Hi guys,
I proudly present my new tool: 'The raw code injector'. It's made for coders mainly, but average/normal users canuse it for the injection of dll's
Features:
1. Raw code injection (inject raw C++ code without making a new project/dll)
2. Dll injection (via load lib & remote thread, code cave and manual mapping in future releases)
3. Module dumping (just basic information, dumping like kernel detective in future releases)
Limitations:
1. You cannot use variables when injecting raw code
2. You cannot call api's when injecting raw code
3. You cannot call functions when injecting raw code
Pics:
Notes:
I took the liberty of creating a smexy GUI around the core exe file, but
it's ridden with bugs and I'm to lazy to go and learn a decent level of .net crap. If you want to create a new gui, be my quest. If you release it you must provide credits!
You can of course use the RawCodeInjector.exe without a gui, the command line parameters are:
Code:
RawCodeInjector /d Processname Outputname // dump module command
RawCodeInjector /i Processname Outputname // DLL injection command
RawCodeInjector /ir Processname Outputname // Code path
Example:
RawCodeInjector /ir Engine.exe TestSource.cpp
Virus:
Virscan
VirTotal
Examples:
Because you cannot use variables directly I'll show you a few ways to do such things
Method 1:
Using pointers
Because of how the compiler operates, pointers will work, while 'real' variables wont:
Code:
*int Addy = (int*)0x12FF4C;
*Addy = 100;
Method 2:
Using assembler:
Code:
mov eax, 12FF4Ch // eax is like the Addy of the previous example, it will act as a pointer
mov ebx, 100 //ebx is our variable here, it stores the value 100
mov [eax], ebx // this statement is similar to this: *Addy = 100;
Credits:
1. Me << I made the GUI and the Code for this project
2. Microsoft << I used their redistributable compiler (or not so redistributable...) but hell since it's free, I don't think it matters
Future plans:
I'm going to update a few things about this tool:
1. I'm going to add a few functions that will allow you to do things like: Signature scanning and memcpy when injecting raw code.
2. Real memory dump, this one dumps only basic information about the modules loaded, I'm going to make this function like the dump function in Kernel detective.
3. I'm going to substitute the use of registers to pseudo variables so that those who aren't familiar with the assembler language won't have to do it by themselves
-SCHiM
happy hacking