Results 1 to 13 of 13

Threaded View

  1. 05-31-2010 #1
    Tukjedude
    Tukjedude is offline
    Choob
    MPGH Member
    Tukjedude's Avatar
    Join Date
    Apr 2010
    Gender
    male
    Location
    The Netherlands
    Posts
    25
    Reputation
    10
    Thanks
    13
    My Mood
    Sleepy
    Send a message via Birdie™ to Tukjedude Netherlands

    [Release][Source Code] DLL Injection

    DLL Injection

    This is not a injector wich can inject everybody's DLL in every proccess. You can release it with your DLL to make it easier for people.

    You can edit the name of the DLL to your DLL and edit the process of the process where i should be injected to.

    Just something easy you can use for your hack.
    This is free of use and you may modify it, but just leave my name on it.


    Code:
    // Filename: DLL Injector.cpp
// Author: HadFuny
// Date: 31-05-2010
// HadFuny Copyright 2010

#include <windows.h> 
#include <tlhelp32.h> 
#include <shlwapi.h> 
#include <conio.h> 
#include <stdio.h> 
#include <iostream>


#define WIN32_LEAN_AND_MEAN 
#define CREATE_THREAD_ACCESS (PROCESS_CREATE_THREAD | PROCESS_QUERY_INFORMATION | PROCESS_VM_OPERATION | PROCESS_VM_WRITE | PROCESS_VM_READ) 

BOOL Inject(DWORD pID, const char * DLL_NAME); 
DWORD GetTargetThreadIDFromProcName(const char * ProcName); 
using namespace std;

int main(int argc, char * argv[]) 
{
   // The name of the process you want to inject
   DWORD pID = GetTargetThreadIDFromProcName("notepad.exe"); 
    
   // Get the dll's full path name 
   char buf[MAX_PATH] = {0}; 
   GetFullPathName("Project1.dll", MAX_PATH, buf, NULL);  // On the place where is Project1.dll you can put the name of your dll
   printf(buf); 
   printf("\n"); 
    
   // Inject our main dll
   if(!Inject(pID, buf)) 
   { 
     printf("Not loaded!"); // If injection is not sucsessfull 
   }
   else
   { 
     printf("Loaded!"); //  If injection is sucsessfull 
   } 
   _getch(); 
   return 0; 
} 

BOOL Inject(DWORD pID, const char * DLL_NAME) 
{ 
   HANDLE Proc; 
   HMODULE hLib; 
   char buf[50] = {0}; 
   LPVOID RemoteString, LoadLibAddy; 
   if(!pID) 
      return false; 
   Proc = OpenProcess(PROCESS_ALL_ACCESS, FALSE, pID); 
   if(!Proc) 
   { 
      sprintf(buf, "OpenProcess() failed: %d", GetLastError()); 
      //MessageBox(NULL, buf, "Loader", MB_OK); 
      printf(buf); 
      return false; 
   } 
   LoadLibAddy = (LPVOID)GetProcAddress(GetModuleHandle("kernel32.dll"), "LoadLibraryA"); 
   // Allocate space in the process for our DLL
   RemoteString = (LPVOID)VirtualAllocEx(Proc, NULL, strlen(DLL_NAME), MEM_RESERVE | MEM_COMMIT, PAGE_READWRITE); 
   // Write the string name of our DLL in the memory allocated 
   WriteProcessMemory(Proc, (LPVOID)RemoteString, DLL_NAME, strlen(DLL_NAME), NULL); 
   // Load our <strong class="highlight">DLL</strong> 
   CreateRemoteThread(Proc, NULL, NULL, (LPTHREAD_START_ROUTINE)LoadLibAddy, (LPVOID)RemoteString, NULL, NULL); 
   CloseHandle(Proc); 
   return true; 
} 

DWORD GetTargetThreadIDFromProcName(const char * ProcName) 
{ 
   PROCESSENTRY32 pe; 
   HANDLE thSnapShot; 
   BOOL retval, ProcFound = false; 

   thSnapShot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0); 
   if(thSnapShot == INVALID_HANDLE_VALUE) 
   { 
      //MessageBox(NULL, "Error: Unable to create toolhelp snapshot!", "2MLoader", MB_OK); 
      printf("Error: Unable to create toolhelp snapshot!"); 
      return false; 
   } 
   pe.dwSize = sizeof(PROCESSENTRY32); 
   retval = Process32First(thSnapShot, &pe); 
   while(retval) 
   { 
      if(StrStrI(pe.szExeFile, ProcName)) 
      { 
         return pe.th32ProcessID; 
      } 
      retval = Process32Next(thSnapShot, &pe); 
   } 
   return 0; 
}
    To turn it in a unversial injector wich can inject any DLL into any process:
    DOWNLOAD COMPILED UNIVERSAL INJECTOR: Download
    VIRUSTOTAL:Virustotal. MD5: cd43aef8fbdf49f7a3bfe0f5879f5db7

    Code:
    // Filename: DLL Injector.cpp
// Author: HadFuny
// Date: 31-05-2010
// HadFuny Copyright 2010

#include <windows.h> 
#include <tlhelp32.h> 
#include <shlwapi.h> 
#include <conio.h> 
#include <stdio.h> 
#include <iostream>


#define WIN32_LEAN_AND_MEAN 
#define CREATE_THREAD_ACCESS (PROCESS_CREATE_THREAD | PROCESS_QUERY_INFORMATION | PROCESS_VM_OPERATION | PROCESS_VM_WRITE | PROCESS_VM_READ) 

BOOL Inject(DWORD pID, const char * DLL_NAME); 
DWORD GetTargetThreadIDFromProcName(const char * ProcName); 
using namespace std;
char* proc = "text";
char* dll = "text";

int main(int argc, char * argv[]) 
{
   // The name of the process you want to inject
   printf("Name of process:");
   cin >> proc;
   printf("/nName of DLL:");
   cin >> dll;
   DWORD pID = GetTargetThreadIDFromProcName(proc); 
    
   // Get the dll's full path name 
   char buf[MAX_PATH] = {0}; 
   GetFullPathName(dll, MAX_PATH, buf, NULL);  // On the place where is Project1.dll you can put the name of your dll
   printf(buf); 
   printf("\n"); 
    
   // Inject our main dll
   if(!Inject(pID, buf)) 
   { 
    printf("Not loaded!"); // If injection is not sucsessfull 
   }
   else
   { 
     printf("Loaded!"); //  If injection is sucsessfull 
   } 
   _getch(); 
   return 0; 
} 

BOOL Inject(DWORD pID, const char * DLL_NAME) 
{ 
   HANDLE Proc; 
   HMODULE hLib; 
   char buf[50] = {0}; 
   LPVOID RemoteString, LoadLibAddy; 
   if(!pID) 
      return false; 
   Proc = OpenProcess(PROCESS_ALL_ACCESS, FALSE, pID); 
   if(!Proc) 
   { 
      sprintf(buf, "OpenProcess() failed: %d", GetLastError()); 
      //MessageBox(NULL, buf, "Loader", MB_OK); 
      printf(buf); 
      return false; 
   } 
   LoadLibAddy = (LPVOID)GetProcAddress(GetModuleHandle("kernel32.dll"), "LoadLibraryA"); 
   // Allocate space in the process for our DLL
   RemoteString = (LPVOID)VirtualAllocEx(Proc, NULL, strlen(DLL_NAME), MEM_RESERVE | MEM_COMMIT, PAGE_READWRITE); 
   // Write the string name of our DLL in the memory allocated 
   WriteProcessMemory(Proc, (LPVOID)RemoteString, DLL_NAME, strlen(DLL_NAME), NULL); 
   // Load our <strong class="highlight">DLL</strong> 
   CreateRemoteThread(Proc, NULL, NULL, (LPTHREAD_START_ROUTINE)LoadLibAddy, (LPVOID)RemoteString, NULL, NULL); 
   CloseHandle(Proc); 
   return true; 
} 

DWORD GetTargetThreadIDFromProcName(const char * ProcName) 
{ 
   PROCESSENTRY32 pe; 
   HANDLE thSnapShot; 
   BOOL retval, ProcFound = false; 

   thSnapShot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0); 
   if(thSnapShot == INVALID_HANDLE_VALUE) 
   { 
      //MessageBox(NULL, "Error: Unable to create toolhelp snapshot!", "2MLoader", MB_OK); 
      printf("Error: Unable to create toolhelp snapshot!"); 
      return false; 
   } 
   pe.dwSize = sizeof(PROCESSENTRY32); 
   retval = Process32First(thSnapShot, &pe); 
   while(retval) 
   { 
      if(StrStrI(pe.szExeFile, ProcName)) 
      { 
         return pe.th32ProcessID; 
      } 
      retval = Process32Next(thSnapShot, &pe); 
   } 
   return 0; 
}
    Sorry if there any error's in the code above i did it straight away without reading anything just straigt out of my mind..
    Last edited by Tukjedude; 05-31-2010 at 11:53 PM.
« Previous Thread | Next Thread »

Similar Threads

  1. [Release] Enc DLL Injector v1.3 + Source Code
    By encrypted94 in forum Visual Basic Programming
    Replies: 7
    Last Post: 03-25-2011, 09:16 AM
  2. [Release/Source Code]Some API's made Easier
    By 'Bruno in forum C++/C Programming
    Replies: 5
    Last Post: 08-24-2010, 10:18 AM
  3. [Request] Source Code DLL Injector (Text) - VB 2008 Codes
    By deocute in forum Visual Basic Programming
    Replies: 1
    Last Post: 10-21-2009, 12:16 AM
  4. [Release] ****** DLL Source Code
    By OneWhoSighs in forum WarRock - International Hacks
    Replies: 20
    Last Post: 10-25-2007, 07:41 AM