[2021]微软的dll搜索源码 huoji 微软,windows Xp 2021-12-09 642 次浏览 0 次点赞 from windows XP ```cpp BOOL IsSvcInjected(DWORD dwPid) { HANDLE hProcess; HMODULE hMods[1024]; BOOL res = FALSE; hProcess = OpenProcess(PROCESS_QUERY_INFORMATION | PROCESS_VM_READ, FALSE, dwPid); if (hProcess != NULL) { DWORD dwSize; // search through all loaded modules and see if we are injected if (EnumProcessModules(hProcess, hMods, sizeof(hMods), &dwSize)) { DWORD n; for (n = 0; n < (dwSize / sizeof(HMODULE)); n++) { WCHAR wszModName[MAX_PATH]; if (GetModuleBaseNameW(hProcess, hMods[n], wszModName, sizeof(wszModName) / sizeof(WCHAR))) { if (_wcsicmp(wszModName, SBIEDLL L".dll") == 0) { res = TRUE; break; } } } } // if (EnumProcessModules()) CloseHandle(hProcess); } // if (OpenProcess()) return res; } ``` 本文由 huoji 创作,采用 知识共享署名 3.0,可自由转载、引用,但需署名作者且注明文章出处。 点赞 0
还不快抢沙发