Results 1 to 2 of 2
  1. #1
    InUrFace1337's Avatar
    Join Date
    Jun 2018
    Gender
    male
    Posts
    57
    Reputation
    20
    Thanks
    1,486

    Xenos Injector 2.3.2 - Windows PE Injector

    This is not my project, I'm simply uploading this because the latest version (at the time of posting) is not here on mpgh.

    Redesigned GUI and some more features

    - Supports x86 and x64 processes and modules
    - Kernel-mode injection feature (driver required)
    - Manual map of kernel drivers (driver required)
    - Injection of pure managed images without proxy dll
    - Windows 7 cross-session and cross-desktop injection
    - Injection into native processes (those having only ntdll loaded)
    - Calling custom initialization routine after injection
    - Unlinking module after injection
    - Injection using thread hijacking
    - Injection of x64 images into WOW64 process
    - Image manual mapping
    - Injection profiles

    Manual map features:
    - Relocations, import, delayed import, bound import
    - Static TLS and TLS callbacks
    - Security cookie
    - Image manifests and SxS
    - Make module visible to GetModuleHandle, GetProcAddress, etc.
    - Support for exceptions in private memory under DEP
    - C++/CLI images are supported (use 'Add loader reference' in this case)

    Kernel manual map features are mostly identical to user-mode with few exceptions:
    - No C++ exception handling support for x64 images (only SEH)
    - No static TLS
    - No native loader compatibility
    - Limited dependency path resolving. Only API set schema, SxS, target executable directory and system directory

    Supported OS: Win7 - Win10 x64
    Additional notes:
    Injector has 2 versions - x86 and x64. Apart from obvious features x86 version supports injection of x64 images into x64 processes; x64 injector supports injection of x86 and x64 images into WOW64 processes. However this is only valid for native images. If you want to inject pure managed dll - use same injector version as your target process is.

    Injection of x64 images into WOW64 process is totally unpredictable. If you want to do this I would recommend to use manual mapping with manual imports option, because native loader is more buggy than my implementation in this case (especially in windows 7).

    Restrictions:
    - You can't inject 32 bit image into x64 process
    - Use x86 version to manually map 32 bit images and x86 version to map 64 bit images
    - You can't manually map pure managed images, only native injection is supported for them
    - May not work properly on x86 OS versions
    - Kernel injection is only supported on x64 OSes and requires Driver Test signing mode.

    Changelog

    V2.3.2
    - Win10 RS4 update support

    V2.3.1
    - Win10 Fall Creators update support
    - STATUS_UNSUCCESSFUL codes refactored
    - Bug fixes

    V2.3.0
    - Win10 Creators Update support
    - Unified injection and manual mapping (injector -> target) : x86->x86, x64->x64, x86->x64, x64->x86
    - Bug fixes, stability improvements

    V2.2.2
    - Bug fixes, stability improvements

    V2.2.1
    - Win 10 10586 driver compatibility
    - Minor GUI usability fixes
    - Create process: working dir changed

    V2.2.0
    - Command line options
    - Separate x86/x64 profiles
    - Pure IL exe manual mapping

    V2.1.4
    - VS 2015 runtime
    - Win10 RTM support

    V2.1.3
    - Win10 build 9926 support
    - Win8.1 bug fixes

    V2.1.2
    - Fixed BSOD under win7 and win8.1 systems
    - Major kernel manual map bug fixes
    - Kernel logs

    V2.1.1
    - Added some logging

    V2.1.0
    - Kernel manual map for user-mode dlls
    - Process handle access rights escalation

    V2.0.0
    - New GUI
    - Injection image list
    - Auto-injection
    - Injection profiles
    - Injection delay timers
    - Kernel injection improvements - module unlinking and init routine invocation
    - Win10 tech preview support
    Screenshot:



    Readme:

    Process selection:
    Existing - select existing process from the list
    New - new process will be launched before injection
    Manual launch - after pressing 'Inject' button, injector will wait for target process startup

    Images:
    List of images you want inject
    Add - add new image to the list. Drag'n'drop is also supported
    Remove - remove selected image
    Clear - clear image list

    Advanced options:

    Injection type:
    Native inject - common approach using LoadLibraryW \ LdrLoadDll in newly created or existing thread
    Manual map - manual copying image data into target process memory without creating section object
    Kernel(New thread) - kernel mode ZwCreateThreadEx into LdrLoadDll. Uses driver
    Kernel(APC) - kernel mode APC into LdrLoadDll. Uses driver
    Kernel(Manual map) - kernel manual mapping. Uses driver

    Native Loader options:
    Unlink module - after injection, unlink module from InLoadOrderModuleList, InMemoryOrderModuleList, InInitializationOrderModuleList, HashLinks and LdrpModuleBaseAddressIndex.
    Erase PE - after injection, erase PE headers
    Use existing thread - LoadLibrary and init routine will be executed in the context of random non-suspended thread.

    Manual map options:
    Add loader reference - Insert module record into InMemoryOrderModuleList/LdrpModuleBaseAddressIndex and HashLinks. Used to make module functions (e.g. GetModuleHandle, GetProcAddress) work with manually mapped image.
    Manually resolve imports - Image import and delayed import dlls will be also manually mapped instead of being loaded using LdrLoadDll.
    Wipe headers - Erase module header information after injection. Also affects manually mapped imports.
    Ignore TLS - Don't process image static TLS data and call TLS callbacks.
    No exception support - Don't create custom exception handlers that enable out-of-image exception support under DEP.
    Conceal memory - Make image memory visible as PAGE_NO_ACESS to memory query functions

    Command Line:
    Process command line arguments

    Init routine:
    If you are injecting native (not pure IL) image, this is name of exported function that will be called after injection is done. This export is called as void ( __stdcall* )(wchar_t*) function.
    If you are injecting pure managed image, this is name of public method that will be executed using ICLRRuntimeHost::ExecuteInDefaultAppDomain.

    Init argument:
    String that is passed into init routine

    Close after injection:
    Close injector after successful injection

    Inject delay:
    Delay before injection start

    Inject interval:
    Delay between each image

    Menu options:

    Profiles->Load - load injection profile
    Profiles->Save - save current settings into profile

    Tools->Eject modules - open module ejection dialog
    Tools->Protect self - make injector process protected (driver required)

    Command line options:
    --load <profile_path> - start injector and load target profile specified by <profile_path>
    --run <profile_path> - imeddiately execute profile specified by <profile_path> without GUI

    Kernel injection methods require system running in Test mode.

    Comon problems:
    1. Access denied


    Failed to load BlackBone driver:

    {Access Denied}

    A process has requested access to an object, but has not been granted those access rights.
    If you are using account with admin rights - run program as Administrator. If you are using restricted user account - enable UAC and then run as Administrator.

    2. Injection failed with error code 0xC0000225. Injector failed to resolve one or more dll dependencies. Make sure you have all required dlls and proper CRT libraries. In case of kernel manual mapping, dependencies should be placed near target process executable or in system32 (SysWOW64 for 32bit processes) folder.

    Credits:
    DarthTon - Creator of Xenos injector
    _Mike@OC for his managed dll injection using AsmJit code
    Petr Kobalicek - AsmJit project

    Virus scans:

    https://www.virustotal.com/#/file/3a...2440/detection
    https://virusscan.jotti.org/en-US/fi...job/088a887kds

    <b>Downloadable Files</b> Downloadable Files

  2. The Following 146 Users Say Thank You to InUrFace1337 For This Useful Post:

    akm940356 (4 Weeks Ago),alsodoze (12-22-2018),AlterLight (12-16-2018),andika130600 (09-25-2018),angelogot20 (05-14-2019),asdfas123 (12-22-2018),ayhamalali (08-15-2018),b3t0m0x (01-31-2019),babyloniaa (01-30-2019),baebrum (4 Weeks Ago),Balmy (06-26-2019),bananas129 (08-21-2018),Belying (11-04-2018),Besje46 (03-29-2019),bestolafna (4 Weeks Ago),billythefish (08-18-2018),Bitchin (05-26-2019),Black ops 2 Ass (08-14-2019),BOMZcp (05-31-2019),Booce123 (10-27-2018),botara1337 (05-24-2019),brobrofet (07-13-2019),C9Soul (08-04-2019),ceh430 (12-13-2018),chaos00174 (10-28-2018),cheatingisfun6 (10-24-2018),CoolBreezy (07-18-2019),crazyd92 (03-08-2019),cTXgpngZ (02-23-2019),CyanideSu (02-23-2019),d4nksc0p3 (06-24-2019),dametime2 (08-05-2018),deathheadog (09-30-2018),Dothraki32 (08-30-2018),DragonH (05-21-2019),drewthegreat (09-01-2018),DrHexDex (08-06-2019),dsDDRDds (06-14-2019),ebonycs (11-23-2018),eldemarco (08-16-2019),Entityza (12-26-2018),euclyde (08-02-2018),exepzai (4 Weeks Ago),Exphos13 (4 Weeks Ago),Fire099 (08-06-2018),flick01 (08-02-2018),fortymenone (08-18-2019),Gazzah (07-26-2019),gennadij12 (08-04-2018),German_ModZz (11-03-2018),ggxgangganggang (09-24-2018),giin709 (06-17-2019),Glibamazing (08-02-2018),hardwolf02 (08-05-2018),HENRYFXP (01-29-2019),hon14326 (01-25-2019),hoonryder (04-08-2019),HuntaXxx (4 Weeks Ago),imhome2 (08-02-2018),iploo (08-02-2018),isnitch (02-09-2019),jaison88 (06-08-2019),jony54108 (04-14-2019),JunkerCZE (08-07-2018),kakart123 (04-07-2019),Kermasuklaa (12-13-2018),lakatoskula (12-12-2018),Lanceola (05-03-2019),Likko (09-13-2018),lkli (12-14-2018),LRevolution (12-07-2018),Luukavids (11-02-2018),mallorie09 (02-20-2019),manussko (03-08-2019),Martin951753 (08-06-2019),michelia (08-09-2018),MicrDan (12-06-2018),Midow12 (06-19-2019),mist1001 (07-07-2019),mohammadrezafallahkish (04-03-2019),MOI6969 (10-21-2018),mrcz123 (11-08-2018),MrsBibu (08-05-2019),mrswiamfwan2293 (08-07-2019),nandochili (08-14-2018),Napsterae (03-16-2019),Narkulis (12-19-2018),nathanfv (08-10-2019),NikS12345 (12-23-2018),NyeFX (06-20-2019),OKCthunder (09-29-2018),Pinguchainz (09-20-2018),princedeku (04-08-2019),qq159753 (03-24-2019),ramboy666 (06-03-2019),rave_12 (4 Weeks Ago),Razielex (03-23-2019),razorknight1 (04-25-2019),re4per91 (01-23-2019),ReaperXbdo (04-20-2019),rellodakid (06-27-2019),Revonixitsme (12-08-2018),rhonaldo14 (09-08-2018),ricsblade (08-23-2018),ROBOZINHOZ (12-21-2018),Rubbad13 (09-18-2018),S1lence911 (08-03-2018),saayjo (4 Weeks Ago),sahvvv (12-24-2018),sdowning (10-01-2018),senar (4 Weeks Ago),shafen (05-24-2019),Sharkita (09-04-2018),sim4343 (4 Weeks Ago),Skito (08-02-2018),smeghead22 (4 Weeks Ago),Snaps66 (07-25-2019),stetixx (4 Weeks Ago),superfluousg (10-26-2018),SuperSaiyanChan (4 Weeks Ago),SwagMaster42200 (05-21-2019),Test on3 (11-14-2018),the X (07-25-2019),The1German (08-13-2019),trashedout (10-29-2018),ttank1117 (12-28-2018),TurokHUN (11-01-2018),turtlezubs (08-02-2018),TvepZZ (09-02-2018),Twooze (12-26-2018),Unknown1441 (04-15-2019),unknownlove (06-21-2019),Unvarying (12-24-2018),unwrittengames (08-05-2019),Uprise123 (04-12-2019),V1NYL_123 (04-15-2019),virussCZE (08-09-2018),vodailam (01-30-2019),WielkiKuti21 (05-15-2019),xNeve (08-18-2018),xX_420Haxor024_Xx (04-15-2019),YoBeYuhGang (12-11-2018),yohigh (12-23-2018),Zenser (08-10-2018),zidvicious (09-02-2018),ZzSapoManzZ (05-12-2019)

  3. #2
    People aren't against you;
    They are for themselves

    Minion+
    Premium Member
    Kevin's Avatar
    Join Date
    Nov 2009
    Gender
    male
    Location
    Home
    Posts
    12,462
    Reputation
    2064
    Thanks
    1,859
    My Mood
    Tired
    /approved but untested
    Quote Originally Posted by LunaScratch View Post
    He's the hero MPGH deserves, but not the one it needs right now. So we'll hunt him. Because he can take it. Because he's not our hero. He's a silent guardian, a watchful protector. A dark knight.

    MPGH Minion+ 2/5/2019 - Current
    Call of Duty Minion 12/23/2017 - Current
    MPGH Minion 12/23/2017 - 2/5/2019
    MPGH Minion+ 2/2/2016 - 8/9/2016
    NewsForce Writer 1/1/2016 - 8/9/2016
    CockSucker 7/24/2015 - 7/25/2015
    Other Semi-Popular FPS Hacks Minion 12/27/2015 - 8/9/2016
    Combat Arms Minion 11/4/2015 - 8/9/2016
    Maplestory Minion 6/1/15 - 8/9/2016
    League of Legends Minion 6/1/2015 - 8/9/2016
    Other FPS Hacks Minion 5/31/2015 - 8/9/2016
    Minecraft Marketplace Minion 6/18/2015 - 9/15/2015
    Combat Arms Marketplace Minion 4/05/2015 - 6/2/2015
    Marketplace Minion 8/1/2014 - 6/2/2015
    MPGH Minion 8/1/2014 - 2/2/2016

    Pharaoh (#7) 5/01/2014 - 5/31/2014
    Premium Member 2/1/2014 - Current
    Official Middle Man 12/12/2013 - 6/2/2015
    Member 11/15/2009 - Current

  4. The Following User Says Thank You to Kevin For This Useful Post:

    InUrFace1337 (08-31-2018)

Similar Threads

  1. just got a new comp... any injectores that work for windows 7 home??
    By grindking69 in forum Combat Arms Discussions
    Replies: 8
    Last Post: 11-16-2010, 05:01 AM
  2. Need an injector that match on windows 7 :)
    By elcid556 in forum Soldier Front General
    Replies: 4
    Last Post: 08-05-2010, 07:57 PM
  3. Windows 7 Injector
    By omghacker in forum WarRock - International Hacks
    Replies: 27
    Last Post: 07-28-2010, 07:54 AM
  4. [Help] Looking for windows 7 injector
    By poepchineesss in forum WarRock Discussions
    Replies: 3
    Last Post: 05-14-2010, 12:52 PM
  5. [Release] Vista 64/Windows 7 Injector
    By pretli in forum WarRock - International Hacks
    Replies: 4
    Last Post: 10-02-2009, 03:00 PM