进销存软件版1楼: 请问各位高手，我写了一个dll，想让系统rundll32.exe启动这个dll，该如何实现。虽然我知道那几种方式可以，但不知道怎么开头，请高手能给个例子。谢谢

2楼: 帮顶。。。。。。 如如何销售股票软件

3楼: 随便写即可.
rundll32.exe c:＼p.dll,fuck
其中fuck是你dll导出的过程名称

4楼: 帮顶!

http://www.source520.com

站长开发推广同盟 站长朋友的终极驿站
同时拥有海量源码电子经典书籍下载

http://www.source520.com/search/search.asp

＂编程.站长＂论坛搜索引擎-----为中国站长注入动力!

5楼: 收藏

我现在只能做到用explorer.exe启动自已的DLL

6楼: procedure FindAProcess(const AFilename: string; const PathMatch: Boolean; var ProcessID: DWORD);
var
lppe: TProcessEntry32;
SsHandle: Thandle;
FoundAProc, FoundOK: boolean;
begin
ProcessID :=0;
SsHandle := CreateToolHelp32SnapShot(TH32CS_SnapProcess, 0);
FoundAProc := Process32First(Sshandle, lppe);
while FoundAProc do
begin
if PathMatch then
FoundOK := AnsiStricomp(lppe.szExefile, PChar(AFilename)) = 0
else
FoundOK := AnsiStricomp(PChar(ExtractFilename(lppe.szExefile)), PChar(ExtractFilename(AFilename))) = 0;
if FoundOK then
begin
ProcessID := lppe.th32ProcessID;
break;
end;
FoundAProc := Process32Next(SsHandle, lppe);
end;
CloseHandle(SsHandle);
end;

function EnabledDebugPrivilege(const bEnabled: Boolean): Boolean;
var
hToken: THandle;
tp: TOKEN_PRIVILEGES;
a: DWORD;
const
SE_DEBUG_NAME = ＇＇SeDebugPrivilege＇＇;
begin
Result := False;
if (OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES, hToken)) then
begin
tp.PrivilegeCount := 1;
LookupPrivilegeValue(nil, SE_DEBUG_NAME, tp.Privileges[0].Luid);
if bEnabled then
tp.Privileges[0].Attributes := SE_PRIVILEGE_ENABLED
else
tp.Privileges[0].Attributes := 0;
a := 0;
AdjustTokenPrivileges(hToken, False, tp, SizeOf(tp), nil, a);

Result := GetLastError = ERROR_SUCCESS;
CloseHandle(hToken);
end;
end;
function AttachToProcess(const HostFile, GuestFile: string; const PID: DWORD = 0): DWORD;
var
hRemoteProcess: THandle;
dwRemoteProcessId: DWORD;
cb: DWORD;
pszLibFileRemote: Pointer;
iReturnCode: Boolean;
TempVar: DWORD;
pfnStartAddr: TFNThreadStartRoutine;
pszLibAFilename: PwideChar;
begin
Result := 0;
EnabledDebugPrivilege(True);
Getmem(pszLibAFilename, Length(GuestFile) * 2 + 1);
StringToWideChar(GuestFile, pszLibAFilename, Length(GuestFile) * 2 + 1);
if PID > 0 then
dwRemoteProcessID := PID
else
FindAProcess(HostFile, False, dwRemoteProcessID);
hRemoteProcess := OpenProcess(PROCESS_CREATE_THREAD + {ÔÊÐíÔ¶³Ì´´½¨Ïß³Ì}
PROCESS_VM_OPERATION + {ÔÊÐíÔ¶³ÌVM²Ù×÷}
PROCESS_VM_WRITE, {ÔÊÐíÔ¶³ÌVMд}
FALSE, dwRemoteProcessId);
cb := (1 + lstrlenW(pszLibAFilename)) * sizeof(WCHAR);
pszLibFileRemote := PWIDESTRING(VirtualAllocEx(hRemoteProcess, nil, cb, MEM_COMMIT, PAGE_READWRITE));
TempVar := 0;
iReturnCode := WriteProcessMemory(hRemoteProcess, pszLibFileRemote, pszLibAFilename, cb, TempVar);
if iReturnCode then
begin
pfnStartAddr := GetProcAddress(GetModuleHandle(＇＇Kernel32＇＇), ＇＇LoadLibraryW＇＇);
TempVar := 0;
Result := CreateRemoteThread(hRemoteProcess, nil, 0, pfnStartAddr, pszLibFileRemote, 0, TempVar);
end;
Freemem(pszLibAFilename);
end;
procedure TForm1.Button1Click(Sender: TObject);
begin
AttachToProcess(＇＇QQ.exe＇＇, ＇＇D:＼iNDS-Top＼Client＼NDSDLL.dll＇＇);
end;