因此,我试图在测试过程中注入调试dll,该注入成功后会显示“ hello world”:
PS:我正在使用C ++ / CLI从界面启动我的C ++脚本。
hello.dll
// dllmain.cpp : Defines the entry point for the DLL application.
#include "pch.h"
#include <windows.h>
BOOL APIENTRY DllMain(HMODULE hModule,
DWORD reason,
LPVOID lpReserved
)
{
if (reason == DLL_PROCESS_ATTACH)
MessageBox(NULL, L"HELLO WORLD", L"INFO", NULL);
return TRUE;
}
下面是我的代码部分,它使用此dll,在目标进程中分配内存,将dll路径写入后一个分配的空间。然后调用LoadLibraryA从路径运行DLL。但是,当我在注入DLL的同时将vstudio调试器附加到目标进程时,它在LoadLibraryA函数处崩溃,并显示错误:
ntldll.dll rangechecks out of range access
PSS:调用堆栈仅包含ntdll.dll函数
注入代码:
char* dll_path = "C:/some_path/hello.dll";
HANDLE h_process = OpenProcess(PROCESS_ALL_ACCESS, NULL, debug_app_id);
HANDLE allocatedMemory = VirtualAllocEx(h_process, 0, MAX_PATH, MEM_RESERVE | MEM_COMMIT, PAGE_READWRITE);
WriteProcessMemory(h_process, allocatedMemory, dll_path, strlen(dll_path) + 1, nullptr);
HANDLE h_thread = CreateRemoteThread(h_process, 0, 0, (LPTHREAD_START_ROUTINE)LoadLibraryA, allocatedMemory, 0, 0);//crashes here
cout << "Success!" << endl;
cout << endl;
cout << "Cleaning..." << endl;
CloseHandle(h_process);//dropping process handle
VirtualFreeEx(h_process, allocatedMemory, NULL, MEM_RELEASE);//release pointed to memory
有什么想法吗?
EDIT:当我尝试分配内存时,我得到了System.AccessViolationException: 'Attempted to read or write protected memory. This is often an indication that other memory is corrupt
提前感谢。