½Ã½ºÅÛ ÇØÅ·

 1575, 8/79 ȸ¿ø°¡ÀÔ  ·Î±×ÀΠ 
   wlgns5721
   dllÀÎÁ§¼ÇÀÌ ¿Ö ¾ÈµÇ´Â °É±î¿ä....

http://www.hackerschool.org/HS_Boards/zboard.php?id=QNA_system&no=1819 [º¹»ç]


ÄÚµå´Â ¸®¹ö½ºÄھ ÀÖ´Â ¼Ò½ºÀÔ´Ï´Ù.

BOOL InjectDll(DWORD dwPID, LPCTSTR szDllName)
{
        HANDLE hProcess, hThread;
        LPVOID pRemoteBuf;
        DWORD dwBufSize = lstrlen(szDllName) + 1;
        LPTHREAD_START_ROUTINE pThreadProc;

        if (!(hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, dwPID)))
                return FALSE;

        pRemoteBuf = VirtualAllocEx(hProcess, NULL, dwBufSize, MEM_COMMIT, PAGE_READWRITE);

        WriteProcessMemory(hProcess, pRemoteBuf, (LPVOID)szDllName, dwBufSize, NULL);

        pThreadProc = (LPTHREAD_START_ROUTINE)GetProcAddress(GetModuleHandle(L"kernel32.dll"), "LoadLibraryA");
        hThread = CreateRemoteThread(hProcess, NULL, 0, pThreadProc, pRemoteBuf, 0, NULL);
        WaitForSingleObject(hThread, INFINITE);

        CloseHandle(hThread);
        CloseHandle(hProcess);

        return TRUE;
}

µð¹ö±ëÀ» Çغ» °á°ú OpenProcess(), virtualAllocEx(), WriteProcessMemory(), GetProcAddress(), CreateRemoteThread() ÇÔ¼öµé ÀüºÎ 0À» ¸®ÅÏÇÏÁö ¾Ê°í Á¤»óÀûÀ¸·Î ½ÇÇàÀÌ µÇ´Â°ÍÀ» È®ÀÎÇß½À´Ï´Ù. ±×·±µ¥ ¸·»ó procexp¸¦ ÅëÇؼ­ dllÀÎÁ§¼ÇµÇ¾ú´ÂÁö È®ÀÎÀ» Çغ¸¸é ÀüÇô µÇÁö°¡ ¾Ê³×¿ä.... µµµ¥Ã¼ ¹«¾ùÀÌ ¹®Á¦Àϱî¿ä? ¤Ð¤Ð dllÀÎÁ§ÅͶû Ÿ°Ù µÑ´Ù 32bitÀÔ´Ï´Ù.  ¸®¹ö½ºÄھ ÀÖ´Â ÄÚµå¶û Â÷ÀÌÁ¡À» ¸»ÇÏÀÚ¸é dllÆÄÀÏÀÇ °æ·Î¶û, GetModuleHandle("kernel32.dll")¿¡¼­ LÀ» ºÙ¿©¼­ GetModuleHandle(L"kernel32.dll")·Î ¹Ù²Û°ÍÀÔ´Ï´Ù...

µµµ¥Ã¼ ¿Ö ¾ÈµÇ´Â °É±î¿ä ¤Ð¤Ð
  Hit : 3120     Date : 2016/08/30 01:39


    
1435   rop gadgetãÀ» ¶§....[1]     vngkv123
 03/30 2512
1434   °í¼ö´Ôµé²² Áú¹®ÇÕ´Ï´Ù.[2]     pwnnnt
 03/30 2555
1433   64ºñÆ® bof°ü·ÃÁú¹®[3]     vngkv123
 03/28 3155
1432   ROP GOT overwriteÀÇ strcpyÁú¹®.. lob fedora hell_fire[6]     vngkv123
 03/26 2786
1431   RTL±â¹ý Áú¹®[6]     vngkv123
 03/23 2712
1430   µµ¿ÍÁÖ¼¼¿ä ´ëÇб³¼ö´ÔµéÇÑÅ× ¹°¾îºÁµµ ÀÌ»óÇÏ°Ô ´äº¯ÇØÁÖ¼¼¿ä ¤Ð.[1]     morieye
 03/14 2737
1429   ¶óÀ̺귯¸®ÆÄÀÏ »ç¿ë[1]     exqa123
 02/05 2952
1428   FC10 1¹ø¹®Á¦     exqa123
 01/24 2651
1427   shellcode Áú¹®µå¸³´Ï´Ù.[1]     bong93
 01/07 2534
1426   socat, µð¹ö±ë[3]     choboKing
 12/31 2836
1425   32ºñÆ® ¸®´ª½º ¸ÅÁ÷°¡Á¬[2]     choboKing
 12/31 4159
1424   peda context view ¿À·ù[2]     choboKing
 12/22 3328
1423   ¶óÀ̺귯¸® ÇÔ¼öÀÇ ÁÖ¼Ò°¡ ÀÌ»óÇØ¿ä[codegate2014 nuclear][4]     choboKing
 12/17 3488
1422   __libc_start_main¿¡ ´ëÇØ ¿©Â庾´Ï´Ù.[2]     choboKing
 12/14 3197
1421   ½© Äڵ带 ¹è¿ì°í½ÍÀºµ¥ ¾î¶²Áö½ÄÀÌÀÖ¾î¾ßÇϳª¿ä?[4]     morieye
 12/14 2793
1420   Ä«Åå ÆäÅå ÇØÅ·,Ä«Åå³»¿ªÁ¶È¸,Ä«ÅåÇØÅ·,»èÁ¦ÇÑÄ«Åå³»¿ªº¹±¸,½ºÆÄÀ̾Û,     wlslwlstm
 11/25 3965
1419   °øÀ¯¶óÀ̺귯¸®¿¡ ´ëÇØ ¿©Â庾´Ï´Ù.     iwonderhow
 10/07 2718
1418   ¾Ç¼ºÄÚµå ºÐ¼®...[1]     dreadlo
 09/27 3260
  dllÀÎÁ§¼ÇÀÌ ¿Ö ¾ÈµÇ´Â °É±î¿ä....     wlgns5721
 08/30 3119
1416   ÇØÅ·/µðµµ½º/¹é½Å¿ìȸÂÊ °°ÀÌ ¿¬±¸ÇϽø鼭 ¼ºÀåÇϽǺР±¸ÇÕ´Ï´Ù. Áö½Ä¾ø¾îµµµÊ [2]     yoyo1234
 08/21 3692
[1][2][3][4][5][6][7] 8 [9][10]..[79]

Copyright 1999-2025 Zeroboard / skin by Hackerschool.org / Secure Patch by Hackerschool.org