General
Reply With QuoteAllocating memory. Finding module addresses. Writing process memory. Opening process handles. Creating remote threads. There's SHITLOADS of material around.
Thread: (help)injector
Results 1 to 9 of 9
-
05-15-2011 #1Expert Member
- Join Date
- Mar 2010
- Gender
- Posts
- 523
- Reputation
10- Thanks
- 95
- My Mood
-
(help)injector
what do i look up to learn about injectors
-
05-15-2011 #2Hung like a rabbit
- Join Date
- Apr 2010
- Gender
- Location
- Posts
- 5,704
- Reputation
918- Thanks
- 7,676
- My Mood
-
You can win the rat race,
Originally Posted by Jeremy S. Anderson
But you're still nothing but a fucking RAT.
++Latest Projects++
[Open Source] Injection Library
Simple PE Cipher
FilthyHooker - Simple Hooking Class
CLR Injector - Inject .NET dlls with ease
Simple Injection - An in-depth look
MPGH's .NET SDK
eJect - Simple Injector
Basic PE Explorer (BETA)
-
05-15-2011 #3
ThreadstarterExpert Member
- Join Date
- Mar 2010
- Gender
- Posts
- 523
- Reputation
- 10
- Thanks
- 95
- My Mood
-
do you think you think you can make a well explained tutorial on the most simple injector
-
05-15-2011 #4Still a Cookie at heart
- Join Date
- Mar 2011
- Gender
- Location
- Posts
- 6,113
- Reputation
- 394
- Thanks
- 363
Just leech a injector source code. Originally Posted by tremaster
-
05-15-2011 #5Hung like a rabbit
- Join Date
- Apr 2010
- Gender
- Location
- Posts
- 5,704
- Reputation
- 918
- Thanks
- 7,676
- My Mood
-
I may do...but I dunno if I can be fucked. I'll see if I have time with Uni and shit. I'd release it in the VB section though. Originally Posted by tremaster
You can win the rat race, Originally Posted by Jeremy S. Anderson
But you're still nothing but a fucking RAT.
++Latest Projects++
[Open Source] Injection Library
Simple PE Cipher
FilthyHooker - Simple Hooking Class
CLR Injector - Inject .NET dlls with ease
Simple Injection - An in-depth look
MPGH's .NET SDK
eJect - Simple Injector
Basic PE Explorer (BETA)
-
05-15-2011 #6Dual-Keyboard Member
- Join Date
- Dec 2008
- Gender
- Location
- Posts
- 381
- Reputation
- 28
- Thanks
- 68
- My Mood
-
I have an old source that someone posted on here a long time ago, so don't flame if you recognize it, but this may help.
You need to import some unmanaged functions:
So, yeah, I think that's all of the functions you need. Like I said, I didn't write this, it's just a source I had on my pc that I THINK was posted on mpgh before.Code:[DllImport("kernel32.dll")] public static extern IntPtr CreateRemoteThread( IntPtr hProcess, IntPtr lpThreadAttributes, uint dwStackSize, UIntPtr lpStartAddress, // raw Pointer into remote process IntPtr lpParameter, uint dwCreationFlags, out IntPtr lpThreadId ); [DllImport("kernel32.dll")] public static extern Int32 CloseHandle( IntPtr hObject ); [DllImport("kernel32.dll", SetLastError = true, ExactSpelling = true)] static extern bool VirtualFreeEx( IntPtr hProcess, IntPtr lpAddress, UIntPtr dwSize, uint dwFreeType ); [DllImport("kernel32.dll", CharSet = CharSet.Ansi, ExactSpelling = true)] public static extern UIntPtr GetProcAddress( IntPtr hModule, string procName ); [DllImport("kernel32.dll", SetLastError = true, ExactSpelling = true)] static extern IntPtr VirtualAllocEx( IntPtr hProcess, IntPtr lpAddress, uint dwSize, uint flAllocationType, uint flProtect ); [DllImport("kernel32.dll")] static extern bool WriteProcessMemory( IntPtr hProcess, IntPtr lpBaseAddress, string lpBuffer, UIntPtr nSize, out IntPtr lpNumberOfBytesWritten ); [DllImport("kernel32.dll", CharSet = CharSet.Auto)] public static extern IntPtr GetModuleHandle( string lpModuleName ); [DllImport("kernel32", SetLastError = true, ExactSpelling = true)] internal static extern Int32 WaitForSingleObject( IntPtr handle, Int32 milliseconds );
Now the function that actually injects the dll:
There. There may be errors or things that are missing, hell, I dunno. Mess with it enough and you'll probably get it to work or maybe it'll help you learn.Code:public void InjectDLL(IntPtr hProcess, String strDLLName) { IntPtr bytesout; // Length of string containing the DLL file name +1 byte padding Int32 LenWrite = strDLLName.Length + 1; // Allocate memory within the virtual address space of the target process IntPtr AllocMem = (IntPtr)VirtualAllocEx(hProcess, (IntPtr)null, (uint)LenWrite, 0x1000, 0x40); //allocation pour WriteProcessMemory // Write DLL file name to allocated memory in target process WriteProcessMemory(hProcess, AllocMem, strDLLName, (UIntPtr)LenWrite, out bytesout); // Function pointer "Injector" UIntPtr Injector = (UIntPtr)GetProcAddress(GetModuleHandle("kernel32.dll"), "LoadLibraryA"); if (Injector == null) { // return failed return; } // Create thread in target process, and store handle in hThread IntPtr hThread = (IntPtr)CreateRemoteThread(hProcess, (IntPtr)null, 0, Injector, AllocMem, 0, out bytesout); // Make sure thread handle is valid if (hThread == null) { //incorrect thread handle ... return failed return; } // Time-out is 10 seconds... int Result = WaitForSingleObject(hThread, 10 * 1000); // Check whether thread timed out... if (Result == 0x00000080L || Result == 0x00000102L || Result == 0xFFFFFFFF) { /* Thread timed out... */ // Make sure thread handle is valid before closing... prevents crashes. if (hThread != null) { //Close thread in target process CloseHandle(hThread); } return; } // Sleep thread for 1 second Thread.Sleep(1000); // Clear up allocated space ( Allocmem ) VirtualFreeEx(hProcess, AllocMem, (UIntPtr)0, 0x8000); // Make sure thread handle is valid before closing... prevents crashes. if (hThread != null) { //Close thread in target process CloseHandle(hThread); } // return succeeded return; }//Dll injector
-
06-01-2011 #7Leecher
- Join Date
- May 2011
- Gender
- Posts
- 1
- Reputation
- 10
- Thanks
- 0
I just found this code and put it together so theres nothing missing.
Just need using DLLInject; and then call the function InjecDLL(IntPtr hProcess, String strDLLName);
Code:using System; using System.Collections.Generic; using System.Linq; using System.Text; using System.Runtime.InteropServices; using System.Threading; namespace DLLInjector { class DLLInjector { public void InjectDLL(IntPtr hProcess, String strDLLName) { IntPtr bytesout; // Length of string containing the DLL file name +1 byte padding Int32 LenWrite = strDLLName.Length + 1; // Allocate memory within the virtual address space of the target process IntPtr AllocMem = (IntPtr)VirtualAllocEx(hProcess, (IntPtr)null, (uint)LenWrite, 0x1000, 0x40); //allocation pour WriteProcessMemory // Write DLL file name to allocated memory in target process WriteProcessMemory(hProcess, AllocMem, strDLLName, (UIntPtr)LenWrite, out bytesout); // Function pointer "Injector" UIntPtr Injector = (UIntPtr)GetProcAddress(GetModuleHandle("kernel32.dll"), "LoadLibraryA"); if (Injector == null) { // return failed return; } // Create thread in target process, and store handle in hThread IntPtr hThread = (IntPtr)CreateRemoteThread(hProcess, (IntPtr)null, 0, Injector, AllocMem, 0, out bytesout); // Make sure thread handle is valid if (hThread == null) { //incorrect thread handle ... return failed return; } // Time-out is 10 seconds... int Result = WaitForSingleObject(hThread, 10 * 1000); // Check whether thread timed out... if (Result == 0x00000080L || Result == 0x00000102L || Result == 0xFFFFFFFF) { /* Thread timed out... */ // Make sure thread handle is valid before closing... prevents crashes. if (hThread != null) { //Close thread in target process CloseHandle(hThread); } return; } // Sleep thread for 1 second Thread.Sleep(1000); // Clear up allocated space ( Allocmem ) VirtualFreeEx(hProcess, AllocMem, (UIntPtr)0, 0x8000); // Make sure thread handle is valid before closing... prevents crashes. if (hThread != null) { //Close thread in target process CloseHandle(hThread); } // return succeeded return; } [DllImport("kernel32.dll")] public static extern IntPtr CreateRemoteThread( IntPtr hProcess, IntPtr lpThreadAttributes, uint dwStackSize, UIntPtr lpStartAddress, // raw Pointer into remote process IntPtr lpParameter, uint dwCreationFlags, out IntPtr lpThreadId ); [DllImport("kernel32.dll")] public static extern Int32 CloseHandle( IntPtr hObject ); [DllImport("kernel32.dll", SetLastError = true, ExactSpelling = true)] static extern bool VirtualFreeEx( IntPtr hProcess, IntPtr lpAddress, UIntPtr dwSize, uint dwFreeType ); [DllImport("kernel32.dll", CharSet = CharSet.Ansi, ExactSpelling = true)] public static extern UIntPtr GetProcAddress( IntPtr hModule, string procName ); [DllImport("kernel32.dll", SetLastError = true, ExactSpelling = true)] static extern IntPtr VirtualAllocEx( IntPtr hProcess, IntPtr lpAddress, uint dwSize, uint flAllocationType, uint flProtect ); [DllImport("kernel32.dll")] static extern bool WriteProcessMemory( IntPtr hProcess, IntPtr lpBaseAddress, string lpBuffer, UIntPtr nSize, out IntPtr lpNumberOfBytesWritten ); [DllImport("kernel32.dll", CharSet = CharSet.Auto)] public static extern IntPtr GetModuleHandle( string lpModuleName ); [DllImport("kernel32", SetLastError = true, ExactSpelling = true)] internal static extern Int32 WaitForSingleObject( IntPtr handle, Int32 milliseconds ); } }
-
06-02-2011 #8Hung like a rabbit
- Join Date
- Apr 2010
- Gender
- Location
- Posts
- 5,704
- Reputation
- 918
- Thanks
- 7,676
- My Mood
-
You should probably look up what functions actually return upon an error. None of those functions return NULL on failure so your 'error checking' won't really do anything. Originally Posted by haipahaipa
You can win the rat race, Originally Posted by Jeremy S. Anderson
But you're still nothing but a fucking RAT.
++Latest Projects++
[Open Source] Injection Library
Simple PE Cipher
FilthyHooker - Simple Hooking Class
CLR Injector - Inject .NET dlls with ease
Simple Injection - An in-depth look
MPGH's .NET SDK
eJect - Simple Injector
Basic PE Explorer (BETA)
-
06-03-2011 #9Choob
- Join Date
- May 2010
- Gender
- Posts
- 32
- Reputation
- 10
- Thanks
- 12
- My Mood
-
My C# Posts. (I code all my own code)
- Mouse Tracking Engine[Example]
Generic PCID Grabber
Basic Keyboard Hooks
C# Read/Write Process Memory
Coding Experiance:
- VB = None its GayShit.
- C# = 2 years (Indermediate/Advanced)
- C++ = 5 months (Beginner)
- HTML = 1 year (Beginner)