We shouldn't eject the module here, because the process
// already has been terminated, meaning that the DLL probably
// is unloaded or possibly the process is not running anymore.
//
}
//----------------------------End of the file -------------------------------⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -