How to make your own Injector

[Alainx277]

If you use a public Injector when hacking csgo, you can get untrusted or even VAC banned, but making your own Injector is very easy.
These are the basic steps:
1. Get the address of LoadLibraryA
2. Open the process
3. Alloc 260 bytes in process
4. Write dll path to allocated bytes
5. CreateRemoteThread at address of LoadLibraryA, with the address of those 260 bytes
6. Check if injection was successful


1. Get the address of LoadLibraryA

Code:

// Get a handle to kernel32 dll
HMODULE kernel = GetModuleHandle("Kernel32");
// Get address of LoadLibraryA
FARPROC loadLibary = GetProcAddress(kernel, "LoadLibraryA");

Because kernel32.dll gets loaded at the same place in every process, the address of LoadLibrary in the target process is the same.


2. Open the process

Code:

// Open process with all access
HANDLE processH = OpenProcess(PROCESS_ALL_ACCESS, FALSE, processId);

This just opens a handle to the process.


3. Alloc 260 bytes in process

Code:

// Alloc 260 bytes
LPVOID dllNameAddress = VirtualAllocEx(processH, NULL, 260, MEM_COMMIT, PAGE_READWRITE);

This allocates 260 bytes (MAX_PATH) in the target process.


4. Write dll path to allocated bytes

Code:

// Temp Buffer
DWORD numOfBytes;
// Write dll path to allocated memory
WriteProcessMemory(processH, dllNameAddress, pathToDll, 260, &numOfBytes);

Here we write our dll path to the allocated memory so we can pass it to LoadLibrary later.


5. CreateRemoteThread at address of LoadLibraryA, with the address of those 260 bytes

Code:

// Creating Remote Thread -> LoadLibary
HANDLE remoteThread = CreateRemoteThread(processH, NULL, 0, (LPTHREAD_START_ROUTINE)loadLibary, dllNameAddress, 0, NULL);

We create a thread in the process, call the address of LoadLibraryA (Step 1) and pass the address to our dllPath. The target process should call LoadLibrary and load our dll.


6. Check if injection was successful

Code:

// Check if thread created
if (remoteThread)
{
	// Wait for exit
	DWORD result = WaitForSingleObject(remoteThread, 10000);
	if (result == WAIT_OBJECT_0)
	{
		cout << "Successfully Injected!\n";
	}
	else if (result == WAIT_TIMEOUT)
	{
		cout << "Timeout reached! (Use CreateThread in dllMain)\n";
	}
	else
	{
		cout << "Thread failed!\n";
	}
}

Here we check if we created the thread, then we wait for it to exit. If the result is WAIT_OBJECT_0, the thread returned and the Injection was successful. If the result is WAIT_TIMEOUT, the thread is blocking the execution of the program but it injected successfully . If the result is something else, the thread has failed.


I hope this tutorial has helped you understand how to make an dll Injector, if it did, please leave a thanks.
If I can improve anything, please let me know.

[FadeCS]

Damn, a very detailed tutorial here, thanks for sharing!

[chriszz24]

I dont get it, This is a detailed post but what do you mean by those steps?

[Alainx277]

This is how you load a dll into a process. If you have a problem, please clarify what is not working.

[windowskid]

I'm pretty sure this is detected, and probably will get you banned. Other than that it's a pretty good tutorial for newbies, I just wouldn't use it on CS:GO personally. However for other games without anticheat or with worse anticheats it will probably work fine.

[PlanktonWeed]

Thanks for this.

[OfficialSyntaxx]

+1 might add onto this if I'm able to. Thank you.

[killerld2]

When people say that injector can get outdated, which part in this that can be outdated and remains up to date?

[FerhatRocks]

Thanks, I needed this

[syed musa]

can i write the same as u wrote?i just need to put injector and cheats in same folder?