#include <windows.h>
char pNew[8] = {0}
char pOld[8] = {0}
HMODULE hModu = NULL
DWORD dwOldApi = 0
void HookApiOn(char* pDllName, char* pApiName,FARPROC pFunc)
{
DWORD dwOld = 0
DWORD flag = 0
hModu = LoadLibrary(pDllName)
dwOldApi = (DWORD)GetProcAddress(hModu,pApiName)
VirtualProtect((LPVOID)dwOldApi,5,PAGE_READWRITE,&dwOld)
char*p = (char*)dwOldApi
DWORD dd = (DWORD)pFunc - dwOldApi -5 //jmp lebel:5个字稿毕节
pNew[0] = 0xE9
*(DWORD*)&(pNew[1]) = dd
ReadProcessMemory(GetCurrentProcess(),(LPVOID)dwOldApi,(LPVOID)pOld,5,&flag)
//memcpy((void*)pOld,(const void*)dwOldApi,5)
WriteProcessMemory(GetCurrentProcess(),(LPVOID)dwOldApi,(LPVOID)pNew,5,&flag)
VirtualProtect((LPVOID)dwOldApi,5,dwOld,NULL)
return
}
void HookApiOff()
{
DWORD dwOld = 0
DWORD flag = 0
VirtualProtect((LPVOID)dwOldApi,5,PAGE_READWRITE,&dwOld)
WriteProcessMemory(GetCurrentProcess(),(LPVOID)dwOldApi,(LPVOID)pOld,5,&flag)
VirtualProtect((LPVOID)dwOldApi,5,dwOld,NULL)
return
}
void _stdcall my_MessageBoxW( HWND hWnd ,LPCWSTR lpText,LPCWSTR lpCaption,UINT uType)
{
HookApiOff()
if(IDNO == MessageBoxW(NULL,L"程序非法调用了MessageBoxW函数,是否阻止?",L"提示",MB_YESNO))
MessageBoxW(hWnd,lpText,lpCaption,uType)
HookApiOn("user32.dll","MessageBoxW",(FARPROC)my_MessageBoxW)
}
void InstallAllHook()
{
HookApiOn("user32.dll","MessageBoxW",(FARPROC)my_MessageBoxW)
return
}
BOOL APIENTRY DllMain( HANDLE hModule,
DWORD ul_reason_for_call,
LPVOID lpReserved
)
{
switch(ul_reason_for_call)
{
case DLL_PROCESS_ATTACH:
InstallAllHook()
break
}
return TRUE
//.exe实现进程注入的代码:<此处注入到任务管理器中>
#include <windows.h>
#include <stdio.h>
#define Dll_Name "F:\\workspqce\山搭\Jmp_Hook\\Debug\\jmp_dll.dll"
BOOL EnablePrivilege()
{
HANDLE hToken = NULL
if(OpenProcessToken(GetCurrentProcess(),TOKEN_ADJUST_PRIVILEGES,&hToken))
{
TOKEN_PRIVILEGES tkp= {0}
LookupPrivilegeValue( NULL,SE_DEBUG_NAME,&tkp.Privileges[0].Luid )//修改进程权限
tkp.PrivilegeCount=1
tkp.Privileges[0].Attributes=SE_PRIVILEGE_ENABLED
AdjustTokenPrivileges( hToken,FALSE,&tkp,sizeof tkp,NULL,NULL )//通知系统修改进程权限
return( (GetLastError()==ERROR_SUCCESS) )
}
return FALSE
}
BOOL InjectDll(DWORD dwProcessId)
{
HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS,FALSE,dwProcessId)
if(!hProcess)
return FALSE
LPVOID pszDllName = VirtualAllocEx(hProcess,NULL,strlen(Dll_Name)+1,MEM_COMMIT,PAGE_READWRITE)
if(!pszDllName)
return FALSE
if(!WriteProcessMemory(hProcess,pszDllName,Dll_Name,strlen(Dll_Name),NULL))
return FALSE
PTHREAD_START_ROUTINE tsr = (PTHREAD_START_ROUTINE)GetProcAddress(GetModuleHandle(TEXT("kernel32.dll")),"LoadLibraryA")
if(!tsr)
return FALSE
HANDLE hRemote = CreateRemoteThread(hProcess,NULL,0,tsr,pszDllName,0,NULL)
if(!hRemote)
return FALSE
WaitForSingleObject(hRemote,INFINITE)
VirtualFreeEx(hProcess,pszDllName,strlen(Dll_Name)+1,MEM_RELEASE)
return true
}
int main()
{
DWORD dwProcessId = 0
HWND hWindow = FindWindow(NULL,"Windows 任务管理器")
GetWindowThreadProcessId(hWindow,&dwProcessId)
if(EnablePrivilege())
InjectDll(dwProcessId)
return 0
}
vc++#include "stdio.h"
#include "stdlib.h"
#include "string.h"
typedef struct node /*创建PCB*/
{ char name[10] /*进程标识*/
int prio /*进程优先数*/
int cputime/*进程占用CPU时间*/
int needtime/*进程完成所需时间*/
int count /*计数器*/
char state/*进程的状态*/
struct node *next/*链指针*/
}PCB
PCB *finish,*ready,*tail,*run
int N
firstin() /*创建就绪队念颤列对头指针*/
{
run=ready
run->state='R'激型
ready=ready->next
}
void prt(char algo) /*演示进程调度*/
{
PCB *p
printf(" NAME CPUTIME NEEDTIME PRIORITY STATUS\n")
if(run!=NULL)
printf(" %-10s%-10d%-10d%-10d %c\n",run->name,
run->cputime,run->needtime,run->prio,run->state)
p=ready
while(p!=NULL)
{ printf(" %-10s%-10d%-10d%-10d %c\n",p->name,
p->cputime,p->needtime,p->prio,p->state)
p=p->next
}
p=finish
while(p!=NULL)
{ printf(" %-10s%-10d%-10d%-10d %c\n",p->name,
p->cputime,p->needtime,p->prio,p->state)
p=p->next
}
getch()
}
insert(PCB *q)
{
PCB *p1,*s,*r
int b
s=q
p1=ready
r=p1
b=1
while((p1!=NULL)&&b)
if(p1->prio>=s->prio)
{
r=p1
p1=p1->明高猜next
}
else
b=0
if(r!=p1)
{
r->next=s
s->next=p1
}
else
{
s->next=p1
ready=s
}
}
void create(char alg) /*创建各个进程*/
{
PCB *p
int i,time
char na[10]
ready=NULL
finish=NULL
run=NULL
for(i=1i<=Ni++)
{
p=malloc(sizeof(PCB))
printf("Enter NAME of process:\n")
scanf("%s",na)
printf("Enter TIME of process(less than 50):\n")
scanf("%d",&time)
strcpy(p->name,na)
p->cputime=0
p->needtime=time
p->state='w'
p->prio=50-time /*假设优先级与耗时之和为50*/
if(ready!=NULL)
insert(p)
else
{
p->next=ready
ready=p
}
}
clrscr()
printf(" DISPLAY OF THE PROGRESS:\n")
printf("************************************************\n")
prt(alg)
run=ready
ready=ready->next
run->state='R'
}
priority(char alg) /*优先级算法调度*/
{
while(run!=NULL&&run->prio>=0)
{
run->cputime=run->cputime+1
run->needtime=run->needtime-1
run->prio=run->prio-3
if(run->needtime==0)
{
run->next=finish
finish=run
run->state='F'
run=NULL
if(ready!=NULL)
firstin()
}
else
if((ready!=NULL)&&(run->prio<ready->prio))
{
run->state='W'
insert(run)
firstin()
}
prt(alg)
}
}
main()
{ char algo
clrscr()
loop:printf("Enter THE TOTAL NUMBER of PCB(less than 10 is better):\n")
scanf("%d",&N)
if(N>10)
{printf("it's too big,and select a small number.\n")
goto loop}
create(algo)
priority(algo)
}
holp you like!
学名密钥盘,是当下软件保护的最好办法,有专门的外包供应商,在中国比较专业的例如飞天诚信,其盘能乎胡袭存储私钥,私钥不可导出。一般内部有硬件实现的哈希算法很公钥算法,能签名,校验岁兄,非常安全。在软件运行时不做氏停监测密钥盘的存在,并校验口令。换句话说,是软件就能破解,包括这种方式,就看破解成本的大小。可以修改程序完全绕过密钥盘。
软件保护的终极形态是把算法固化为硬件,灌参数运行。
另外在线激活是个不错的身份授权方式
欢迎分享,转载请注明来源:内存溢出
微信扫一扫
支付宝扫一扫
评论列表(0条)