I've changed the libraries name so the new repositories link is https://******.com/Akaion/Bleak
Added NtCreateThreadEx and ZwCreateThreadEx
I've changed the libraries name so the new repositories link is https://******.com/Akaion/Bleak
Added the ability to eject an injected dll (using FreeLibrary)
x64 manual mapping is now supported!
I apologise for the slow updates. Internship is killing me during the week so I only really have the weekends to work on my projects.
Great job with the updates man!
I've reached a stage where I'm happy with the library and would like to start taking feature requests.
I have decided to create a standalone library for managed DLL's instead of adding to them to this library so sit tight if you are wanting that.
Some things I am considering adding (if anyone wants) would be Unlinking a module from the PEB and the ability to choose between LoadLibrary and LdrLoadDll.
The only thing I won't consider adding is LdrpLoadDll because I have no idea how to get it to work for all versions of modern windows (I don't even know if its possible in versions less than Windows 10?) plus I only even managed to get it working on certain versions of Windows 10 (shitshow tbh.)
Rewrote a large amount of the codebase for efficiency and readability purposes
- SafeHandles properly implemented for all pinvoke calls (yay no accidental gc'd handles)
- Proper argument checking to ensure you don't try to do anything you shouldn't do
- The dll to process architecture is now checked (no more trying to inject x86 into x64 processes)
- Removed a shit tonne of redundancies (I'm actually using wrapper classes now wow)
- Tests are finally ported to .net core
Expect some more features, particularly extensions in the future
First significant update in a while
- Added the ability to unlink a module from the peb (a literal pain in the ass to write I swear)
- Finally implemented proper error handling - You will actually get meaningful windows error codes if something is wrong yay
MikeRohsoft (01-11-2019)
As a few people were asking for this, I decided to implement it.
You can now inject DLL's in byte array form - Simply pass a byte array in as you would a DLL path
Another decently large update
- ProcAddresses are now resolved remotely - This means you can compile under AnyCPU (or x64) and be able to inject into both x86 and x64 processes (assuming your DLL matches the architecture of the process you are injecting into) (Hooray for only needing one exe now)
- A large amount of bug fixes were applied - No more SEH exceptions after you inject (hopefully ^_^)
- Better error checking - Platform and Windows Version are now checked as some methods are not available on certain versions of Windows (i.e RtlCreateUserThread is only available on Windows 8+)
- A crucial fix for a stupid error I made that disallowed the nuget package to be used on anything that wasn't a new version of .net core