C++

Forum

 
Help *DLL INJECTOR*

Repix (2)
I get some errors with this code, and it was just working!
Also some vars corrupt for no reason.
(I'm a beginner with c++)

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
 
#include <iostream>
#include <string>
#include <Windows.h>
#include <TlHelp32.h>
#include <fstream>
#include <stdio.h>
#include <sstream>
#include <direct.h>

using namespace std;
bool InjectDLL(DWORD ProcessId);
typedef HINSTANCE (*fpLoadLibrary)(char*);


int main(){
	//Getting this program's dir
	/*DWORD nBufferLength = MAX_PATH;
	char szCurrentDirectory[MAX_PATH + 1];
	GetCurrentDirectory(nBufferLength, szCurrentDirectory); 
	szCurrentDirectory[MAX_PATH +1 ] = '\0';
	stringstream Dir1;
	string Dir2;
	Dir1 << szCurrentDirectory;
	Dir1 >> Dir2;*/

	//cout<<szCurrentDirectory<<endl;

	//Reading Config File
	ifstream inFile;
	inFile.open("config.txt");
	if(inFile.fail()){
		cerr<<"Error Opening Config.txt"<<endl;
		exit(1);
	}

	
	string File,Process;

	inFile>>File>>Process;
	

	cout<<"DLL to inject: "<<File<<endl;
	cout<<"Process to inject into: "<<Process<<endl;

	char FileToInject[1024]; //Converting File to FileToInject
	strcpy(FileToInject, File.c_str());

	char ProcessName[1024]; //Converting Process to ProcessName
	strcpy(ProcessName, Process.c_str());
	
	//Actually Injecting
	

	DWORD processId = NULL;

	PROCESSENTRY32 pe32 = {sizeof(PROCESSENTRY32)};
	HANDLE hProcSnap;
	
	Sleep(3000);

	while(!processId){
		system("CLS");
		cout<<"Searching for: "<<ProcessName<<endl;
		cout<<"Make sure "<<ProcessName<<" is running!"<<endl;
		hProcSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);

		if(Process32First(hProcSnap, &pe32)){
			do{
				if(!strcmp(pe32.szExeFile, ProcessName)){
					processId = pe32.th32ProcessID;
					break;
				}
			}while(Process32Next(hProcSnap, &pe32));
		}
		Sleep(1000);
	}
	while(!InjectDLL(processId)){
		system("CLS");
		cout<<"DLL failed to inject!"<<endl;
		Sleep(1000);
	}
	cout<<"DLL Injection Successful!"<<endl<<endl;
	cout<<"Closing injector in 3 seconds!"<<endl;
	CloseHandle(hProcSnap);
	Sleep(3000);
	exit(1);
	return 0;
}
 bool InjectDLL(DWORD ProcessId){
	//Reading Config File
	ifstream inFile;
	inFile.open("config.txt");
	if(inFile.fail()){
		cerr<<"Error Opening Config.txt"<<endl;
		exit(1);
	}
	string File,Process;

	inFile>>File>>Process;

	char FileToInject[1024]; //Converting File to FileToInject
	strcpy(FileToInject, File.c_str());

	char ProcessName[1024]; //Converting Process to ProcessName
	strcpy(ProcessName, Process.c_str());

	//Getting this program's dir
	DWORD nBufferLength = MAX_PATH;
	char szCurrentDirectory[MAX_PATH + 10000];
	GetCurrentDirectory(MAX_PATH, szCurrentDirectory); 
	szCurrentDirectory[MAX_PATH +1000 ] = '\0';

	HANDLE hProc;
	LPVOID paramAddr;
	
	HINSTANCE hDll = LoadLibrary("KERNEL32");

	strcat(szCurrentDirectory, "\\");
	strcat(szCurrentDirectory, FileToInject);
	cout<<szCurrentDirectory<<endl;
	
	fpLoadLibrary LoadLibraryAddr = (fpLoadLibrary)GetProcAddress(hDll, "LoadLibraryA");

	hProc = OpenProcess(PROCESS_ALL_ACCESS, false, ProcessId);

	paramAddr = VirtualAllocEx(hProc, 0, strlen(szCurrentDirectory)+10000, MEM_COMMIT, PAGE_READWRITE);
	
	bool memoryWritten = WriteProcessMemory(hProc, paramAddr, szCurrentDirectory, strlen(szCurrentDirectory)+10000, NULL);

	CreateRemoteThread(hProc, 0, 0,(LPTHREAD_START_ROUTINE)LoadLibraryAddr, paramAddr, 0, 0);

	CloseHandle(hProc);
	return memoryWritten;
}
integralfx (897)
Why do you unnecessarily open "config.txt" in main() and in InjectDll() ?
- You could either read it in main() and pass the information read to InjectDll() as parameters
OR
- Just read it in InjectDll().

Line 101 to 105
There is no need to allocate 2 extra variables for no reason. If you need to concatenate, use std::string::append().

Line 109, 111 and 126
What are with these magic constants? Namely, 10000 and 1000.

the maximum length for a path is MAX_PATH, which is defined as 260 characters.

https://msdn.microsoft.com/en-au/library/windows/desktop/aa365247%28v=vs.85%29.aspx#maxpath

I would recommend to add some if-else statements for checking the validity of variables.
For example, Line 124, what happens if OpenProcess() fails? Something simple like this would suffice:
1
2
3
4
5
6
 
hProc = OpenProcess(PROCESS_ALL_ACCESS, false, ProcessId);
if(!hProc || hProc == INVALID_HANDLE_VALUE) {
	std::cout << "Failed to OpenProcess!" << "\t" "Error: " << GetLastError() << "\n";
	return false
}
// otherwise hProc is a valid handle, move on . . .


Oh and by the way, you forgot to deallocate the memory you allocated.


(I'm a beginner with c++)

- I would recommend you learn the basics first.

1
2
3
4
5
 
while(!InjectDLL(processId)){
		system("CLS");
		cout<<"DLL failed to inject!"<<endl;
		Sleep(1000);
	}

This code keeps calling InjectDLL() until it returns true. So if the injection fails, you have yourself an infinite loop.


HMODULE WINAPI LoadLibrary(
_In_ LPCTSTR lpFileName
);

As you can see LoadLibrary() takes an LPCTSTR.

LPCTSTR is a const TCHAR string, (TCHAR being either a wide char or char depending on whether UNICODE is defined in your project)

http://stackoverflow.com/questions/321413/lpcstr-lpctstr-and-lptstr
Last edited on
Topic archived. No new replies allowed.