02-23-2012, 13:58
(This post was last modified: 02-23-2012, 14:41 by Tomsen1410.)
Need help!
I have my little DLLInjector code and it can inject DLLs!
But...
it ONLY can inject a DLL in a process, when i already injected the DLL with Winject.
So i wrote a DLL to display a messageBox, when injected, and then ive tried to inject it to Notepad++...but it didnt work. But when i inject the DLL in notepad++ with Winject it works...and then when i try it with my Injector again it works, too o.0.
Also i cant inject the DLL to the basic notepad(not ++)...neither with my injector nor with Winject. Maybe because of 64bit stuff?
Anyways need help.
Here is the Injector source:
And here is the DLL source:
I have my little DLLInjector code and it can inject DLLs!
But...
it ONLY can inject a DLL in a process, when i already injected the DLL with Winject.
So i wrote a DLL to display a messageBox, when injected, and then ive tried to inject it to Notepad++...but it didnt work. But when i inject the DLL in notepad++ with Winject it works...and then when i try it with my Injector again it works, too o.0.
Also i cant inject the DLL to the basic notepad(not ++)...neither with my injector nor with Winject. Maybe because of 64bit stuff?
Anyways need help.
Here is the Injector source:
PHP Code:
#include <windows.h>
#include <tlhelp32.h>
#include <shlwapi.h>
#include "cus.h"
#define CREATE_THREAD_ACCESS (PROCESS_CREATE_THREAD | PROCESS_QUERY_INFORMATION | PROCESS_VM_OPERATION | PROCESS_VM_WRITE | PROCESS_VM_READ)
using namespace std;
//fr errorcode
DWORD dErr;
TCHAR sErrStatus[256];
//
DWORD ProcID;
bool InjectSuccess;
bool hasProcID;
string sDLLStatus;
string sProcessStatus;
string sEndStatus = "Press [F2] to quit";
string sCusInjectStatus = "Press [F1] to inject DLL";
char* DLLName = NULL;
char* ProcName = NULL;
string sProcName;
string sDLLName;
bool getProcID(char* cPName,DWORD *idAdd);
bool InjectDLL(DWORD pID);
void UI();
int main()
{
eigen::central("----------DLL INJECTOR---------");
cout << endl;
eigen::central("by Tomsen1410");
cout << endl;
eigen::central("-------------------------------");
cout << endl;
cout << endl;
cout << "Type in process name: ";
cin >> sProcName;
ProcName = new char[sProcName.length()];
strcpy(ProcName, sProcName.c_str());
cout << endl;
cout << "Type in the DLL name: ";
cin >> sDLLName;
DLLName = new char[sDLLName.length()];
strcpy(DLLName, sDLLName.c_str());
sDLLStatus = "-";
sProcessStatus = "-";
UI();
while(!InjectSuccess){
if(GetAsyncKeyState(VK_F1))
{
hasProcID = getProcID(ProcName,&ProcID);
InjectSuccess = InjectDLL(ProcID);
if(InjectSuccess){sEndStatus = "";sCusInjectStatus = "";}
UI();
Sleep(100);
}
if(GetAsyncKeyState(VK_F2))
{
return 0;
}
}
Beep(1600,200);
UI();
cout << endl << endl;
cout << "---INJECTED---"<<endl;
for(int i=3;i>0;i--){
cout << "Closing in " << i << endl;
Sleep(1000);
}
return 0;
}
bool getProcID(char* cPName,DWORD *idAdd){
bool isHere;
PROCESSENTRY32 pe32;
HANDLE hSnapShot;
hSnapShot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
if(hSnapShot == INVALID_HANDLE_VALUE){
dErr = GetLastError();
FormatMessage(FORMAT_MESSAGE_FROM_SYSTEM, NULL, dErr, MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT), (LPTSTR)sErrStatus,0,NULL);return false;}
pe32.dwSize = sizeof(PROCESSENTRY32);
isHere = Process32First(hSnapShot,&pe32);
while(isHere){
if(strcmp(cPName,pe32.szExeFile) == 0){
*idAdd = pe32.th32ProcessID;
CloseHandle(hSnapShot);
sProcessStatus = "--Fine--";
return true;}
isHere = Process32Next(hSnapShot,&pe32);
pe32.dwSize = sizeof(PROCESSENTRY32);
}
CloseHandle(hSnapShot);
sProcessStatus = "Process not found!";
return false;
}
bool InjectDLL(DWORD pID){
//check if DLL exists
ifstream fDLL(DLLName);
if(!fDLL){
sDLLStatus = "File not found!";
return false;}
HANDLE Proc;
HANDLE hWirt;
char buf[50]={0};
LPVOID RemoteString, LoadLibAddy;
Proc = OpenProcess(CREATE_THREAD_ACCESS, FALSE, pID);
if(!Proc)
{
dErr = GetLastError();
FormatMessage(FORMAT_MESSAGE_FROM_SYSTEM, NULL, dErr, MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT), (LPTSTR)sErrStatus,0,NULL);
return false;
}
LoadLibAddy = (LPVOID)GetProcAddress(GetModuleHandle("kernel32.dll"), "LoadLibraryA");
if(LoadLibAddy == NULL){
dErr = GetLastError();
FormatMessage(FORMAT_MESSAGE_FROM_SYSTEM, NULL, dErr, MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT), (LPTSTR)sErrStatus,0,NULL);
return false;}
RemoteString = (LPVOID)VirtualAllocEx(Proc, NULL, strlen(DLLName)+1, MEM_RESERVE|MEM_COMMIT, PAGE_READWRITE);
if(RemoteString == NULL){
dErr = GetLastError();
FormatMessage(FORMAT_MESSAGE_FROM_SYSTEM, NULL, dErr, MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT), (LPTSTR)sErrStatus,0,NULL);
return false;}
if(WriteProcessMemory(Proc, (LPVOID)RemoteString, DLLName, strlen(DLLName)+1, NULL) == 0){
dErr = GetLastError();
FormatMessage(FORMAT_MESSAGE_FROM_SYSTEM, NULL, dErr, MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT), (LPTSTR)sErrStatus,0,NULL);
return false;}
hWirt = CreateRemoteThread(Proc, NULL, NULL, (LPTHREAD_START_ROUTINE)LoadLibAddy, (LPVOID)RemoteString, NULL, NULL);
if(hWirt = NULL){
dErr = GetLastError();
FormatMessage(FORMAT_MESSAGE_FROM_SYSTEM, NULL, dErr, MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT), (LPTSTR)sErrStatus,0,NULL);
return false;}
sDLLStatus = "--Fine--";
CloseHandle(Proc);
return true;
}
//
void UI(){
system("CLS");
eigen::central("----------DLL INJECTOR---------");
cout << endl;
eigen::central("by Tomsen1410");
cout << endl;
eigen::central("-------------------------------");
cout << endl;
cout << endl;
cout << endl;
cout << sCusInjectStatus << endl;
cout << sEndStatus << endl << endl;
cout << "Process Status: " << sProcessStatus << endl;
cout << "DLL Status : " << sDLLStatus << endl;
if(sErrStatus != ""){
cout << endl;
cout << "Error: " << sErrStatus;}
}
And here is the DLL source:
PHP Code:
#include "main.h"
BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD fdwReason, LPVOID lpvReserved)
{
MessageBoxA(0, "test", "", 0);
return TRUE;
}
![[Image: ctoc.jpg]](https://programmingpalace.files.wordpress.com/2012/05/ctoc.jpg)
