 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
Deine Mutter
Expert Cheater
 Reputation: 1
Joined: 05 Apr 2006
Posts: 181
|
 Posted: Sun Jul 20, 2008 6:05 pm Post subject: Simple Dll Injector |
 |
|
Hello,
I found this old Injector which I wrote some time ago. I thought about sharing it, although I don't think that it is very good (it is a simple console application ...). But I think it is good for people who wanna learn about DLL Injection, they might pick up some information out of the code. (the code is not commented, I think it is pretty self-explanatory)
Some basic information: Dll-Injection basically means that "you" make an other process to load your Dll, so it runs in the address space of this process and becomes a "part" of this process.
1. Open the target process
2. Write the path of the Dll in the target's memory
3. Create a thread in the target process which loads your Dll
This injector works in a very simple way. It asks for the process name and the dll name (btw, the Dll should be located in the same directory where the injector is). Then it waits for the process to appear (it is not a problem when the target process is already started) and then it injects the dll.
| Code: | #include <iostream>
#include <windows.h>
#include <tlhelp32.h>
using namespace std;
void WaitForProcessToAppear(char* cProcName, DWORD dwDelay){
HANDLE hProc;
PROCESSENTRY32 peProcess;
BOOL bAppeared = FALSE;
while(!bAppeared){
hProc = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
while(Process32Next(hProc, &peProcess)){
if(!strcmp(peProcess.szExeFile, cProcName)){
bAppeared = TRUE;
}
}
Sleep(dwDelay);
}
}
DWORD GetProcessIdByName(char* cProcName){
HANDLE hProc;
PROCESSENTRY32 peProcess;
hProc = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
while(Process32Next(hProc, &peProcess)){
if(!strcmp(peProcess.szExeFile, cProcName)){
return peProcess.th32ProcessID;
}
}
return -1;
}
BOOL InjectDll(DWORD dwPid, char* cDllPath){
HANDLE hProc;
DWORD dwMemSize, dwWritten, dwThreadId;
FARPROC hLoadLibrary;
LPVOID hRemoteMem;
hProc = OpenProcess(PROCESS_ALL_ACCESS, FALSE, dwPid);
if(hProc != NULL){
dwMemSize = strlen(cDllPath);
hLoadLibrary = GetProcAddress(GetModuleHandleA("kernel32.dll"), "LoadLibraryA");
if(hLoadLibrary != NULL){
hRemoteMem = VirtualAllocEx(hProc, NULL, dwMemSize, MEM_COMMIT, PAGE_READWRITE);
if(hRemoteMem != NULL){
if(WriteProcessMemory(hProc, hRemoteMem, (LPVOID)cDllPath, dwMemSize, &dwWritten)){
if(CreateRemoteThread(hProc, NULL, 0, (LPTHREAD_START_ROUTINE)hLoadLibrary, hRemoteMem, 0, &dwThreadId) != NULL){
return TRUE;
}
}
}
}
}
return FALSE;
}
int main(){
char cProcName[MAX_PATH], cDll[MAX_PATH], cDllPath[MAX_PATH];
while(1){
cout << "Process: ";
cin >> cProcName;
cout << "Dll: ";
cin >> cDll;
GetCurrentDirectory(MAX_PATH, cDllPath);
strcat(cDllPath, "\\");
strcat(cDllPath, cDll);
WaitForProcessToAppear(cProcName, 50);
if(InjectDll(GetProcessIdByName(cProcName), cDllPath)){
cout << "Injection successful!" << endl << endl;
}
else{
cout << "Injection failed!" << endl << endl;
}
}
return 0;
} |
_________________
|
|
| Back to top |
|
 |
oib111
I post too much
 Reputation: 0
Joined: 02 Apr 2007
Posts: 2947
Location: you wanna know why?
|
| Posted: Sun Jul 20, 2008 7:55 pm Post subject: |
|
|
This won't work anymore because of Windows new security. You can't open a process with PROCESS_ALL_ACCESS unless you change the privileges, but in this case you don't need to. You can just open it with: PROCESS_VM_OPERATION, PROCESS_VM_WRITE, and PROCESS_CREATE_THREAD.
_________________
| 8D wrote: |
cigs dont make people high, which weed does, which causes them to do bad stuff. like killing |
|
|
| Back to top |
|
|
Deine Mutter
Expert Cheater
Reputation: 1
Joined: 05 Apr 2006
Posts: 181
|
| Posted: Sun Jul 20, 2008 7:59 pm Post subject: |
|
|
Are u talking about Vista? Because I only tried it on xp and it worked fine .. but thanks for the comment
_________________
|
|
| Back to top |
|
|
oib111
I post too much
Reputation: 0
Joined: 02 Apr 2007
Posts: 2947
Location: you wanna know why?
|
| Posted: Sun Jul 20, 2008 8:14 pm Post subject: |
|
|
Doesn't work on XP, or at least not when I try it.
_________________
| 8D wrote: |
cigs dont make people high, which weed does, which causes them to do bad stuff. like killing |
|
|
| Back to top |
|
|
sponge
I'm a spammer
 Reputation: 1
Joined: 07 Nov 2006
Posts: 6009
|
| Posted: Sun Jul 20, 2008 8:16 pm Post subject: |
|
|
| oib111 wrote: | | Doesn't work on XP, or at least not when I try it. |
Are you talking about SP3? do not have yet
_________________
|
|
| Back to top |
|
|
atom0s
Moderator
 Reputation: 205
Joined: 25 Jan 2006
Posts: 8587
Location: 127.0.0.1
|
| Posted: Sun Jul 20, 2008 8:19 pm Post subject: |
|
|
Just adjust the token of the process to be able to use PROCESS_ALL_ACCESS. Otherwise, just use the needed access rights for what you are doing.
_________________
- Retired. |
|
| Back to top |
|
|
Deine Mutter
Expert Cheater
Reputation: 1
Joined: 05 Apr 2006
Posts: 181
|
| Posted: Sun Jul 20, 2008 8:25 pm Post subject: |
|
|
I'm using WinXp SP 3 and the code i posted works perfectly for me ...
_________________
|
|
| Back to top |
|
|
oib111
I post too much
Reputation: 0
Joined: 02 Apr 2007
Posts: 2947
Location: you wanna know why?
|
| Posted: Sun Jul 20, 2008 8:37 pm Post subject: |
|
|
I'm using SP2 and it doesn't work.
_________________
| 8D wrote: |
cigs dont make people high, which weed does, which causes them to do bad stuff. like killing |
|
|
| Back to top |
|
|
Overload
Master Cheater
 Reputation: 0
Joined: 08 Feb 2008
Posts: 293
|
| Posted: Sun Jul 20, 2008 11:59 pm Post subject: |
|
|
| oib111 wrote: | | This won't work anymore because of Windows new security. You can't open a process with PROCESS_ALL_ACCESS unless you change the privileges, but in this case you don't need to. You can just open it with: PROCESS_VM_OPERATION, PROCESS_VM_WRITE, and PROCESS_CREATE_THREAD. |
So would that be OpenProcess(PROCESS_VM_WRITE||PROCESS_CREATE_THREAD||etc);?
|
|
| Back to top |
|
|
oib111
I post too much
Reputation: 0
Joined: 02 Apr 2007
Posts: 2947
Location: you wanna know why?
|
| Posted: Mon Jul 21, 2008 12:10 am Post subject: |
|
|
Its '|', bitwise or, not '||', logical or.
_________________
| 8D wrote: |
cigs dont make people high, which weed does, which causes them to do bad stuff. like killing |
|
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
