Post by smc44 on Jan 2, 2009 15:38:58 GMT -5
This is a tutorial that explains some things about DLL Inection and gives you code for a DLL Injector, it also gives some tips and advice
First Open Create Two Files, One Called SettingsDLLName, and the other called.ini , SettingsWindowName.ini, in the first file put the name and directory of the DLL you would like to inject, and in the second file put the name of the window you would like to inject the DLL in to, example: Combat_Arms, copy this code and build it creting the .exe, put the .exe in the same directory as the two file you created earlier, now run the program that you named in the SettingsWindowName.ini, then run the DLL Injector, then it will Prompt you telling you whether the DLL was injected into the .exe, you can make a DLL and make it do what you want, but for now just try to use someone elses .
Things You Can Do:
>> Add To This Code, Find The .exe by its process name instead of window name
>> Edit it so that it can bypass or hack combat arms
>> Add any function of your choice
First Open Create Two Files, One Called SettingsDLLName, and the other called.ini , SettingsWindowName.ini, in the first file put the name and directory of the DLL you would like to inject, and in the second file put the name of the window you would like to inject the DLL in to, example: Combat_Arms, copy this code and build it creting the .exe, put the .exe in the same directory as the two file you created earlier, now run the program that you named in the SettingsWindowName.ini, then run the DLL Injector, then it will Prompt you telling you whether the DLL was injected into the .exe, you can make a DLL and make it do what you want, but for now just try to use someone elses .
/// DLL Injector
/// Created By: <Your Name Here!>
////////////////////////////////
#include <iostream.h>
#include <windows.h>
#include <stdio.h>
#include <fstream.h>
using namespace std;
int DLLInject(HWND hWnd, char *InjectName);
int main()
{
system("color 4f");
cout << "DLL Injector" << endl;
cout << "**** Created By: <Your Name Here!> ****" << endl;
cout << "" << endl;
ifstream SettingsDLLName("SettingsDLLName.ini", ios::in);
if(SettingsDLLName.is_open())
cout << "Opened SettingsDLLName.ini!" << endl;
else
cout << "Failed To Open DLLName!" << endl;
ifstream SettingsWindowName("SettingsWindowName.ini", ios::in);
if(SettingsWindowName.is_open())
cout << "Opened SettingsWindowName.ini!" << endl;
else
cout << "Failed To Open WindowName!" << endl;
cout << "" << endl;
char LineDLL[256];
char LineWindow[256];
cout << "DLL Name Detected: ";
while(!SettingsDLLName.eof())
{
SettingsDLLName.getline(LineDLL, 100);
cout << LineDLL << endl;
cout << "********" << endl;
}
while(!SettingsWindowName.eof())
{
SettingsWindowName.getline(LineWindow, 100);
cout << "Process Name Detected: " << LineWindow << endl;
}
cout << "" << endl;
char *DLLName = LineDLL;
HWND hW = 0;
hW = FindWindow(LineWindow, NULL);
if(!hW)
{
cout << "Window Does Not Exist!" << endl;
system("PAUSE");
return(0);
}
if(DLLInject(hW, DLLName))
{
cout << "DLL Injected!" << endl;
system("PAUSE");
}
else
{
cout << "Failed To Inject DLL!" << endl;
system("PAUSE");
}
return(0);
}
int DLLInject(HWND hWnd, char *InjectName)
{
DWORD PID;
HANDLE hProcess, hThread;
DWORD BytesWrote;
LPVOID MemX;
GetWindowThreadProcessId(hWnd, &PID);
hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, PID);
if(!hProcess)
return(0);
MemX = VirtualAllocEx(hProcess, NULL, strlen(InjectName), MEM_RESERVE|MEM_COMMIT, PAGE_READWRITE);
if(MemX == NULL)
{
CloseHandle(hProcess);
return 0;
}
if(WriteProcessMemory(hProcess, MemX, (LPVOID)InjectName, strlen(InjectName), &BytesWrote))
{
hThread = CreateRemoteThread(hProcess, NULL, 0, (LPTHREAD_START_ROUTINE)GetProcAddress(GetModuleHandle("KERNEL32.DLL"), "LoadLibraryA"), MemX, 0, NULL);
if(!hThread)
{
VirtualFreeEx(hProcess,NULL,strlen(InjectName),MEM_RESERVE|MEM_COMMIT);
CloseHandle(hProcess);
return 0;
}
VirtualFreeEx(hProcess,NULL,strlen(InjectName),MEM_RESERVE|MEM_COMMIT);
CloseHandle(hThread);
CloseHandle(hProcess);
return(1);
}
VirtualFreeEx(hProcess,NULL,strlen(InjectName),MEM_RESERVE|MEM_COMMIT);
CloseHandle(hProcess);
return(0);
system("PAUSE");
}
/// End Of DLL Injector
Things You Can Do:
>> Add To This Code, Find The .exe by its process name instead of window name
>> Edit it so that it can bypass or hack combat arms
>> Add any function of your choice