Dll注入无法加载函数地址

Question

我正在尝试使用 C 中的 dll 注入来挂接键盘。当我在 KeyboardProc 函数上尝试 GetProcAddress 时，GetProcAddress return NULL 和 GetLastError returns 错误 131。之后我得到一个 DLL_PROCESS_DETACH。 windows 网站上写着：

ERROR_NEGATIVE_SEEK
131 (0x83)
An attempt was made to move the file pointer before the beginning of the file.

我不明白我的代码有什么问题。

我使用的喷油器：

#include <Windows.h>
#include <stdio.h>

int main(int argc, char *argv[])
{

    HMODULE dll = LoadLibrary((LPCSTR) "dll.dll");
    if (dll == NULL)
    {
        printf("The DLL could not be found.\n");
        FreeLibrary(dll);
        return -1;
    }
    printf("The DLL was found.\n");
    HOOKPROC addr = (HOOKPROC)GetProcAddress(dll, "KeyboardProc");
    if (addr == NULL)
    {
        printf("The function was not found.\n");
        FreeLibrary(dll);
        return -1;
    }
    printf("The function was  found.\n");
    HHOOK handle = SetWindowsHookEx(WH_KEYBOARD, addr, dll, 0);
    if (handle == NULL)
    {
        printf("The KEYBOARD could not be hooked.\n");
        FreeLibrary(dll);
    }

    printf("Program successfully hooked.\nPress enter to unhook the function and stop the program.\n");
    getchar();
    UnhookWindowsHookEx(handle);
    FreeLibrary(dll);

    return 0;
}

我正在使用的 dll：

#include <windows.h>
#include <stdio.h>

INT APIENTRY DllMain(HMODULE hDLL, DWORD Reason, LPVOID Reserved)
{

    switch (Reason)
    {
    case DLL_PROCESS_ATTACH:
        MessageBox(0, (LPCSTR) "DLL attach function called.", (LPCSTR) "Dll injection", MB_OK);
        break;
    case DLL_PROCESS_DETACH:
        MessageBox(0, (LPCSTR) "DLL detach function called.", (LPCSTR) "Dll injection", MB_OK);
        break;
    case DLL_THREAD_ATTACH:
        MessageBox(0, (LPCSTR) "DLL thread attach function called.", (LPCSTR) "Dll injection", MB_OK);
        break;
    case DLL_THREAD_DETACH:
        MessageBox(0, (LPCSTR) "DLL thread detach function called..", (LPCSTR) "Dll injection", MB_OK);

        break;
    }
    return TRUE;
}

extern __declspec(dllexport) LRESULT CALLBACK KeyboardProc(int code, WPARAM wParam, LPARAM lParam)
{
    if (code < 0)
    {
        return CallNextHookEx(NULL, code, wParam, lParam);
    }

    FILE *LOG;
    LOG = fopen("LOG.txt", "a+");
    if (wParam == WM_KEYDOWN)
    {
        fputs((char *)lParam, LOG);
        fclose(LOG);
    }
    return CallNextHookEx(NULL, code, wParam, lParam);
}

我正在使用 win10 和 mingw。注入器和dll都被编译成C.

Answer 1

问题很简单：

extern __declspec(dllexport) LRESULT CALLBACK KeyboardProc(int code, WPARAM wParam, LPARAM lParam)

很可能是在 cpp 文件中定义的，因此它是 C++ 函数。允许函数重载的 C++ 正在使用 name mangling，因此您的函数在一个名称下可见，该名称是重整的结果。

您必须强制它成为一个 C 函数，以便禁用名称修改。

因此添加 extern "C" 或使源代码具有 C 特定扩展名（将其编译为 C 代码）。您的代码是纯粹的 C.

Dll注入无法加载函数地址

Dll injection cant load a function address

c

dll

hook

dll-injection