public static void CloseWechat(InjectResult injectResult) { LogHelper.LogUtil.WXHOOKSERVICE.InfoFormat("injectResult.PInfo.hProcess: [{0}], injectResult.AllocMemAddressOfWeDll: [{1}], injectResult.DwSize: [{2}]", injectResult.PInfo.hProcess, injectResult.AllocMemAddressOfWeDll, injectResult.DwSize); VirtualFreeEx(injectResult.PInfo.hProcess, injectResult.AllocMemAddressOfWeDll, injectResult.DwSize, 0x8000); //uint i = 0; //GetExitCodeProcess(injectResult.PInfo.hProcess, ref i); CloseHandle(injectResult.PInfo.hProcess); //CloseHandle(injectResult.PInfo.hThread); }
/// <summary> /// 注入WeDll.dll /// </summary> /// <returns>返回 WeChat 进程ID</returns> public static InjectResult InjectWeDll() { string dllName = "WeDll.dll"; uint dllLength = (uint)((dllName.Length + 1) * Marshal.SizeOf(typeof(char))); PROCESS_INFORMATION pInfo = OpenWechat(); int wechatProcessID = pInfo.dwProcessId; //var wechatWindow = WechatWindowExsits(wechatProcess.Id, "登录"); //下面开始注入 WeDll.dll 到 WeChat if (wechatProcessID > 0) { //获取 WeChat 进程的处理权限 IntPtr procHandle = OpenProcess(PROCESS_CREATE_THREAD | PROCESS_QUERY_INFORMATION | PROCESS_VM_OPERATION | PROCESS_VM_WRITE | PROCESS_VM_READ, false, wechatProcessID); if (procHandle == IntPtr.Zero) { throw new Exception("Geting the handle of the process with required privileges failed!"); } //取得 LoadLibraryA 在 kernek32.dll 中地址 IntPtr loadLibraryAddr = GetProcAddress(GetModuleHandle("kernel32.dll"), "LoadLibraryA"); if (loadLibraryAddr == IntPtr.Zero) { throw new Exception("Searching for the address of LoadLibraryA and storing it in a pointer failed!"); } //申请内存空间 IntPtr allocMemAddress = VirtualAllocEx(procHandle, IntPtr.Zero, dllLength, MEM_COMMIT | MEM_RESERVE, PAGE_READWRITE); if (allocMemAddress == IntPtr.Zero) { throw new Exception("Apply memory space failed!"); } //写内存 UIntPtr bytesWritten; bool writeProcessMemory = WriteProcessMemory(procHandle, allocMemAddress, Encoding.UTF8.GetBytes(dllName), dllLength, out bytesWritten); if (!writeProcessMemory) { throw new Exception("Write memory failed!"); } //创建远程线程 IntPtr createRemoteThread = CreateRemoteThread(procHandle, IntPtr.Zero, 0, loadLibraryAddr, allocMemAddress, 0, IntPtr.Zero); if (createRemoteThread == IntPtr.Zero) { throw new Exception("Create the remote thread for WeDll failed!"); } LogHelper.LogUtil.WXHOOKSERVICE.InfoFormat("Injected WeDll successfully!"); InjectResult injectResult = new InjectResult() { PInfo = pInfo, AllocMemAddressOfWeDll = allocMemAddress, DwSize = dllLength }; return(injectResult); } else { throw new Exception("Does not found WeChat window!"); } }