при внедрении выдает ошибку и отправляет отчет на microsoft..проверьте пожалуйста код. внедряемая библиотека //--------------------------------------------------------------------------- #include <windows.h> #include <tlhelp32.h> #include "waasm_dll.h" //--------------------------------------------------------------------------- struct fr_jmp { BYTE PuhsOp; PVOID PushArg; BYTE RetOp; }; struct OldCode { DWORD One; WORD two; }; DWORD AdrCreateProcessA; OldCode OldCrp; fr_jmp JmpCrProcA; DWORD written; HANDLE CurrProc; //--------------------------------------------------------------------------- BOOL WINAPI Intercept_MessageBoxA(HWND, char *, char *, UINT); void StopThreads(void); void RunThreads(void); void SetHook(void); #pragma argsused int WINAPI DllEntryPoint(HINSTANCE hinst, unsigned long reason, void* lpReserved) { if (reason == DLL_PROCESS_ATTACH) { //останавливаем побочные нити StopThreads(); //устанавливаем перехват SetHook(); //запускаем нити RunThreads(); } return 1; } //--------------------------------------------------------------------------- void StopThreads() { DWORD CurrTh, CurrPr; HANDLE h,ThrHandle ; THREADENTRY32 Thread; CurrTh = GetCurrentThreadId(); CurrPr = GetCurrentProcessId(); h = CreateToolhelp32Snapshot(TH32CS_SNAPTHREAD, 0); if ( h != INVALID_HANDLE_VALUE) { Thread.dwSize = sizeof(Thread); for (bool loop = Thread32First(h, &Thread); loop; loop = Thread32Next(h, &Thread)) { if ((Thread.th32ThreadID != CurrTh) && (Thread.th32OwnerProcessID == CurrPr)) { ThrHandle = OpenThread(THREAD_SUSPEND_RESUME, false, Thread.th32ThreadID); if ( ThrHandle>0 ) { SuspendThread(ThrHandle); CloseHandle(ThrHandle); } } } CloseHandle(h); } } //--------------------------------------------------------------------------- void RunThreads() { DWORD CurrTh, CurrPr; HANDLE h,ThrHandle ; THREADENTRY32 Thread; CurrTh = GetCurrentThreadId(); CurrPr = GetCurrentProcessId(); h = CreateToolhelp32Snapshot(TH32CS_SNAPTHREAD, 0); if ( h != INVALID_HANDLE_VALUE) { Thread.dwSize = sizeof(Thread); for (bool loop = Thread32First(h, &Thread); loop; loop = Thread32Next(h, &Thread)) { if ((Thread.th32ThreadID != CurrTh) && (Thread.th32OwnerProcessID == CurrPr)) { ThrHandle = OpenThread(THREAD_SUSPEND_RESUME, false, Thread.th32ThreadID); if ( ThrHandle>0 ) { ResumeThread(ThrHandle); CloseHandle(ThrHandle); } } } CloseHandle(h); } } //--------------------------------------------------------------------------- void SetHook() { DWORD HKernel32, HUser32, bw; HANDLE CurrProc = GetCurrentProcess(); //получение адреса CreateProcessA AdrCreateProcessA = (DWORD)GetProcAddress(GetModuleHandle("kernel32.dll"), "CreateProcessA"); //инициализация структуры перехвата CreateProcessA JmpCrProcA.PuhsOp = 0x68; JmpCrProcA.PushArg = (DWORD)&intercept_MessageBoxA; JmpCrProcA.RetOp = 0xC3; //сохраняем старое начало функции ReadProcessMemory(CurrProc, (void*)AdrCreateProcessA, (void*)&OldCrp, sizeof(OldCode),&bw); //записываем новое начало CreateProcessA WriteProcessMemory(CurrProc, (void*)AdrCreateProcessA, (void*)&JmpCrProcA, sizeof(fr_jmp), &written); } //---------------------------------------------------------------------------- код внедрения //--------------------------------------------------------------------------- #include <windows.h> #include <tlhelp32.h> #pragma hdrstop struct Inject { BYTE PushCommand; DWORD PushArgument; WORD CallCommand; DWORD CallAddr; BYTE PushExitThread; DWORD ExitThreadArg; WORD CallExitThread; DWORD CallExitThreadAddr; DWORD AddrLoadLibrary; DWORD AddrExitThread; char LibraryName[MAX_PATH]; } cmds ; //--------------------------------------------------------------------------- #pragma argsused BOOL InjectDll(HANDLE,CHAR *); DWORD GetProcessID(char*); WINAPI WinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance, LPSTR lpCmdLine, int nCmdShow) { if (!InjectDll(OpenProcess(PROCESS_ALL_ACCESS,false, GetProcessID("notepad.exe") ),"wasm_dll.dll")) { MessageBox(0,"Hello ne explorer","title",0); } return 0; } //--------------------------------------------------------------------------- BOOL InjectDll(HANDLE Process,CHAR * ModulePath) { BYTE *Memory; DWORD Code; DWORD BytesWritten; DWORD ThreadId; HANDLE hThread; DWORD hKernel32; Memory = (BYTE*)VirtualAllocEx(Process, NULL, sizeof(cmds), MEM_COMMIT, PAGE_EXECUTE_READWRITE); if (Memory == NULL) return FALSE; Code = (DWORD)Memory; //инициализация внедряемого кода: cmds.PushCommand = 0x68; cmds.PushArgument = Code + 0x1E; cmds.CallCommand = 0x15FF; cmds.CallAddr = Code + 0x16; cmds.PushExitThread = 0x68; cmds.ExitThreadArg = 0; cmds.CallExitThread = 0x15FF; cmds.CallExitThreadAddr = Code + 0x1A; // hKernel32 = (DWORD)GetModuleHandle("kernel32.dll"); cmds.AddrLoadLibrary = (DWORD)GetProcAddress(GetModuleHandle("kernel32.dll"), "LoadLibraryA"); cmds.AddrExitThread = (DWORD)GetProcAddress(GetModuleHandle("kernel32.dll"), "ExitThread"); strcpy(cmds.LibraryName, ModulePath); //записать машинный код по зарезервированному адресу WriteProcessMemory(Process, Memory, &cmds, sizeof(cmds), &BytesWritten); //выполнить машинный код hThread = CreateRemoteThread(Process, NULL, 0, (unsigned long (__stdcall *)(void *))Memory, 0, 0, &ThreadId); if (hThread == 0) return FALSE; CloseHandle(hThread); return TRUE; } //-------------------------------------------------------------------------- DWORD GetProcessID(char* lpNameProcess) // в параметрах передаем имя процесса жертвы { HANDLE snap; PROCESSENTRY32 pentry32; snap=CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0); if(snap==INVALID_HANDLE_VALUE) return 0; pentry32.dwSize=sizeof(PROCESSENTRY32); if(!Process32First(snap,&pentry32)) {CloseHandle(snap);return 0;} do { if(!lstrcmpi(lpNameProcess,&pentry32.szExeFile[0])) { CloseHandle(snap); return pentry32.th32ProcessID; // вот наша жертва для внедрения кода;-) } }while(Process32Next(snap,&pentry32)); CloseHandle(snap); return 0; }