Hey guys, here is code where it will load the CLR runtime into a executable and execute your .NET DLL, allowing hacks written in VB.NET or C# or w/e other language you use the .NET framework in. Hope it helps you guys.
Credits to Void and some website called thecodingwheel(?)
I think it took me a couple of hours to make it work and I used it for my hack a few months ago... Guess its time to give back. I might post the source for my .DLL hack written in C# (and CPP) a bit later, I still need to clean out some of the stuff I'm not supposed to release /
Yes I suck at CPP, and its extremely messy but it gets the job done
[php]
#include "MSCorEE.h"
#include <windows.h>
#pragma comment (lib, "mscoree.lib")
#include <iostream>
#include <iomanip>
#include <fstream>
#include <stdio.h> //put these with the rest of your inclues
#include <stdlib.h>
using namespace std;
void StartTheDotNetRuntime();
BOOLEAN WINAPI DllMain(HINSTANCE hInst,DWORD Reason,void* lpReserved)
{
if(Reason == DLL_PROCESS_ATTACH)
{
CreateThread(NULL, NULL, (LPTHREAD_START_ROUTINE)StartTheDotNetRuntime, NULL, NULL, NULL);
}
return true;
}
void StartTheDotNetRuntime()
{
// Bind to the CLR runtime..
ICLRRuntimeHost *pClrHost = NULL;
HRESULT hr = CorBindToRuntimeEx(
NULL, L"wks", 0, CLSID_CLRRuntimeHost,
IID_ICLRRuntimeHost, (PVOID*)&pClrHost);
// Push the big START button shown above
hr = pClrHost->Start();
// Okay, the CLR is up and running in this (previously native) process.
DWORD dwRet = 0;
hr = pClrHost->ExecuteInDefaultAppDomain(
L"DLLName.dll", //If .NET DLL is placed in CA folder just use './DLLName.dll'
L"Namespace.Class", L"Function", L"String Argument", &dwRet);
//Optionally stop the CLR runtime (we could also leave it running)
//hr = pClrHost->Stop();
// Don't forget to clean up.
pClrHost->Release();
}
[/php]
Have fun!