Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/anhkgg/SuperDllHijack
SuperDllHijack:A general DLL hijack technology, don't need to manually export the same function interface of the DLL, so easy! 一种通用Dll劫持技术,不再需要手工导出Dll的函数接口了
https://github.com/anhkgg/SuperDllHijack
dllhijack hook inject
Last synced: about 2 months ago
JSON representation
SuperDllHijack:A general DLL hijack technology, don't need to manually export the same function interface of the DLL, so easy! 一种通用Dll劫持技术,不再需要手工导出Dll的函数接口了
- Host: GitHub
- URL: https://github.com/anhkgg/SuperDllHijack
- Owner: anhkgg
- License: apache-2.0
- Created: 2018-11-29T09:01:50.000Z (about 6 years ago)
- Default Branch: master
- Last Pushed: 2021-11-10T14:40:55.000Z (about 3 years ago)
- Last Synced: 2024-08-02T09:29:11.658Z (4 months ago)
- Topics: dllhijack, hook, inject
- Language: C++
- Homepage:
- Size: 652 KB
- Stars: 881
- Watchers: 42
- Forks: 250
- Open Issues: 5
-
Metadata Files:
- Readme: README-zh_CN.md
- License: LICENSE
Awesome Lists containing this project
- awesome-hacking-lists - anhkgg/SuperDllHijack - SuperDllHijack:A general DLL hijack technology, don't need to manually export the same function interface of the DLL, so easy! 一种通用Dll劫持技术,不再需要手工导出Dll的函数接口了 (C++)
README
# SuperDllHijack
一种通用Dll劫持技术,不再需要手工导出Dll的函数接口了,so easy!
使用方法:
编写一个和劫持目标Dll同名的dll(如target.dll),原始dll改名为其他名字(如target.dll.1),在DllMain种调用SuperDllHijack接口完成劫持。
## 更新:
2020年4月4日
1. 修正x64获取peb的bug。感谢[@yves-yl](https://github.com/yves-yl)、[@kiwings](https://github.com/kiwings)、[@6769](https://github.com/6769)。**更多使用请看`example`代码。**
```
VOID DllHijack1(HMODULE hMod)
{
TCHAR tszDllPath[MAX_PATH] = { 0 };GetModuleFileName(hMod, tszDllPath, MAX_PATH);
PathRemoveFileSpec(tszDllPath);
PathAppend(tszDllPath, TEXT("target.dll.1"));SuperDllHijack(L"target.dll", tszDllPath);
}BOOL APIENTRY DllMain( HMODULE hModule,
DWORD ul_reason_for_call,
LPVOID lpReserved
)
{
switch (ul_reason_for_call)
{
case DLL_PROCESS_ATTACH:
DllHijack(hModule); break;
case DLL_THREAD_ATTACH:
case DLL_THREAD_DETACH:
case DLL_PROCESS_DETACH:
break;
}
return TRUE;
}
```技术细节请看博客:[https://anhkgg.com/dllhijack/](https://anhkgg.com/dllhijack/)
[https://mp.weixin.qq.com/s/Nx4C2mx94V9vhvU8Eqfobg](https://mp.weixin.qq.com/s/Nx4C2mx94V9vhvU8Eqfobg)
[https://bbs.pediy.com/thread-248050.htm](https://bbs.pediy.com/thread-248050.htm)# 支持作者
![img](pay.png)