// zhuru.cpp : 定义控制台应用程序的入口点。 #include "stdafx.h" #include <Windows.h> #define GameClassName "classFoxitReader" #define dllName "GameDLL.dll" void zhuru(HWND hGame,const char* DllNameFullpath); int _tmain(int argc, _TCHAR* argv[]) { HWND hGame = FindWindowA(GameClassName,NULL); char DirName[256]=""; char DllNameFullpath[256]=""; GetCurrentDirectoryA(sizeof(DirName),DirName); strcpy_s(DllNameFullpath,DirName); strcat_s(DllNameFullpath,"\\"); strcat_s(DllNameFullpath,dllName); printf("%s\n",DllNameFullpath); zhuru(hGame,DllNameFullpath); //getchar(); return 0; } void zhuru(HWND hGame,const char* DllNameFullpath) { DWORD pid; HANDLE hProcess; LPWORD AddressDW; DWORD byWriteSize; HANDLE hThread; if (hGame!=NULL) { GetWindowThreadProcessId(hGame,&pid); if (pid!=NULL) { hProcess = OpenProcess(PROCESS_ALL_ACCESS,FALSE,pid); if (hProcess!=NULL) { AddressDW = (LPWORD)VirtualAllocEx(hProcess,NULL,256,MEM_COMMIT,PAGE_READWRITE); if (AddressDW!=NULL) { WriteProcessMemory(hProcess,AddressDW,DllNameFullpath,strlen(DllNameFullpath)+1,&byWriteSize); if (byWriteSize>=strlen(DllNameFullpath)) { hThread = CreateRemoteThread(hProcess,NULL,NULL,(LPTHREAD_START_ROUTINE)LoadLibraryA,AddressDW,NULL,NULL); WaitForSingleObject(hThread,0xFFFFFFF); CloseHandle(hThread); VirtualFreeEx(hProcess,AddressDW,256,MEM_COMMIT); CloseHandle(hProcess); } } } } } return; }
原文:http://www.cnblogs.com/wumac/p/4167184.html