DLL 注入有效,除非我在 Qt Creator 中编译它
DLL injection works, except when I compile it in Qt Creator
我的问题很简单,标题说明了一切。基本上,当我用 Visual Studio 2013 编译我的程序时,dll 注入工作得很好。当我在 Qt Creator 中编译完全相同的程序时,它没有。
我好像遇到了这个问题:Why does Qt not work with dll injection?
这是我的代码:
Injector.h
#ifndef INJECTOR_H_INCLUDED
#define INJECTOR_H_INCLUDED
#include <Windows.h>
#include <string>
class Injector
{
public:
/**
* Loads a DLL into the remote process
* @Return true on sucess, false on failure
*/
bool InjectDll(DWORD processId, std::string dllPath);
private:
};
#endif // INJECTOR_H_INCLUDED
Injector.cpp
#include "Injector.h"
bool Injector::InjectDll(DWORD processId, std::string dllPath)
{
HANDLE hThread, hProcess;
void* pLibRemote = 0; // the address (in the remote process) where szLibPath will be copied to;
HMODULE hKernel32 = GetModuleHandleA("Kernel32");
char DllFullPathName[_MAX_PATH];
GetFullPathNameA(dllPath.c_str(), _MAX_PATH, DllFullPathName, NULL);
printf("Loading dll: %s\n", DllFullPathName);
// Get process handle
hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, processId);
// copy file path in szLibPath
char szLibPath[_MAX_PATH];
strcpy_s(szLibPath, DllFullPathName);
// 1. Allocate memory in the remote process for szLibPath
pLibRemote = VirtualAllocEx(hProcess, NULL, sizeof(szLibPath), MEM_COMMIT, PAGE_READWRITE);
if (pLibRemote == NULL)
{
printf("Couldn't allocate memory, please restart with administrator privileges\n");
return false;
}
// 2. Write szLibPath to the allocated memory
WriteProcessMemory(hProcess, pLibRemote, (void*)szLibPath, sizeof(szLibPath), NULL);
// 3. Force remote process to load dll
hThread = CreateRemoteThread(hProcess, NULL, 0, (LPTHREAD_START_ROUTINE)GetProcAddress(hKernel32, "LoadLibraryA"), pLibRemote, 0, NULL);
if (hThread == NULL)
{
printf("Couldn't load DLL");
return false;
}
printf("Dll successfully loaded\n");
return true;
}
main.cpp
#include "injector.h"
int main(int argc, char *argv[])
{
Injector inject;
DWORD processId = 6224;
inject.InjectDll(processId, "MyDLL.dll");
system("pause");
}
这是 DLL(我在两种情况下使用相同的 DLL,我没有重新编译它):
#include <Windows.h>
#include <stdio.h>
BOOL APIENTRY DllMain(HANDLE hModule, DWORD ul_reason_for_call, LPVOID lpReserved)
{
switch (ul_reason_for_call)
{
case DLL_PROCESS_ATTACH:
AllocConsole();
freopen("CONOUT$", "w", stdout);
printf("base address: %X\n", (DWORD)GetModuleHandle(NULL));
break;
case DLL_PROCESS_DETACH:
FreeConsole();
}
return TRUE;
}
VS2013编译的程序正确注入了dll,而Qt Creator编译的程序说dll注入成功,但一直没有注入dll。
注意:我尝试注入的程序在两种情况下都是相同的,并且不是用 Qt 制作的。
编译器输出如下:
Visual Studio:
cl /c /Zi /W3 /WX- /sdl /O2 /Oi /Oy- /GL /D _CRT_SECURE_NO_WARNINGS /D
_MBCS /Gm- /EHsc /MD /GS /Gy /fp:precise /Zc:wchar_t /Zc:forScope /Fo"Release\" /Fd"Release\vc120.pdb" /Gd /TP /analyze-
/errorReport:prompt Injector.cpp main.cpp
Qt:
C:\Qt\Qt5.4.0\Tools\QtCreator\bin\jom.exe -f Makefile.Release cl -c
-nologo -Zm200 -Zc:wchar_t -FS -O2 -MD -Zc:strictStrings -GR -W3 -w34100 -w34189 -EHsc -DUNICODE -DWIN32 -DWIN64 -DQT_NO_DEBUG -DQT_CORE_LIB -DNDEBUG -I"C:\Qt\Qt5.4.0.4\msvc2013_64_opengl\include" -I"C:\Qt\Qt5.4.0.4\msvc2013_64_opengl\include\QtCore" -I"release" -I"." -I"C:\Qt\Qt5.4.0.4\msvc2013_64_opengl\mkspecs\win32-msvc2013" -Forelease\ @C:\Users\JFG\AppData\Local\Temp\injector.obj.7040.0.jom injector.cpp link /NOLOGO /DYNAMICBASE /NXCOMPAT /INCREMENTAL:NO
/SUBSYSTEM:CONSOLE "/MANIFESTDEPENDENCY:type='win32'
name='Microsoft.Windows.Common-Controls' version='6.0.0.0'
publicKeyToken='6595b64144ccf1df' language=''
processorArchitecture=''" /MANIFEST:embed
/OUT:release\test_dll_inection_qt.exe
@C:\Users\JFG\AppData\Local\Temp\test_dll_inection_qt.exe.7040.469.jom
如有任何帮助,我们将不胜感激。
问题是 Qt 在 64 位编译我的程序,而 visual studio 在 32 位编译它。
我仍然不确定为什么在 32 位目标中注入 32 位 dll 会因为 64 位注入器而失败,但现在我解决了我的问题...
我的问题很简单,标题说明了一切。基本上,当我用 Visual Studio 2013 编译我的程序时,dll 注入工作得很好。当我在 Qt Creator 中编译完全相同的程序时,它没有。
我好像遇到了这个问题:Why does Qt not work with dll injection?
这是我的代码:
Injector.h
#ifndef INJECTOR_H_INCLUDED
#define INJECTOR_H_INCLUDED
#include <Windows.h>
#include <string>
class Injector
{
public:
/**
* Loads a DLL into the remote process
* @Return true on sucess, false on failure
*/
bool InjectDll(DWORD processId, std::string dllPath);
private:
};
#endif // INJECTOR_H_INCLUDED
Injector.cpp
#include "Injector.h"
bool Injector::InjectDll(DWORD processId, std::string dllPath)
{
HANDLE hThread, hProcess;
void* pLibRemote = 0; // the address (in the remote process) where szLibPath will be copied to;
HMODULE hKernel32 = GetModuleHandleA("Kernel32");
char DllFullPathName[_MAX_PATH];
GetFullPathNameA(dllPath.c_str(), _MAX_PATH, DllFullPathName, NULL);
printf("Loading dll: %s\n", DllFullPathName);
// Get process handle
hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, processId);
// copy file path in szLibPath
char szLibPath[_MAX_PATH];
strcpy_s(szLibPath, DllFullPathName);
// 1. Allocate memory in the remote process for szLibPath
pLibRemote = VirtualAllocEx(hProcess, NULL, sizeof(szLibPath), MEM_COMMIT, PAGE_READWRITE);
if (pLibRemote == NULL)
{
printf("Couldn't allocate memory, please restart with administrator privileges\n");
return false;
}
// 2. Write szLibPath to the allocated memory
WriteProcessMemory(hProcess, pLibRemote, (void*)szLibPath, sizeof(szLibPath), NULL);
// 3. Force remote process to load dll
hThread = CreateRemoteThread(hProcess, NULL, 0, (LPTHREAD_START_ROUTINE)GetProcAddress(hKernel32, "LoadLibraryA"), pLibRemote, 0, NULL);
if (hThread == NULL)
{
printf("Couldn't load DLL");
return false;
}
printf("Dll successfully loaded\n");
return true;
}
main.cpp
#include "injector.h"
int main(int argc, char *argv[])
{
Injector inject;
DWORD processId = 6224;
inject.InjectDll(processId, "MyDLL.dll");
system("pause");
}
这是 DLL(我在两种情况下使用相同的 DLL,我没有重新编译它):
#include <Windows.h>
#include <stdio.h>
BOOL APIENTRY DllMain(HANDLE hModule, DWORD ul_reason_for_call, LPVOID lpReserved)
{
switch (ul_reason_for_call)
{
case DLL_PROCESS_ATTACH:
AllocConsole();
freopen("CONOUT$", "w", stdout);
printf("base address: %X\n", (DWORD)GetModuleHandle(NULL));
break;
case DLL_PROCESS_DETACH:
FreeConsole();
}
return TRUE;
}
VS2013编译的程序正确注入了dll,而Qt Creator编译的程序说dll注入成功,但一直没有注入dll。
注意:我尝试注入的程序在两种情况下都是相同的,并且不是用 Qt 制作的。
编译器输出如下:
Visual Studio:
cl /c /Zi /W3 /WX- /sdl /O2 /Oi /Oy- /GL /D _CRT_SECURE_NO_WARNINGS /D _MBCS /Gm- /EHsc /MD /GS /Gy /fp:precise /Zc:wchar_t /Zc:forScope /Fo"Release\" /Fd"Release\vc120.pdb" /Gd /TP /analyze- /errorReport:prompt Injector.cpp main.cpp
Qt:
C:\Qt\Qt5.4.0\Tools\QtCreator\bin\jom.exe -f Makefile.Release cl -c -nologo -Zm200 -Zc:wchar_t -FS -O2 -MD -Zc:strictStrings -GR -W3 -w34100 -w34189 -EHsc -DUNICODE -DWIN32 -DWIN64 -DQT_NO_DEBUG -DQT_CORE_LIB -DNDEBUG -I"C:\Qt\Qt5.4.0.4\msvc2013_64_opengl\include" -I"C:\Qt\Qt5.4.0.4\msvc2013_64_opengl\include\QtCore" -I"release" -I"." -I"C:\Qt\Qt5.4.0.4\msvc2013_64_opengl\mkspecs\win32-msvc2013" -Forelease\ @C:\Users\JFG\AppData\Local\Temp\injector.obj.7040.0.jom injector.cpp link /NOLOGO /DYNAMICBASE /NXCOMPAT /INCREMENTAL:NO /SUBSYSTEM:CONSOLE "/MANIFESTDEPENDENCY:type='win32' name='Microsoft.Windows.Common-Controls' version='6.0.0.0' publicKeyToken='6595b64144ccf1df' language='' processorArchitecture=''" /MANIFEST:embed /OUT:release\test_dll_inection_qt.exe @C:\Users\JFG\AppData\Local\Temp\test_dll_inection_qt.exe.7040.469.jom
如有任何帮助,我们将不胜感激。
问题是 Qt 在 64 位编译我的程序,而 visual studio 在 32 位编译它。
我仍然不确定为什么在 32 位目标中注入 32 位 dll 会因为 64 位注入器而失败,但现在我解决了我的问题...