Results 1 to 5 of 5
  1. #1
    InUrFace1337's Avatar
    Join Date
    Jun 2018
    Gender
    male
    Posts
    56
    Reputation
    20
    Thanks
    996

    Project-X - A Worthy Xenos Injector Mod [v2.3.10.9999]

    Project-X is my personal injector, and the only injector I ever use when using one of my cheats that does not make use of my self-injecting loader. It's basically a tweaked version of the widely popular Xenos Injector (The X in Project-X stands for Xenos) and therefore contains all the features of Xenos, with everything I didn't like about it being re-coded to suit my wants/needs and many other neat features/improvements added into the mix.

    Here's the original features list for Xenos:

    - Supports x86 and x64 processes and modules
    - Kernel-mode injection feature (driver required)
    - Manual map of kernel drivers (driver required)
    - Injection of pure managed images without proxy dll
    - Windows 7 cross-session and cross-desktop injection
    - Injection into native processes (those having only ntdll loaded)
    - Calling custom initialization routine after injection
    - Unlinking module after injection
    - Injection using thread hijacking
    - Injection of x64 images into WOW64 process
    - Image manual mapping
    - Injection profiles

    Manual map features:
    - Relocations, import, delayed import, bound import
    - Static TLS and TLS callbacks
    - Security cookie
    - Image manifests and SxS
    - Make module visible to GetModuleHandle, GetProcAddress, etc.
    - Support for exceptions in private memory under DEP
    - C++/CLI images are supported (use 'Add loader reference' in this case)

    Kernel manual map features are mostly identical to user-mode with few exceptions:
    - No C++ exception handling support for x64 images (only SEH)
    - No static TLS
    - No native loader compatibility
    - Limited dependency path resolving. Only API set schema, SxS, target executable directory and system directory

    Supported OS: Win7 - Win10 x64

    Additional notes:
    Injector has 2 versions - x86 and x64. Apart from obvious features x86 version supports injection of x64 images into x64 processes; x64 injector supports injection of x86 and x64 images into WOW64 processes. However this is only valid for native images. If you want to inject pure managed dll - use same injector version as your target process is.

    Injection of x64 images into WOW64 process is totally unpredictable. If you want to do this I would recommend to use manual mapping with manual imports option, because native loader is more buggy than my implementation in this case (especially in windows 7).

    Restrictions:
    - You can't inject 32 bit image into x64 process
    - Use x86 version to manually map 32 bit images and x86 version to map 64 bit images
    - You can't manually map pure managed images, only native injection is supported for them
    - May not work properly on x86 OS versions
    - Kernel injection is only supported on x64 OSes and requires Driver Test signing mode.

    Process selection:
    Existing - select existing process from the list
    New - new process will be launched before injection
    Manual launch - after pressing 'Inject' button, injector will wait for target process startup

    Images:
    List of images you want inject
    Add - add new image to the list. Drag'n'drop is also supported
    Remove - remove selected image
    Clear - clear image list

    Advanced options:

    Injection type:
    Native inject - common approach using LoadLibraryW \ LdrLoadDll in newly created or existing thread
    Manual map - manual copying image data into target process memory without creating section object
    Kernel(New thread) - kernel mode ZwCreateThreadEx into LdrLoadDll. Uses driver
    Kernel(APC) - kernel mode APC into LdrLoadDll. Uses driver
    Kernel(Manual map) - kernel manual mapping. Uses driver

    Native Loader options:
    Unlink module - after injection, unlink module from InLoadOrderModuleList, InMemoryOrderModuleList, InInitializationOrderModuleList, HashLinks and LdrpModuleBaseAddressIndex.
    Erase PE - after injection, erase PE headers
    Use existing thread - LoadLibrary and init routine will be executed in the context of random non-suspended thread.

    Manual map options:
    Add loader reference - Insert module record into InMemoryOrderModuleList/LdrpModuleBaseAddressIndex and HashLinks. Used to make module functions (e.g. GetModuleHandle, GetProcAddress) work with manually mapped image.
    Manually resolve imports - Image import and delayed import dlls will be also manually mapped instead of being loaded using LdrLoadDll.
    Wipe headers - Erase module header information after injection. Also affects manually mapped imports.
    Ignore TLS - Don't process image static TLS data and call TLS callbacks.
    No exception support - Don't create custom exception handlers that enable out-of-image exception support under DEP.
    Conceal memory - Make image memory visible as PAGE_NO_ACESS to memory query functions

    Command Line:
    Process command line arguments

    Init routine:
    If you are injecting native (not pure IL) image, this is name of exported function that will be called after injection is done. This export is called as void ( __stdcall* )(wchar_t*) function.
    If you are injecting pure managed image, this is name of public method that will be executed using ICLRRuntimeHost::ExecuteInDefaultAppDomain.

    Init argument:
    String that is passed into init routine

    Close after injection:
    Close injector after successful injection

    Inject delay:
    Delay before injection start

    Inject interval:
    Delay between each image

    Menu options:

    Profiles->Load - load injection profile
    Profiles->Save - save current settings into profile

    Tools->Eject modules - open module ejection dialog
    Tools->Protect self - make injector process protected (driver required)

    Command line options:
    --load <profile_path> - start injector and load target profile specified by <profile_path>
    --run <profile_path> - imeddiately execute profile specified by <profile_path> without GUI

    Kernel injection methods require system running in Test mode.
    So what's different with Project-X:

    Main dialog:

    - interface has been tidied up
    - swapped locations of eject modules/advanced config
    - checkboxes added to modules listview
    - added native column to modules listview
    - protect self option no longer requires driver separately (still requires test signing)
    - added custom dialog for processes->type->manual
    - removed automatic openfiledialog when clicking processes->type->manual/auto
    - process IDs are now in hex under processes->process
    - swapped location of status bar parts 1 and 3
    - inject/eject/remove/clear buttons are reactive and enable/disable based on selections/settings

    Config dialog:

    - interface has been dramatically tidied up and rearranged
    - removed use existing thread checkbox in favor of making dedicated map method labeled thread hijack

    Eject dialog:

    - interface has been tidied up
    - checkboxes added to modules listview
    - fixed load type retrieval
    Mostly just frontend tweaks and some much needed core improvements to top it all off. To enable features that require the embedded blackbone driver, open an elevated command prompt and return the following:

    Code:
    bcdedit /set testsigning on
    I hope you find this tool as useful as I have. 95% of credits go directly to DarthTon, as it is almost entirely his work. All I did was change what I myself would have done differently had this been my project from the start.

    Screenshots:







    Virus scans:

    https://www.virustotal.com/#/file/55...c732/detection
    https://virusscan.jotti.org/en-US/fi...job/7yhxcco8rm

    <b>Downloadable Files</b> Downloadable Files
    Last edited by InUrFace1337; 08-02-2018 at 06:34 PM. Reason: space out screenshots

  2. The Following 60 Users Say Thank You to InUrFace1337 For This Useful Post:

    24353 (02-05-2019),2_HIGH (05-01-2019),adelmuse (08-11-2018),ALRETO 291 (04-21-2019),alsodoze (12-22-2018),asvpleo (12-05-2018),ayhamalali (08-16-2018),aziza1 (08-08-2018),bendoverhaha333 (05-08-2019),Bliwblu (12-08-2018),CARLOOPLE (01-05-2019),cawman (12-28-2018),dangerman3d (08-06-2018),Daviemoney (2 Weeks Ago),djasonhfr (01-26-2019),Dont_Hate (08-10-2018),elsyk (08-20-2018),Exilify (11-09-2018),fume113 (08-12-2018),Giancarloo (12-13-2018),gnarly44 (11-20-2018),HoloTheNudeWolf (12-19-2018),Hugo2003 (05-15-2019),HYXHost (02-13-2019),Jiblenfa5 (01-02-2019),k2behravan (4 Weeks Ago),Kenzohh (12-05-2018),khalid1993 (08-15-2018),Kshvilly (05-09-2019),kucher19893 (04-25-2019),Lanceola (05-03-2019),Loginz (11-05-2018),mainderin (08-03-2018),mantelope (08-06-2018),mattydavjd (03-05-2019),mirsa7890 (11-10-2018),nelsonman (09-29-2018),ogstrafer (01-24-2019),pangcut (08-08-2018),papaflashss (04-28-2019),pocketsand17 (06-02-2019),rayvenss (12-11-2018),Recule_e (02-10-2019),repentina1 (02-05-2019),rhonaldo14 (09-08-2018),rocknrolla123 (08-04-2018),Roonoveder (01-19-2019),salzz (2 Weeks Ago),sauvagee (01-25-2019),Sddcsdc (08-04-2018),SER0 (10-19-2018),Sharkita (09-04-2018),sinisa971 (08-06-2018),tazymania34 (08-06-2018),tvrfvtr (08-17-2018),vaynii (01-27-2019),Wolfvuz (08-03-2018),XAlgoX (02-25-2019),Xeth1234 (09-17-2018),XxDaniiPFxX (03-19-2019)

  3. #2
    People aren't against you;
    They are for themselves

    Minion+
    Premium Member
    Kevin's Avatar
    Join Date
    Nov 2009
    Gender
    male
    Location
    Home
    Posts
    12,459
    Reputation
    2016
    Thanks
    1,855
    My Mood
    Tired
    /Approved but untested
    Quote Originally Posted by LunaScratch View Post
    He's the hero MPGH deserves, but not the one it needs right now. So we'll hunt him. Because he can take it. Because he's not our hero. He's a silent guardian, a watchful protector. A dark knight.

    MPGH Minion+ 2/5/2019 - Current
    Call of Duty Minion 12/23/2017 - Current
    MPGH Minion 12/23/2017 - 2/5/2019
    MPGH Minion+ 2/2/2016 - 8/9/2016
    NewsForce Writer 1/1/2016 - 8/9/2016
    CockSucker 7/24/2015 - 7/25/2015
    Other Semi-Popular FPS Hacks Minion 12/27/2015 - 8/9/2016
    Combat Arms Minion 11/4/2015 - 8/9/2016
    Maplestory Minion 6/1/15 - 8/9/2016
    League of Legends Minion 6/1/2015 - 8/9/2016
    Other FPS Hacks Minion 5/31/2015 - 8/9/2016
    Minecraft Marketplace Minion 6/18/2015 - 9/15/2015
    Combat Arms Marketplace Minion 4/05/2015 - 6/2/2015
    Marketplace Minion 8/1/2014 - 6/2/2015
    MPGH Minion 8/1/2014 - 2/2/2016

    Pharaoh (#7) 5/01/2014 - 5/31/2014
    Premium Member 2/1/2014 - Current
    Official Middle Man 12/12/2013 - 6/2/2015
    Member 11/15/2009 - Current

  4. The Following User Says Thank You to Kevin For This Useful Post:

    InUrFace1337 (08-31-2018)

  5. #3
    anonfoxer's Avatar
    Join Date
    Jan 2017
    Gender
    male
    Posts
    8
    Reputation
    10
    Thanks
    6
    My Mood
    Confused
    Tested on multiple games. Works great, can even bypass some anti cheat systems if you use some of the different injection methods.
    Windows defender will try and kill it, so will googles antivirus but thats simply because its an injector
    10/10, hopefully one day Ill have your programming skill my guy.

  6. #4
    InUrFace1337's Avatar
    Join Date
    Jun 2018
    Gender
    male
    Posts
    56
    Reputation
    20
    Thanks
    996
    Quote Originally Posted by anonfoxer View Post
    Tested on multiple games. Works great, can even bypass some anti cheat systems if you use some of the different injection methods.
    Windows defender will try and kill it, so will googles antivirus but thats simply because its an injector
    10/10, hopefully one day Ill have your programming skill my guy.
    Many thanks bruddha, glad to hear it's working for you. Most of the credits for this project in particular go to DarthTon. Everything else I posted in this section is completely my work, but this puppy has DarthTon written all over it. Btw, if I can learn to code, anyone can. You'll get there. ;)
    Last edited by InUrFace1337; 08-05-2018 at 03:25 AM. Reason: remove emoji

  7. #5
    itzzcarter's Avatar
    Join Date
    Sep 2018
    Gender
    male
    Posts
    15
    Reputation
    10
    Thanks
    0
    My Mood
    Stressed
    will try this ty

Similar Threads

  1. [Outdated] Xenos injector v2.1.0
    By epicness700 in forum Alliance of Valiant Arms (AVA) Spammers, Injectors and Multi Tools
    Replies: 47
    Last Post: 12-23-2015, 05:04 AM
  2. [Help Request] REZ Injector+Mods
    By CowboyWoody in forum Combat Arms Help
    Replies: 1
    Last Post: 09-28-2011, 05:01 AM
  3. Project Candy Bar: A new Injector
    By NOOB in forum Combat Arms Discussions
    Replies: 18
    Last Post: 09-26-2010, 08:19 PM
  4. [Release] swat540 list of injectors/mods
    By swat540 in forum Combat Arms Hacks & Cheats
    Replies: 11
    Last Post: 12-21-2009, 03:12 AM
  5. MPGH Public W/ Injector... *Mods Look*
    By gbitz in forum WarRock - International Hacks
    Replies: 32
    Last Post: 03-04-2008, 04:28 PM