Hey, this question is mostly aimed at the Toymaker. i found this source in your "Tutorial Requests" thread and tried compiling it - it compiled without errors but when i run it, it just flashes on and then quits in less than 1 second.
I changed the window name to "Notepad" and put the compiled exe in a folder with my messagebox dll (which ive tested with PERX and i know that this dll does work) but the injector just flashed again and the dll wasnt injected? any help?
heres the code :
Code:
#include <windows.h>
#include <TLHELP32.H>
#include <stdio.h>
#pragma warning(disable : 4996)
bool Done;
//Modified by Jetamay for Toymaker
PROCESSENTRY32 PE32;
char szTarget[] = "Game Name Here";
char szPath[256], szDllToInject[256];
void EnableDebugPriv( void )
{
HANDLE hToken;
LUID sedebugnameValue;
TOKEN_PRIVILEGES tkp;
OpenProcessToken( GetCurrentProcess(),
TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hToken );
LookupPrivilegeValue( NULL, SE_DEBUG_NAME, &sedebugnameValue );
tkp.PrivilegeCount = 1;
tkp.Privileges[0].Luid = sedebugnameValue;
tkp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
AdjustTokenPrivileges( hToken, FALSE, &tkp, sizeof tkp, NULL, NULL );
CloseHandle( hToken );
}
int main(int argc, char* argv[], char* envp[])
{
GetModuleFileName( 0, szPath, sizeof(szPath) );
if(!argv[1]) {
printf("Invalid usuagen t [Library path]");
return -1;
}
else
printf("Loading library %s.n", argv[1]);
strcpy(szDllToInject, argv[1]);
WIN32_FIND_DATA fnd;
HANDLE DllHnd = FindFirstFile(szDllToInject, &fnd);
if( DllHnd == INVALID_HANDLE_VALUE )
{
printf(" n");
printf(" No correct dll-library. n");
printf(" n");
system("pause");
return 0;
}
printf(" n");
printf(" Window Not Found n");
EnableDebugPriv();
HANDLE hSnapshot, hModule, hProcess;
PE32.dwSize = sizeof(PROCESSENTRY32);
while(!Done)
{
hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
Process32First(hSnapshot, &PE32);
while(Process32Next(hSnapshot, &PE32))
{
if(strcmp(PE32.szExeFile, szTarget) == 0)
{
if(!Done)
{
hProcess = OpenProcess(PROCESS_ALL_ACCESS, false, PE32.th32ProcessID);
hModule = VirtualAllocEx(hProcess, 0, sizeof(szDllToInject), MEM_COMMIT, PAGE_EXECUTE_READWRITE);
WriteProcessMemory(hProcess, hModule, (LPVOID)szDllToInject, sizeof(szDllToInject), NULL);
CreateRemoteThread(hProcess, NULL, 0, (unsigned long(__stdcall *)(void *))GetProcAddress(GetModuleHandle("kernel32"), "LoadLibraryA"), hModule, 0, NULL );
CloseHandle(hProcess);
printf(" n");
printf(" Loaded ! n");
printf(" n");
Sleep(200);
printf(" Now exiting");
Sleep(75);printf(".");Sleep(75);printf(".");Sleep(75);printf(".");
Sleep(50);
return true;
}
}
}
CloseHandle(hSnapshot);
Sleep(0);
}
return true;
}