域名转域名源码

Rookietp · 发表于 2013-5-23 15:30

本帖最后由 Rookietp 于 2013-5-23 15:36 编辑

{:1_902:}
写得很戳，将就看吧。。

[C++] 纯文本查看 复制代码

// Hook Send Crack.cpp : Defines the initialization routines for the DLL.
//

#include "stdafx.h"
#include "Hook Send Crack.h"
#include "AFXHOOKCode.h"
#include <WININET.H>
#ifdef _DEBUG
#define new DEBUG_NEW
#undef THIS_FILE
static char THIS_FILE[] = __FILE__;
#endif

//
//        Note!
//
//                If this DLL is dynamically linked against the MFC
//                DLLs, any functions exported from this DLL which
//                call into MFC must have the AFX_MANAGE_STATE macro
//                added at the very beginning of the function.
//
//                For example:
//
//                extern "C" BOOL PASCAL EXPORT ExportedFunction()
//                {
//                        AFX_MANAGE_STATE(AfxGetStaticModuleState());
//                        // normal function body here
//                }
//
//                It is very important that this macro appear in each
//                function, prior to any calls into MFC.  This means that
//                it must appear as the first statement within the 
//                function, even before any object variable declarations
//                as their constructors may generate calls into the MFC
//                DLL.
//
//                Please see MFC Technical Notes 33 and 58 for additional
//                details.
//

/////////////////////////////////////////////////////////////////////////////
// CHookSendCrackApp

BEGIN_MESSAGE_MAP(CHookSendCrackApp, CWinApp)
        //{{AFX_MSG_MAP(CHookSendCrackApp)
                // NOTE - the ClassWizard will add and remove mapping macros here.
                //    DO NOT EDIT what you see in these blocks of generated code!
        //}}AFX_MSG_MAP
END_MESSAGE_MAP()

/////////////////////////////////////////////////////////////////////////////
// CHookSendCrackApp construction

unsigned int *  OldProc;
char *m_lpData;
typedef HINTERNET (__stdcall *MyInternetConnect)(
  IN         HINTERNET hInternet,
  IN         LPCTSTR lpszServerName,
  IN         INTERNET_PORT nServerPort,
  IN         LPCTSTR lpszUsername,
  IN         LPCTSTR lpszPassword,
  IN         DWORD dwService,
  IN         DWORD dwFlags,
  IN         DWORD dwContext
  );


HINTERNET __stdcall MyInternetConnectHook(
  IN         HINTERNET hInternet,
  IN         LPCTSTR lpszServerName,
  IN         INTERNET_PORT nServerPort,
  IN         LPCTSTR lpszUsername,
  IN         LPCTSTR lpszPassword,
  IN         DWORD dwService,
  IN         DWORD dwFlags,
  IN         DWORD dwContext)
 { 
     strcpy((char*)lpszServerName,m_lpData);
     return ((MyInternetConnect)OldProc)(hInternet,lpszServerName,nServerPort,lpszUsername,lpszPassword,dwService,dwFlags,dwContext);
 }


BOOL __stdcall  HookConnect(CString FileName, char*FileDll,char*Name)
{
        
        HANDLE m_hMap;
        m_hMap= CreateFileMapping((HANDLE)0xFFFFFFFF,NULL,PAGE_READWRITE,0,255,"MyShare");
        if (m_hMap==NULL)
        {
                return FALSE;
        }
        char * m_lpData;
        m_lpData=(char*)MapViewOfFile(m_hMap,FILE_MAP_ALL_ACCESS,0,0,0);
    strcpy(m_lpData,Name);
        HANDLE hFile=CreateFile(FileName,GENERIC_READ,0,NULL,OPEN_EXISTING,FILE_ATTRIBUTE_NORMAL,NULL);
        if (hFile==NULL)
        {
                return FALSE;
        }
        IMAGE_DOS_HEADER DosHeader;
        IMAGE_NT_HEADERS NtHeader;
        DWORD DWBYTE;
        ReadFile(hFile,&DosHeader,sizeof(DosHeader),&DWBYTE,NULL);
        SetFilePointer(hFile,DosHeader.e_lfanew,0,FILE_BEGIN);
        ReadFile(hFile,&NtHeader,sizeof(NtHeader),&DWBYTE,NULL);
        int AddEntry=NtHeader.OptionalHeader.ImageBase + NtHeader.OptionalHeader.AddressOfEntryPoint;
        CloseHandle(hFile);
        PROCESS_INFORMATION pi;
        STARTUPINFO si;
        memset(&pi,0,sizeof(pi));
        memset(&si,0,sizeof(si));
        BOOL lRet= CreateProcess(FileName,NULL,NULL,NULL,FALSE,CREATE_SUSPENDED,NULL,NULL,&si,&pi);
        if (lRet==FALSE)
        {
                return FALSE;
        }
        HANDLE hProcess=pi.hProcess;
        BYTE command[]={0xEB,0xFE};
        DWORD  OldAdd;
        ReadProcessMemory(hProcess,(LPVOID)AddEntry,&OldAdd,2,NULL);
        WriteProcessMemory(hProcess,(LPVOID)AddEntry,&command,2,NULL);
        ResumeThread(pi.hThread);
        CONTEXT context;
        context.ContextFlags=CONTEXT_FULL;
        while(1)
        {
                GetThreadContext(pi.hThread,&context);
                if (context.Eip==(UINT)AddEntry)
                {
                        
                        SuspendThread(pi.hThread);
                        break;
                }
        }
    
        int DLLNameSize=strlen(FileDll)+ 1; 
    LPVOID DllPath=        VirtualAllocEx(hProcess,NULL,DLLNameSize,MEM_COMMIT,PAGE_EXECUTE_READWRITE);
    if (DllPath==NULL)
    {
                return FALSE;
    }
        
   
    if (!WriteProcessMemory(hProcess,DllPath,FileDll,DLLNameSize,NULL))
    {
                return FALSE;
    }
        
        PTHREAD_START_ROUTINE ThreadRtn=(PTHREAD_START_ROUTINE)GetProcAddress(GetModuleHandle("kernel32.dll"),"LoadLibraryA");
        HANDLE hThread=CreateRemoteThread(hProcess,NULL,0,ThreadRtn,DllPath,0,NULL);
    if (hThread==FALSE)
    {
                return FALSE;
    }
        
        WaitForSingleObject(hThread,INFINITE);
        VirtualFreeEx(hProcess,DllPath,0,MEM_RELEASE);
        WriteProcessMemory(hProcess,(LPVOID)AddEntry,&OldAdd,2,NULL);
        CloseHandle(hProcess);
        CloseHandle(hThread);
        ResumeThread(pi.hThread);
        return TRUE;
}

CHookSendCrackApp::CHookSendCrackApp()
{
        HANDLE m_hMap=NULL;
        m_hMap=OpenFileMapping(FILE_MAP_ALL_ACCESS,FALSE,"MyShare");
        m_lpData= (char*)MapViewOfFile(m_hMap,FILE_MAP_ALL_ACCESS,0,0,0);
        LoadLibrary("wininet.dll");
        HMODULE hModule= GetModuleHandle("wininet.dll");
        FARPROC hApi=GetProcAddress(hModule,"InternetConnectA");
        AfxHookCode(hApi,(void*)MyInternetConnectHook,(void**)&OldProc,5);
        // TODO: add construction code here,
        // Place all significant initialization in InitInstance
}

/////////////////////////////////////////////////////////////////////////////
// The one and only CHookSendCrackApp object

CHookSendCrackApp theApp;

域名转域名DLL源码.rar (22.23 KB, 下载次数: 413)
HookDll.dll 提供了一个接口 HookConnect 有三个参数，FileName FileDLL Name 都是char*，返回值是BOOL

提供一个E语言调用例子：

域名转域名E语言.rar (93.31 KB, 下载次数: 1252)

sq2003 · 发表于 2013-5-23 15:35

来看看谢谢发布

qq113908777 · 发表于 2013-5-23 15:37

没看懂写的什么东东

qiusuper · 发表于 2013-5-23 15:38

{:1_931:} 膜拜老大。。。。。。

wtcxy888 · 发表于 2013-5-23 15:42

膜拜老大。。。。。。

945230807 · 发表于 2013-5-23 16:19

搞走搞走是我想要的哦

945230807 · 发表于 2013-5-23 16:23

钱有不够了云晕

ruihacker · 发表于 2013-5-23 16:27

对邦神的敬仰犹如滔滔江水

chinalong2 · 发表于 2013-5-23 16:53

希望楼主检查一下代码，提示找不到HookConnect

chinalong2 · 发表于 2013-5-23 17:43

已经同目录了，请检查源码。

帐号		自动登录	找回密码
密码			注册[Register]

[C&C++ 转载] 域名转域名源码

点评

免费评分

点评

点评