Jump to content
YOUR-AD-HERE
HOSTING
TOOLS
992Proxy

Locked Inject Dll [By M3]

Expermicid

By INACTIVE Expermicid
in AutoIT

 Share

Recommended Posts

Expermicid Aspiring Hacker

INACTIVE Expermicid

Posted
Posted (edited)

Testeado en XP e W732 , no ay probado en otros SO

dejo el Code e una Dll para probar el funcionamiento

 

MsgBox DLL ==>>

This is the hidden content, please

 

[lenguaje=autoit]Const $sProcess = "Anotador.exe"

Const $sDLLtoInject = @ScriptDir & "\MsgBox.dll"

Const $sKernel32 = DllOpen("Kernel32")

 

 

#cs========================================================#

 

Autor : M3

Proposito : Injetar una Dll en un processo

Flecha: 18/08/2012

Uso :sInjectMyDll(ProcessExists($sProcess), $sDLLtoInject)

 

#ce========================================================#

 

 

sInjectMyDll(ProcessExists($sProcess), $sDLLtoInject)

 

Func sInjectMyDll($sProcess, $sDLLtoInject)

 

 

 

Local $sHandle, $sRemote, $sGetModuleHandle, $sLoadLibrary, $sThread

 

 

$sHandle = OpenProcess(2035711, 0, $sProcess)

 

 

$sRemote = VirtualAllocEx($sHandle, 0, 4096, 4096, 4)

 

 

 

 

For $i = 0 To StringLen($sDLLtoInject)

 

 

$sReturn = DllCall($sKernel32, "none", "WriteProcessMemory", "int", $sHandle, "int", $sRemote + $i, "int*", _

Asc(StringMid($sDLLtoInject, $i + 1, 1)), "int", 1, "int", 0)

 

 

Next

 

 

 

$sGetModuleHandle = DllCall($sKernel32, "long", "GetModuleHandleA", "str", "Kernel32")

 

 

 

$sGetModuleHandle = $sGetModuleHandle[0]

 

 

 

$sLoadLibrary = DllCall($sKernel32, "long", "GetProcAddress", "long", $sGetModuleHandle, "str", "LoadLibraryA")

 

 

 

$sLoadLibrary = $sLoadLibrary[0]

 

 

 

$sThread = CreateRemoteThread ($sHandle, 0, 0, $sLoadLibrary, $sRemote, 0, 0)

 

 

 

If $sThread > 0 Then

 

$sThread = True

 

Else

 

MsgBox ("","Erro en la Injeccion","Processo a injetar no existe")

 

SetError(-1)

 

Return 1

 

EndIf

 

 

 

CloseHandle ($sThread)

CloseHandle ($sHandle)

 

 

Return 1

 

 

EndFunc

 

 

Func OpenProcess($iAccess, $bInherit, $iProcessID)

 

Local $bResult = DllCall("Kernel32", "int", "OpenProcess", "int", $iAccess, "int", $bInherit, "int", $iProcessID)

If @error Or Not IsArray($bResult) Then Return SetError(-1)

Return $bResult[0]

 

EndFunc

 

 

 

 

Func VirtualAllocEx($hProcess, $pAddress, $iSize, $iAllocation, $iProtect)

 

Local $bResult = DllCall("Kernel32", "ptr", "VirtualAllocEx", "int", $hProcess, "ptr", $pAddress, "int", $iSize, "int", $iAllocation, "int", $iProtect)

If @error Or Not IsArray($bResult) Then Return SetError(-1)

Return $bResult[0]

 

EndFunc

 

 

 

 

Func CloseHandle($hObject)

 

Local $bResult = DllCall("Kernel32", "int", "CloseHandle", "int", $hObject)

If @error Or Not IsArray($bResult) Then Return SetError(-1)

Return $bResult[0]

 

EndFunc

 

 

 

 

Func CreateRemoteThread($hProcess, $lpThreadAttributes, $dwStackSize, $lpStartAddress, $lpParameter, $dwCreationFlags, $lpThreadId)

 

Local $Return

$Return = DllCall("Kernel32", "int", "CreateRemoteThread", "int", $hProcess, "ptr", $lpThreadAttributes, "int", $dwStackSize, "int", $lpStartAddress, "ptr", $lpParameter, "int", $dwCreationFlags, "int", $lpThreadId)

Return $Return[0]

 

EndFunc[/lenguaje]

 

Autor: M3

Edited by Expermicid
Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.