本文整理自网络,侵删。
unit Unit1;
interface
uses
Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
Dialogs, StdCtrls;
type
TForm1 = class(TForm)
GroupBox1: TGroupBox;
Memo1: TMemo;
Button1: TButton;
Edit1: TEdit;
Label1: TLabel;
procedure Button1Click(Sender: TObject);
procedure FormCreate(Sender: TObject);
private
{ Private declarations }
public
{ Public declarations }
end;
var
Form1: TForm1;
implementation
{$R *.dfm}
function inmit(Handle:Cardinal; InmitCallName:Pointer):Cardinal;
var
ThreadID: Thandle;
ThreadAdd: Pointer;
Num:Cardinal;
begin
ThreadAdd := VirtualAllocEx(Handle,nil,4096,MEM_COMMIT{内存-委托},PAGE_EXECUTE_READWRITE{指该内存块具有可读写的权限}); //在目标进程建立内存空间
WriteProcessMemory(Handle,ThreadAdd,InmitCallName,4096,Num); //将要注入的CALL写到上面建立的内存空间中
Result := CreateRemoteThread(Handle,nil,0,ThreadAdd,nil,Create_SUSPENDED,ThreadID); //获得注入后线程的句柄
end;
procedure CallTest; //测试的CALL
var
Address:Pointer;
begin
Address := Pointer($005ACDB0) ; //武林205打坐CALL
asm
Pushad
CALL Address
Popad
end;
end;
procedure TForm1.Button1Click(Sender: TObject);
var
GHwnd:Hwnd;
HomeAdd:Thandle;
ProcessID:Cardinal;
OpProcID:Cardinal;
begin
GHwnd := FindWindow(nil,PChar(edit1.Text));
if GHwnd=0 then
begin
memo1.Lines.Text := '没有找到指定窗口!' + #10 + memo1.Lines.Text ;
exit;
end;
GetWindowThreadProcessID(GHwnd,OpProcID);
ProcessID := OpenProcess(PROCESS_ALL_ACCESS,FALSE,OpProcID);
HomeAdd := inmit(ProcessID,@CallTest);
ResumeThread(HomeAdd);
CloseHandle(ProcessID);
memo1.Lines.Text := '调用成功!' + #10 +memo1.Lines.Text ;
end;
procedure TForm1.FormCreate(Sender: TObject);
begin
memo1.Clear ;
end;
end.
相关阅读 >>
Delphi monthoftheyear、weekoftheyear、weekofthemonth、dayoftheyear … 相对时间
Delphi2010中字符串汇编需要注意的一点,以及支持2010的aes加密库
更多相关阅读请进入《Delphi》频道 >>
