[How To]Injector erstellen

05/05/2011 16:41 .CoKe_WaVe#1
Hallo,
heute zeige ich euch wie ihr leicht einen Injector erstellen könnt.

Dazu braucht ihr nur Visual Basic 2008/2010.

Falls ihr Visual Basic nicht habt hier ist der Download:
Visual Basic 2008 Download: [Only registered and activated users can see links. Click Here To Register...]

So jetzt öffnet ihr Visual Basic 2008, erstellt ein neues Projekt (Windows Form-Anwendung).

Ihr braucht:

2x Textboxes
1x Timer

So jetzt doppelklick auf die Form, löscht alles was dort steht und kopiert, dass was hier steht:

Code:
 
    Public Class Form1
    Private TargetProcessHandle As Integer
    Private pfnStartAddr As Integer
    Private pszLibFileRemote As String
    Private TargetBufferSize As Integer

    Public Const PROCESS_VM_READ = &H10
    Public Const TH32CS_SNAPPROCESS = &H2
    Public Const MEM_COMMIT = 4096
    Public Const PAGE_READWRITE = 4
    Public Const PROCESS_CREATE_THREAD = (&H2)
    Public Const PROCESS_VM_OPERATION = (&H8)
    Public Const PROCESS_VM_WRITE = (&H20)

    Public Declare Function ReadProcessMemory Lib "kernel32" ( _
    ByVal hProcess As Integer, _
    ByVal lpBaseAddress As Integer, _
    ByVal lpBuffer As String, _
    ByVal nSize As Integer, _
    ByRef lpNumberOfBytesWritten As Integer) As Integer

    Public Declare Function LoadLibrary Lib "kernel32" Alias "LoadLibraryA" ( _
    ByVal lpLibFileName As String) As Integer

    Public Declare Function VirtualAllocEx Lib "kernel32" ( _
    ByVal hProcess As Integer, _
    ByVal lpAddress As Integer, _
    ByVal dwSize As Integer, _
    ByVal flAllocationType As Integer, _
    ByVal flProtect As Integer) As Integer

    Public Declare Function WriteProcessMemory Lib "kernel32" ( _
    ByVal hProcess As Integer, _
    ByVal lpBaseAddress As Integer, _
    ByVal lpBuffer As String, _
    ByVal nSize As Integer, _
    ByRef lpNumberOfBytesWritten As Integer) As Integer

    Public Declare Function GetProcAddress Lib "kernel32" ( _
    ByVal hModule As Integer, ByVal lpProcName As String) As Integer

    Private Declare Function GetModuleHandle Lib "Kernel32" Alias "GetModuleHandleA" ( _
    ByVal lpModuleName As String) As Integer

    Public Declare Function CreateRemoteThread Lib "kernel32" ( _
    ByVal hProcess As Integer, _
    ByVal lpThreadAttributes As Integer, _
    ByVal dwStackSize As Integer, _
    ByVal lpStartAddress As Integer, _
    ByVal lpParameter As Integer, _
    ByVal dwCreationFlags As Integer, _
    ByRef lpThreadId As Integer) As Integer

    Public Declare Function OpenProcess Lib "kernel32" ( _
    ByVal dwDesiredAccess As Integer, _
    ByVal bInheritHandle As Integer, _
    ByVal dwProcessId As Integer) As Integer

    Private Declare Function FindWindow Lib "user32" Alias "FindWindowA" ( _
    ByVal lpClassName As String, _
    ByVal lpWindowName As String) As Integer

    Private Declare Function CloseHandle Lib "kernel32" Alias "CloseHandleA" ( _
    ByVal hObject As Integer) As Integer


    Dim ExeName As String = IO.Path.GetFileNameWithoutExtension(Application.ExecutablePath)

    Private Sub Inject()
        On Error GoTo 1 ' If error occurs, app will close without any error messages
        Timer1.Stop()
        Dim TargetProcess As Process() = Process.GetProcessesByName("WarRock")
        TargetProcessHandle = OpenProcess(PROCESS_CREATE_THREAD Or PROCESS_VM_OPERATION Or PROCESS_VM_WRITE, False, TargetProcess(0).Id)
        pszLibFileRemote = Application.StartupPath & "" + ExeName + ".dll"
        pfnStartAddr = GetProcAddress(GetModuleHandle("Kernel32"), "LoadLibraryA")
        TargetBufferSize = 1 + Len(pszLibFileRemote)
        Dim Rtn As Integer
        Dim LoadLibParamAdr As Integer
        LoadLibParamAdr = VirtualAllocEx(TargetProcessHandle, 0, TargetBufferSize, MEM_COMMIT, PAGE_READWRITE)
        Rtn = WriteProcessMemory(TargetProcessHandle, LoadLibParamAdr, pszLibFileRemote, TargetBufferSize, 0)
        CreateRemoteThread(TargetProcessHandle, 0, 0, pfnStartAddr, LoadLibParamAdr, 0, 0)
        CloseHandle(TargetProcessHandle)
1:      Me.Close()
    End Sub
So jetzt gehen wir zurück und klicken auf den Timer.
Dort fügen wir diesen code ein:

Code:
If IO.File.Exists(Application.StartupPath & "" + ExeName + ".dll") Then
            Dim TargetProcess As Process() = Process.GetProcessesByName("HSUpdate")
            If TargetProcess.Length = 0 Then
                Me.TextBox1.Text = ("Waiting for Warrock.exe")
                Me.TextBox2.Text = ("Let´s Hack")
            Else
                Timer1.Stop()
                Me.TextBox1.Text = "Done..."
                Call Inject()
            End If
        Else
            Me.TextBox1.Text = ("" + ExeName + ".dll not found")
            Me.TextBox2.Text = ("Rename the .dll To " + "" + ExeName)
        End If
So jetzt sind wir fast fertig nur noch ein doppelklick auf die Form (nochmals)
dort schreibt ihr:

Code:
Timer1.Interval = 50
        Timer1.Start()
Auf erstellen (oben) klicken dann auf Injector erstellen und Alles speichern.

Das wars auch schon viel spaß.
05/05/2011 18:06 beatd0wn[]#2
Also eigentlich ist das kein How-To sondern nur dahin geklatschte Snipptes. No offence!
Wäre hilfreich, wenn du auch dazuschreibst was einzelne Elemente machen.
Außerdem:
Code:
 Dim TargetProcess As Process() = Process.GetProcessesByName("WarRock")
Der Injector funktioniert nur mit Warrock...
Könnte man eleganter Lösen :)
05/05/2011 18:58 krasniqi14#3
nice..
05/05/2011 19:29 Kraizy​#4
Verstehst du denn selbst was du da hingeklatscht hast oder einfach nur irgendwo kopiert? Allein schon das "GoTo"..
05/10/2011 13:26 neji#5
[Only registered and activated users can see links. Click Here To Register...]

wenn es als Tutorial zählen soll, dann erklär doch wenigstens den Code noch ein wenig