Цитата:
Сообщение от bmzproject
help me pintblank.exe I do not, please help me.
I have a file on you?
|
use createmutex method from nakonation, with Native Entry Point Injection from EasyHook source code doc
Код:
HANDLE WINAPI hCreateMutex(LPSECURITY_ATTRIBUTES lpMutexAttributes, BOOL bInitialOwner, LPCSTR lpName) {
const char* filter = "Global";
if(strncmp(lpName, filter, strlen(filter)) != 0) {
//try call original kernel function from virtual dll stub (minwin kernel)
typedef HANDLE (*TCreateMutexA)(LPSECURITY_ATTRIBUTES, BOOL, LPCSTR);
TCreateMutexA oCreateMutex = (TCreateMutexA)GetProcAddress(GetModuleHandleA("api-ms-win-core-synch-l1-1-0.dll"), "CreateMutexA");
return oCreateMutex;
}
return nullptr;
}
you have to create a DLL with method that will be injected, the method above, and then a .exe file that will inject this DLL into Process, both examples are inside EasyHook documents