Page 1 of 1
Process injection Question
Posted: Sat Sep 30, 2006 3:29 pm
by netfriends
I have used the code To inject the test.dll To taskgmr.exe
enter.exe
Code: Select all
#PROCESS_VM_OPERATION = $8
#PROCESS_VM_READ = $10
#PROCESS_VM_WRITE = $20
#PAGE_READWRITE = $4
#MEM_COMMIT = $1000
Procedure FindPID(process.s)
For i=1 To 2000
If FindString(LCase(GetProcessName(i)),process,0)>0
Break
EndIf
Next
ProcedureReturn i
EndProcedure
hProcess=OpenProcess_(#PROCESS_CREATE_THREAD | #PROCESS_VM_OPERATION | #PROCESS_VM_WRITE,#False,FindPID("taskmgr.exe"))
dllfilename.s="E:\LibraryDesigner\test.dll"
dllsize.l=Len(dllfilename)+1
lpbuf=VirtualAllocEx_(hProcess,#Null,dllsize,#MEM_COMMIT,#PAGE_READWRITE)
myreturn=WriteProcessMemory_(hProcess,lpbuf,dllfilename,dllsize,temp)
pFunc=GetProcAddress_(LoadLibrary_("kernel32.dll"),"LoadLibraryA")
myresult=CreateRemoteThread_(hProcess,#Null,0,pFunc,lpbuf,0,temp32)
CloseHandle_(myresult)
CloseHandle_(hProcess)
test.dll
Code: Select all
ProcedureDLL AttachProcess(Instance)
OpenWindow(1, 257, 0, 600, 300, #PB_Window_SystemMenu | #PB_Window_SizeGadget | #PB_Window_TitleBar ,PeekS(GetCommandLine_()))
Repeat
Until WaitWindowEvent()=#PB_Event_CloseWindow
EndProcedure
when I use loop keywords To wait the messages
The target Process (taskmgr.exe) will be uncontrol
How can I write the code with loop keywords?
I turn the code from C++,thanks For correct
Posted: Sun Oct 01, 2006 12:25 pm
by netfriends
Add on (still waiting)
Posted: Sun Oct 01, 2006 12:27 pm
by Inf0Byt3
Try using a thread in the DLL... If you need further help i can try to make you some code.
Posted: Sun Oct 01, 2006 12:40 pm
by Inf0Byt3
The DLL:
Test.dll
Code: Select all
Procedure Attached(Dummy.l)
OpenWindow(1, 257, 0, 600, 300, "Test", #PB_Window_SystemMenu | #PB_Window_SizeGadget | #PB_Window_TitleBar)
Repeat
event = WaitWindowEvent()
Until event = #PB_Event_CloseWindow
EndProcedure
ProcedureDLL AttachProcess(Instance)
CreateThread(@Attached(),0)
EndProcedure
The program:
Test.exe
Code: Select all
#PROCESS_VM_OPERATION = $8
#PROCESS_VM_READ = $10
#PROCESS_VM_WRITE = $20
#PAGE_READWRITE = $4
#MEM_COMMIT = $1000
Procedure FindPID(process.s)
For i=1 To 2000
If FindString(LCase(GetProcessName(i)),process,0)>0
Break
EndIf
Next
ProcedureReturn i
EndProcedure
Procedure InjectDLL(DllFileName$,ProcessID.l)
Protected Result.l,Size.l,Process.l,RemoteMem.l,BytesWritten.l,LoadLibrary_Address.l,hThread.l
Result=#False
Size=Len(DllFileName$)+1
Process=OpenProcess_(#PROCESS_ALL_ACCESS,0,ProcessID)
If Process
RemoteMem=VirtualAllocEx_(Process,#Null,Size,#MEM_COMMIT,#PAGE_READWRITE)
If RemoteMem
WriteProcessMemory_(Process,RemoteMem,DllFileName$,Size,@BytesWritten);BytesWritten can be #Null....
If BytesWritten=>Size
If OpenLibrary(0,"Kernel32.dll")
LoadLibrary_Address=GetFunction(0,"LoadLibraryA")
CloseLibrary(0)
If LoadLibrary_Address
hThread=CreateRemoteThread_(Process,#Null,#Null,LoadLibrary_Address,RemoteMem,#Null,#Null)
If hThread
WaitForSingleObject_(hThread, #INFINITE)
GetExitCodeThread_(hThread,@Result)
EndIf
EndIf
EndIf
EndIf
VirtualFreeEx_(Process,RemoteMem,Size,#MEM_DECOMMIT)
EndIf
CloseHandle_(Process)
EndIf
ProcedureReturn Result
EndProcedure
InjectDLL(GetCurrentDirectory()+"test.dll",3312) ;PUT THE PID HERE!!!
Is this what you need??
Posted: Sun Oct 01, 2006 1:08 pm
by netfriends
Yeah Inf0Byt3 ! Thanks for your help.
Posted: Sun Oct 01, 2006 1:44 pm
by Inf0Byt3
No problem
.