I want to unload a DLL from another process. Is it possible? If yes, how to do that? (I m using Win32 API)
非常感谢。
Yes, this is possible. It is called DLL ejection and is featured by some DLL injectors. The way a DLL is usually loaded is via LoadLibrary and it is subsequently unloaded via FreeLibrary. FreeLibrary takes only one parameter which is a handle to the module to be unloaded. If you injected the DLL in the first place, you should be able to find this very easily. Otherwise there are ways of obtaining the handle such as CreateToolHelp32Snapshot with further enumeration with Module32First/Module32Next. Suppose you have obtained the handle through some means, then the steps to eject the DLL are simple:
FreeLibrary with GetProcAddress. This address will match the one for the same function in the target because of how Windows works.lpStartAddress as the address of FreeLibrary, and with lpParameter as the module s handle给LL的注射有几条警示。
DLL ejection should be avoided with general. If the library wants to have the option of being freed, it should supply some interface which users can access it through which eventually calls FreeLibraryAndExitThread.
如果你需要这方面的一个密码例子,我写了一名电子驾驶员,作为我过去在C所写的注射器的一部分。 我可以找寻,但从许多年前就发现,法典的质量不大可能好。
你们不想这样做。
“Loading” DL远不止是开启(和锁定)档案。 当非关税壁垒装载商开始起诉时,它处理所有以图像(直接)为参照的DVDLs,并安装功能电话线(即:装载DLLs,称DL初步化法等)。
卸载DL意味着,你需要停止装上你的DLL的所有过程,装载新的DLL,并完成N级装载器的所有作业。 当然,卸载和重载DL需要恢复原有的DLL状态(初始变数等),这一行动在Win32没有具体规定。
背景资料见article onMSDN and this 。 根据MSJ的Hood条款。
简短回答: 无,是不可能的。
Win32 don t 提供APIC,以卸载另一个过程的DLL。 如果一个图书馆被意外解冻,这一进程将失败。 这造成了严重的安全漏洞,因为它打破了程序保护机制。
如果你能够修改这两个过程,你可以修改申请,增加图书馆的例行手续,并允许其他申请发出信息。
相反,当进程试图在这一天援引职能时,我会想改变所要求的职能。 我知道这在理论上是可能的。
这将意味着记忆bit缩,并知道这些职能点的存放地点,但可以轻易找到所有这些地点(秘密地管理着这样做),如果它们使用矿石,则会更加困难,即使它们很难用点码,但现在没有人这样做。 那么,你可以提出自己的法典,即(理想)淡化他们所掩盖的职能,但实际上没有做任何事情。 他们很可能必须投放到这一进程中,这样,你就能够不知情地工作,不发生任何故障。
I ve been used to thinking that WM_CREATE is the first message a window receives. However, when testing this assumption on a top-level window, it turns out to be false. In my test, WM_MINMAXINFO ...
In winsock, both the sync recv and the async WSARecv complete as soon as there is data available in a stream socket, regardless of the size specified (which is only the upper limit). This means that ...
I created a self-signed certificate (created using OpenSSL) and installed it into the Certificate Store using the Certificates MMC snap-in (CertMgr.msc) on Windows Vista Ultimate. I have managed to ...
I m trying to get a call to EnumThreadWindows working, but I always get a Wrong Parameter-Error, although my code is nearly the same as this example on pinvoke.net. I don t know why this doesn t work: ...
folks can you provide me the tutorial link or .pdf for learning basic COM?. i do google it.. still i recommend answers of stackoverflow so please pass me.. Thanks
HI I m trying to create an application in the Win32 environment containing more than one window. How do i do that? all the Win32 Tutorials on web i found only showed how to manage one window. How do i ...
It seems that when a thread is created from within DllMain upon DLL_PROCESS_ATTACH it won t begin until all dll s have been loaded. Since I need to make sure the thread runs before I continue, I get a ...
Is it possible to set the DPI of an application programmatically or the DPI only possible to set through the system preference? Note: My application s GUI is coded in MFC and .NET forms. Update: ...