我用远程线程注入成功了,然后DllMain里面只执行了第一句,后面的都没反应,怎么回事?
Dll是用VB6的插件写的Private Declare Function GetCurrentProcessId Lib "kernel32" () As Long
Private Declare Function TerminateProcess Lib "kernel32" (ByVal hProcess As Long, ByVal uExitCode As Long) As Long
Private Declare Function OpenProcess Lib "kernel32" (ByVal dwDesiredAccess As Long, ByVal bInheritHandle As Long, ByVal dwProcessId As Long) As Long
Private Const PROCESS_ALL_ACCESS = &H1F0FFF
Private Const DLL_PROCESS_DETACH = 0 '动态链接库从进程的地址空间卸出时
Private Const DLL_PROCESS_ATTACH = 1 '动态链接库第一次插入进程的地址空间时
Private Const DLL_THREAD_ATTACH = 2 '新线程生成
Private Const DLL_THREAD_DETACH = 3 '线程销毁
Public Function DLLMain(ByVal hInstDLL As Long, ByVal fdwReason As Long, ByVal lpwReserved As Long) As Long
If fdwReason = DLL_PROCESS_ATTACH Then
Dim hProcess As Long
hProcess = OpenProcess(PROCESS_ALL_ACCESS, False, GetCurrentProcessId)
TerminateProcess hProcess, 0
DLLMain = 1
Else
DLLMain = 0
End If
End FunctionSub Main()End Sub
Dll是用VB6的插件写的Private Declare Function GetCurrentProcessId Lib "kernel32" () As Long
Private Declare Function TerminateProcess Lib "kernel32" (ByVal hProcess As Long, ByVal uExitCode As Long) As Long
Private Declare Function OpenProcess Lib "kernel32" (ByVal dwDesiredAccess As Long, ByVal bInheritHandle As Long, ByVal dwProcessId As Long) As Long
Private Const PROCESS_ALL_ACCESS = &H1F0FFF
Private Const DLL_PROCESS_DETACH = 0 '动态链接库从进程的地址空间卸出时
Private Const DLL_PROCESS_ATTACH = 1 '动态链接库第一次插入进程的地址空间时
Private Const DLL_THREAD_ATTACH = 2 '新线程生成
Private Const DLL_THREAD_DETACH = 3 '线程销毁
Public Function DLLMain(ByVal hInstDLL As Long, ByVal fdwReason As Long, ByVal lpwReserved As Long) As Long
If fdwReason = DLL_PROCESS_ATTACH Then
Dim hProcess As Long
hProcess = OpenProcess(PROCESS_ALL_ACCESS, False, GetCurrentProcessId)
TerminateProcess hProcess, 0
DLLMain = 1
Else
DLLMain = 0
End If
End FunctionSub Main()End Sub
你Beep一个,没声说明执行不了