Results 1 to 4 of 4
  1. #1
    .::SCHiM::.'s Avatar
    Join Date
    Sep 2010
    Gender
    male
    Posts
    733
    Reputation
    180
    Thanks
    880
    My Mood
    Twisted

    [Previeuw] Raw code injector

    Hi guys,

    I'm about to release a new tool of mine called 'The raw code injector'
    It's a tool for coders but maybe a few ordinary users will learn to get along with it.

    What it does:

    Ever felt the need to quickly test some code of yours? Not wanting to create a whole new project to test one or two simple lines? Then this is your tool, it will allow you to inject raw code into another process, you only supply the code you want to test, everything else this tool will handle.

    To make a long story quick/tl;dr:

    This tool allows you to inject code into another process without creating a dll/project to do it.

    Other functions:

    Dll injection

    Module dumping (only those inside a process, a 'real' (like in kernel detective) dump must be implemented yet)

    Limitations:

    EDIT:
    Variables are possible now, I found an error during my test runs
    2ndEDIT:
    never mind, variables are still out of the question, I mean pointers, those work now


    You cannot call API functions for now, I will provide a basic library to cover the more used API functions (memcpy and maybe signature scanning) in the future.

    You cannot call functions, eg you cannot do this:

    Code:
    int patchaddy(){
    
    }
    main(){
    patchaddy();
    }
    Actually you cannot use functions at all you'll only feed code into the tool, functions/api calls/variables will cause errors and maybe even crash the applications you're injecting into.

    I'll fix that later since those are internal problems and need some math to correct, and I hate math when I'm tired

    -SCHiM
    tell me what you think
    Last edited by .::SCHiM::.; 01-16-2011 at 08:22 AM.

    I'm SCHiM

    Morals derive from the instinct to survive. Moral behavior is survival behavior above the individual level.

    Polymorphic engine
    Interprocess callback class
    SIN
    Infinite-precision arithmetic
    Hooking dynamic linkage
    (sloppy)Kernel mode Disassembler!!!

    Semi debugger




  2. The Following 3 Users Say Thank You to .::SCHiM::. For This Useful Post:

    ♪~ ᕕ(ᐛ)ᕗ (01-16-2011),Drake (01-16-2011),Hell_Demon (01-16-2011)

  3. #2
    why06's Avatar
    Join Date
    Jul 2009
    Gender
    male
    Location
    IBM
    Posts
    4,304
    Reputation
    170
    Thanks
    2,203
    My Mood
    Flirty
    Erm what? where? Am I missing something? =/

    "Every gun that is made, every warship launched, every rocket fired signifies, in the final sense, a theft from those who hunger and are not fed, those who are cold and are not clothed. This world in arms is not spending money alone. It is spending the sweat of its laborers, the genius of its scientists, the hopes of its children. The cost of one modern heavy bomber is this: a modern brick school in more than 30 cities. It is two electric power plants, each serving a town of 60,000 population. It is two fine, fully equipped hospitals. It is some fifty miles of concrete pavement. We pay for a single fighter plane with a half million bushels of wheat. We pay for a single destroyer with new homes that could have housed more than 8,000 people. This is, I repeat, the best way of life to be found on the road the world has been taking. This is not a way of life at all, in any true sense. Under the cloud of threatening war, it is humanity hanging from a cross of iron."
    - Dwight D. Eisenhower

  4. #3
    Void's Avatar
    Join Date
    Sep 2009
    Gender
    male
    Location
    Inline.
    Posts
    3,198
    Reputation
    205
    Thanks
    1,445
    My Mood
    Mellow
    Can you show us some code on how you plan on doing this? I'm not understanding why you can't call functions.

  5. #4
    .::SCHiM::.'s Avatar
    Join Date
    Sep 2010
    Gender
    male
    Posts
    733
    Reputation
    180
    Thanks
    880
    My Mood
    Twisted
    Quote Originally Posted by Void View Post
    Can you show us some code on how you plan on doing this? I'm not understanding why you can't call functions.
    Target process:

    Code:
    0x10000  mov eax, 1
    0x10008
    0x10016  call 0x37000   ; call api
    0x10024
    0x10032
    0x10040
    0x10048
    0x10056
    ...
    ...
    ...
    0x37000 jmp 7000000 (some kernel/api call)  ; start of IAT
    This is a perfect example of why I cannot call api's, the offset is off.
    If my tool compiles code I don't link it, so even if I somehow got the api addresses resolved I'd need to correct the offset in the target application (thats the reason why you cannot use variables *yet*)

    If I tried to put variables/functions into targetprocess.exe it would look like this:

    Compiled code:

    Code:
    
    0x10000   dd 100d
    0x10008
    0x10016  mov eax, 0x10000   ; variable....
    0x10024  mov [eax], 34
    0x10032
    0x10040
    0x10048
    0x10056
    Injecting that code into target process would result in:

    Code:
    
    0x10000   mov eax, 1
    0x10008
    0x10016  mov eax, 0x10000   ; variable.... or in this case an operation
    0x10024  mov [eax], 34 ; and this will cause an error, trying to overwrite our "variable" 
    0x10032
    0x10040
    0x10048
    0x10056
    But that's for future matters, if you guys want you can try it out here:

    https://www.mpgh.net/forum/172-combat...-injector.html

    I'm SCHiM

    Morals derive from the instinct to survive. Moral behavior is survival behavior above the individual level.

    Polymorphic engine
    Interprocess callback class
    SIN
    Infinite-precision arithmetic
    Hooking dynamic linkage
    (sloppy)Kernel mode Disassembler!!!

    Semi debugger