Posted on 2006-07-15 01:03
紫雨轩 C++ 阅读(630)
评论(0) 编辑 收藏 引用 所属分类:
Win32 SDK
DWORD Bind(HANDLE hProcess, PCTSTR ptzPath)
{
DWORD dwResult
=
0
;
PVOID pvRemote
=
NULL;
HANDLE hThread
=
NULL;
do
{
if
(hProcess
==
NULL)
{
dwResult
=
1
;
break
;
}
DWORD dwSize
=
(lstrlen(ptzPath)
+
1
)
*
sizeof
(TCHAR);
pvRemote
=
VirtualAllocEx(hProcess, NULL, dwSize, MEM_COMMIT, PAGE_READWRITE);
if
(pvRemote
==
NULL)
{
dwResult
=
2
;
break
;
}
if
(
!
WriteProcessMemory(hProcess, pvRemote, ptzPath, dwSize, NULL))
{
dwResult
=
3
;
break
;
}
PTHREAD_START_ROUTINE pfnLoadLibraryW
=
(PTHREAD_START_ROUTINE) GetProcAddress(GetModuleHandle(TEXT(
"
Kernel32.dll
"
)), STR_LoadLibrary);
if
(pfnLoadLibraryW
==
NULL)
{
dwResult
=
4
;
break
;
}
hThread
=
CreateRemoteThread(hProcess, NULL,
0
, pfnLoadLibraryW, pvRemote,
0
, NULL);
if
(hThread
==
NULL)
{
dwResult
=
5
;
break
;
}
WaitForSingleObject(hThread, INFINITE);
}
while
(FALSE);
if
(hThread)
{
CloseHandle(hThread);
}
if
(pvRemote)
{
VirtualFreeEx(hProcess, pvRemote,
0
, MEM_RELEASE);
}
if
(hProcess)
{
CloseHandle(hProcess);
}
return
dwResult;
}