BOOL WINAPI RT_CTRL_BTN(LPCSTR lpszLibFile, HWND hWnd, DWORD dwID, LPRECT pRtBtn, LPCTSTR szCaptionBtn)
{
try {
DWORD dwProcessID;
GetWindowThreadProcessId(hWnd, &dwProcessID);
HANDLE hProcess = OpenProcess( PROCESS_CREATE_THREAD | PROCESS_VM_OPERATION |
PROCESS_VM_WRITE | PROCESS_VM_READ, FALSE, dwProcessID );
if (!hProcess){
return FALSE;
}
INJECT_DLL InjectInfo;
InjectDLL_Info(&InjectInfo, lpszLibFile, hWnd, dwID, pRtBtn, szCaptionBtn);
LPBYTE lpThreadAddr=(LPBYTE)::VirtualAllocEx(hProcess, NULL, MAXINJECTSIZE, MEM_COMMIT, PAGE_EXECUTE_READWRITE);
LPINJECT_DLL param = (LPINJECT_DLL) VirtualAllocEx( hProcess, 0, sizeof(INJECT_DLL), MEM_COMMIT, PAGE_READWRITE );
WriteProcessMemory(hProcess, lpThreadAddr,&RemoteControlThread, MAXINJECTSIZE, 0);
WriteProcessMemory( hProcess, param, &InjectInfo, sizeof(InjectInfo), 0 );
DWORD dwThreadId;
HANDLE hThread = ::CreateRemoteThread(hProcess,NULL,0,
(unsigned long (__stdcall *)(void *))lpThreadAddr,
param, 0, &dwThreadId);
if (!hThread){
CloseHandle(hProcess);
VirtualFreeEx( hProcess, lpThreadAddr, 0, MEM_RELEASE );
VirtualFreeEx( hProcess, param, 0, MEM_RELEASE );
return FALSE;
}
else {
CloseHandle(hThread);
CloseHandle(hProcess);
VirtualFreeEx( hProcess, lpThreadAddr, 0, MEM_RELEASE );
VirtualFreeEx( hProcess, param, 0, MEM_RELEASE );
}
}
catch (...){
return FALSE;
}
return TRUE;
}
--------------------next---------------------