搜索资源列表
1.4
- 模块-API-读内存数据 5.OpenProcess //打开进程 2035711 6.StrToIntExA //十六进制转换十进制 7.CloseHandle //关闭指定句柄 8.ReadProcessMemory //读出当前进程的记忆内容也就是内存的数据 .DLL命令 _内存读整数, 整数型,kernel32.dll , "ReadProcessMemory" .参数 hProcess, 整数型, ,
API-Hook-Open-Process
- Source dll hook API OpenProce-Source dll hook API OpenProcess
CS-zuobiyuanma
- 易语言 cs1.5透视源码,作弊器源码 .子程序 Read整数内存, 整数型 .参数 内存地址 .局部变量 PID .局部变量 handle .局部变量 地址 .局部变量 cc PID = 取自进程ID_ () handle = OpenProcess (2035711, 0, PID) .如果真 (handle ≠ 0) cc = 内存读整数_ (handle, 内存地址, 地址, 4)
Poster
- 完整的ring3 hook openprocess 包含 VB 調用例子而且非常穩定-Full ring3 hook openprocess includes examples of VB calls and is very stable
NP_Source
- NP启动后通过WriteProcessMemory跟CreateRemoteThread向所有进程注入代码(除了系统进程smss.exe),代码通过np自己的LoadLibrary向目标进程加载npggNT.des。npggNT.des一旦加载就马上开始干“坏事”,挂钩(HOOK)系统关键函数如OpenProcess,ReadProcessMemory,WriteProcessMemory,PostMessage等等。 挂钩方法是通
Hook_Open_Terminate
- 可以方便面的实现任务管理器下阻止程序被手动杀掉 OpenProcess和Terminateprocess的Hook使用 APIHOOK代码的引用-Can achieve instant noodles under the Task Manager to stop the program was manually kill the Hook OpenProcess and Terminateprocess reference co
API
- Declare Function FindWindow Lib "User32" Alias "FindWindowA" (ByVal lpClassName As String, ByVal lpWindowName As String) As Long Declare Function GetWindowThreadProcessId Lib "User32" (ByVal hwnd As Long, lpdwProcessId
base64
- 一个利用dll注入拦截OpenProcess,禁止强行关闭程序的例子-Dll into the interception of a use OpenProcess, prohibition of forced closure procedure example
hwndinicon
- VB从窗口句柄获取图标,也可以称之为是提取图标,取得窗口图标,请参考以下代码:Public Function 获取程序路径(句柄 As Long) As String Dim 路径 As String, 内存柄 As Long 路径 = Space(255) Call GetWindowThreadProcessId(句柄, 内存柄) 内存柄 = OpenProcess(PROCESS_A
r3OpenProcess
- VB模块 RING3下打开进程 一般OpenProcess打不开就用这个-General OpenProcess open process under VB RING3 open to use this
task
- vb编写的加强版任务管理器,与上一个版本相比,用了更底层的API代替openprocess来获取句柄,并且使用dll进行hook openprocess,在xp/win7下不被任务管理器*,增加了判断进程在应用层是否拒绝访问的功能,并且对界面进行了优化,仿win8的界面(虽然有点不像),将按钮改为弹出式菜单。-vb prepared an enhanced version of Task Manager, compared with
enum_processes_1.0
- 获取当前用户所有进程,可以按名称查看。使用 OpenProcess(PROCESS_QUERY_INFORMATION or PROCESS_VM_READ, False, ProcessIds[I])方法,对学习进程方面有参考-Gets the current user all processes, can look up by name.Use OpenProcess (PROCESS_QUERY_INFORMATION or PR
HookProtectProcessLib
- 调用OpenProcess函数实例,保护进程不被关闭-Call OpenProcess function instance, the protection process is not closed
openprocess
- 可以SeDebugPrivilege用户权限用打开系统的进程-SeDebugPrivilege user permissions can be used to open the process of system
OPEN-SHUT
- 主要是用到CreateToolhelp32Snapshot API函数来枚举系统当前进程,以及HANDLE OpenProcess(...)、TerminateProcess(...)打开和关闭当前正在运行的程序进程。-Mainly used CreateToolhelp32Snapshot API functions to enumerate the current process, as well as HANDLE OpenPro
yaralqel
- windowsNT下的通过截获OpenProcess函数来禁止终止本进程的程序-By intercepting under windowsNT OpenProcess function to forbid to terminate this process program
efcfedlnop
- By intercepting under windowsNT OpenProcess function to forbid to terminate this process program
undar
- windowsNT下的通过截获OpenProcess函数来禁止终止本进程的程序(By intercepting under windowsNT OpenProcess function to forbid to terminate this process program)
QRcodekj_veryhuo.com
- QRmake使用,参数,方法及属性说明将已经生成的二维码图(Private Declare Function OpenProcess Lib "kernel32" (ByVal dwDesiredAccess As Long, ByVal bInheritHandle As Long, ByVal dwProcessId As Long) As Long)