- void HideDll()
- {
- HMODULE hMod = ::GetModuleHandle("MyHook.dll");
- PLIST_ENTRY Head,Cur;
- PPEB_LDR_DATA ldr;
- PLDR_MODULE ldm;
- __asm
- {
- mov eax , fs:[0x30]
- mov ecx , [eax + 0x0c] //Ldr
- mov ldr , ecx
- }
- Head = &(ldr->InLoadOrderModuleList);
- Cur = Head->Flink;
- do
- {
- ldm = CONTAINING_RECORD( Cur, LDR_MODULE, InLoadOrderModuleList);
- //printf("EntryPoint [0x%X]\n",ldm->BaseAddress);
- if( hMod == ldm->BaseAddress)
- {
- ldm->InLoadOrderModuleList.Blink->Flink =
- ldm->InLoadOrderModuleList.Flink;
- ldm->InLoadOrderModuleList.Flink->Blink =
- ldm->InLoadOrderModuleList.Blink;
- ldm->InInitializationOrderModuleList.Blink->Flink =
- ldm->InInitializationOrderModuleList.Flink;
- ldm->InInitializationOrderModuleList.Flink->Blink =
- ldm->InInitializationOrderModuleList.Blink;
- ldm->InMemoryOrderModuleList.Blink->Flink =
- ldm->InMemoryOrderModuleList.Flink;
- ldm->InMemoryOrderModuleList.Flink->Blink =
- ldm->InMemoryOrderModuleList.Blink;
- break;
- }
- Cur= Cur->Flink;
- }while(Head != Cur);
- }
MFC 改变窗口类名
1,改变窗口类名:比如:MyClassName是自己想设置的类名
方法:打开资源视图,右击外挂窗口,属性改掉ClassName属性,若它为灰色,右击.rc文件改mfc Mode属性为false,再改
2,改变后在CTestCpp中的InitInstance()注册该窗口类名
WNDCLASS wc;
// 获取窗口类信息。MFC默认的所有对话框的窗口类名为 #32770
::GetClassInfo(AfxGetInstanceHandle(), _T("#32770"), &wc);
// 改变窗口类名
wc.lpszClassName = _T("MyClassName");
// 注册新窗口类,使程序能使用它
AfxRegisterClass(&wc);
AfxRegisterClass(&wc);
