隱藏DLL

先來推廣一下QQ群：61618925。歡迎各位愛好編程的加入。

在外掛或者病毒中，經常需要隱藏掉自己注入的DLL，以免被發現。下面就是一個隱藏DLL的通用模塊，用的時候只需要加入到相關模塊中即可。

詳細代碼如下：

<iostream>

  HideModule( **PEB =*Ldr =*Flink =*p =*BaseAddress =*FullDllName =

        mov eax,fs:[=
    Ldr = *((DWORD **)((unsigned  *)PEB + 
    Flink = *((DWORD **)((unsigned  *)Ldr + == *((DWORD **)((unsigned  *)p + = *((DWORD **)((unsigned  *)p +  ((DWORD*)hMod ==**((DWORD **)(p + )) = (DWORD)*((DWORD ***(*((DWORD **)p) + ) = (DWORD)*((DWORD **)(p + = *((DWORD ** (Flink !== *((DWORD **)((unsigned  *)Ldr + == *((DWORD **)((unsigned  *)p + = *((DWORD **)((unsigned  *)p +  (BaseAddress == (DWORD ***((DWORD **)(p + )) = (DWORD)*((DWORD ***(*((DWORD **)p) + ) = (DWORD)*((DWORD **)(p + = *((DWORD ** (Flink !== *((DWORD **)((unsigned  *)Ldr + == *((DWORD **)((unsigned  *)p + = *((DWORD **)((unsigned  *)p +  (BaseAddress == (DWORD ***((DWORD **)(p + )) = (DWORD)*((DWORD ***(*((DWORD **)p) + ) = (DWORD)*((DWORD **)(p + = *((DWORD ** (Flink != main( argc,  ** 

用我之前博客中的進程管理器查看本進程的DLL，可以發現找不到相應的DLL。