.NET Loader

[User1]

Hey guys, here is code where it will load the CLR runtime into a executable and execute your .NET DLL, allowing hacks written in VB.NET or C# or w/e other language you use the .NET framework in. Hope it helps you guys.

Credits to Void and some website called thecodingwheel(?)

I think it took me a couple of hours to make it work and I used it for my hack a few months ago... Guess its time to give back. I might post the source for my .DLL hack written in C# (and CPP) a bit later, I still need to clean out some of the stuff I'm not supposed to release /

Yes I suck at CPP, and its extremely messy but it gets the job done

[php]
#include "MSCorEE.h"
#include <windows.h>
#pragma comment (lib, "mscoree.lib")

#include <iostream>
#include <iomanip>
#include <fstream>

#include <stdio.h> //put these with the rest of your inclues
#include <stdlib.h>

using namespace std;

void StartTheDotNetRuntime();

BOOLEAN WINAPI DllMain(HINSTANCE hInst,DWORD Reason,void* lpReserved)
{
if(Reason == DLL_PROCESS_ATTACH)
{
CreateThread(NULL, NULL, (LPTHREAD_START_ROUTINE)StartTheDotNetRuntime, NULL, NULL, NULL);
}
return true;
}



void StartTheDotNetRuntime()
{
// Bind to the CLR runtime..
ICLRRuntimeHost *pClrHost = NULL;
HRESULT hr = CorBindToRuntimeEx(
NULL, L"wks", 0, CLSID_CLRRuntimeHost,
IID_ICLRRuntimeHost, (PVOID*)&pClrHost);

// Push the big START button shown above
hr = pClrHost->Start();
// Okay, the CLR is up and running in this (previously native) process.
DWORD dwRet = 0;
hr = pClrHost->ExecuteInDefaultAppDomain(
L"DLLName.dll", //If .NET DLL is placed in CA folder just use './DLLName.dll'
L"Namespace.Class", L"Function", L"String Argument", &dwRet);

//Optionally stop the CLR runtime (we could also leave it running)
//hr = pClrHost->Stop();

// Don't forget to clean up.
pClrHost->Release();
}
[/php]

Have fun!