|
You last visited: Today at 19:48
Advertisement
[REQUEST]Dll-Injector
Discussion on [REQUEST]Dll-Injector within the General Coding forum part of the Coders Den category.
03/13/2010, 17:31
|
#1
|
elite*gold: 60 
Join Date: Jun 2009
Posts: 717
Received Thanks: 431
|
[REQUEST]Dll-Injector
Hey wollte mal fragen, ob jmd nen noch nicht detecteten dll-injector kennt ?
->Bitte um schnelle Antwort !!
Vielen Dank Coladose 
|
|
|
|
03/13/2010, 17:47
|
#2
|
elite*gold: 1
Join Date: Feb 2009
Posts: 1,726
Received Thanks: 729
|
Dll Injectoren können detected werden?
Sehr interessant
Du meinst wahrscheinlich einen Hook oder eine Bypass DLL die über den injector ins Spiel injected werden kann oder
|
|
|
|
|
03/13/2010, 18:51
|
#3
|
elite*gold: 0
Join Date: Nov 2008
Posts: 161
Received Thanks: 38
|
Hf.
Code:
/**********************************************************************
This file is part of the Navigator library.
Navigator is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
any later version.
Navigator is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with Navigator. If not, see <http://www.gnu.org/licenses/>.
Navigator is a little library for writing custom gamecheats etc
Copyright (C) <2009> <flo8464 ( )>
**********************************************************************/
#ifndef __INJECTION_HPP__
#define __INJECTION_HPP__
//Definition Include
#include "ProcessDef.hpp"
namespace Navigator
{
void Process::injectModuleAndCallExport(const std::wstring& dllPath, const std::wstring& exportName, LPVOID functionParam) const
{
//Write path into targets memory
SafeRemoteMemory remotePathBuffer(allocateMemory((dllPath.length() + 1) * sizeof(wchar_t)), processHandle_);
writeWideString(remotePathBuffer, dllPath);
//Load kernel32.dll to get LoadLibraryW address
SafeModule kernel32(LoadLibraryW(L"kernel32.dll"));
if(!kernel32)
throw WinException("Process::injectModuleAndCallExport()", "LoadLibraryW()", GetLastError());
//Get LoadLibraryW address
DWORD_PTR addressLoadLibaryW = reinterpret_cast<DWORD_PTR>(customGetProcAddress(kernel32, "LoadLibraryW"));
if (!addressLoadLibaryW)
throw std::runtime_error("Process::injectModuleAndCallExport Error : customGetProcAddress() failed");
//Create remote Thread and wait until its finished
SafeHandle remoteThread(createThread(addressLoadLibaryW, remotePathBuffer, false, INFINITE));
//Get remote threads exit code
DWORD threadExitCode = 0;
if (!GetExitCodeThread(remoteThread, &threadExitCode))
throw WinException("Process::injectModuleAndCallExport()", "GetExitCodeThread()", GetLastError());
//Its zero, LoadLibraryW failed
if(!threadExitCode)
throw std::runtime_error("Process::injectLibraryAndCallExport Error : LoadLibraryW() in remote process failed");
//Call the export, if wanted
if(!exportName.empty() && exportName != L" ")
callExport(dllPath, exportName, functionParam);
}
void Process::ejectModule(const std::wstring& module, bool isPath) const
{
//Load kernel32.dll to get FreeLibrary's address
SafeModule kernel32(LoadLibraryW(L"kernel32.dll"));
if(!kernel32)
throw WinException("Process::ejectModule()", "LoadLibraryW()", GetLastError());
//Get FreeLibrary address
DWORD_PTR addressEjectLibrary = reinterpret_cast<DWORD_PTR>(customGetProcAddress(kernel32, "FreeLibrary"));
if (!addressEjectLibrary)
throw std::runtime_error("Process::ejectModule() Error : customGetProcAddress() failed");
DWORD_PTR moduleBase = getModuleBaseByName(module, isPath);
//Create remote Thread and wait until its finished
SafeHandle remoteThread(createThread(addressEjectLibrary, reinterpret_cast<LPVOID>(moduleBase), false, INFINITE));
//Get remote threads exit code
DWORD threadExitCode = 0;
if (!GetExitCodeThread(remoteThread, &threadExitCode))
throw WinException("Process::ejectModule()", "GetExitCodeThread()", GetLastError());
//Its zero, FreeLibrary failed
if(!threadExitCode)
throw std::runtime_error("Process::ejectModule() Error : FreeLibrary() in remote process failed");
}
/Written by Cypher, credit him
FARPROC Process::customGetProcAddress(HMODULE module, const std::string& functionName) const
{
PIMAGE_DOS_HEADER pDosHeader = reinterpret_cast<PIMAGE_DOS_HEADER>(module);
if(!pDosHeader || pDosHeader->e_magic != IMAGE_DOS_SIGNATURE)
throw std::runtime_error("Process::customGetProcAddress Error : DOS PE header is invalid.");
PIMAGE_NT_HEADERS pNtHeader = reinterpret_cast<PIMAGE_NT_HEADERS>(reinterpret_cast<PCHAR>(module) + pDosHeader->e_lfanew);
if(pNtHeader->Signature != IMAGE_NT_SIGNATURE)
throw std::runtime_error("Process::customGetProcAddress Error : NT PE header is invalid.");
PVOID pExportDirTemp = reinterpret_cast<PBYTE>(module) + pNtHeader->OptionalHeader.DataDirectory
[IMAGE_DIRECTORY_ENTRY_EXPORT].VirtualAddress;
PIMAGE_EXPORT_DIRECTORY pExportDir = reinterpret_cast<PIMAGE_EXPORT_DIRECTORY>(pExportDirTemp);
if(pExportDir->AddressOfNames == NULL)
throw std::runtime_error("Process::customGetProcAddress Error : Symbol names missing entirely.");
PDWORD pNamesRvas = reinterpret_cast<PDWORD>(reinterpret_cast<PBYTE>(module) + pExportDir->AddressOfNames);
PWORD pNameOrdinals = reinterpret_cast<PWORD>(reinterpret_cast<PBYTE>(module) + pExportDir->AddressOfNameOrdinals);
PDWORD pFunctionAddresses = reinterpret_cast<PDWORD>( reinterpret_cast<PBYTE>(module) + pExportDir->AddressOfFunctions);
for (DWORD n = 0; n < pExportDir->NumberOfNames; n++)
{
PSTR CurrentName = reinterpret_cast<PSTR>(reinterpret_cast<PBYTE>(module) + pNamesRvas[n]);
if(functionName == CurrentName)
{
WORD Ordinal = pNameOrdinals[n];
return reinterpret_cast<FARPROC>(reinterpret_cast<PBYTE>(module) + pFunctionAddresses[Ordinal]);
}
}
return 0;
}
DWORD Process::callExport(const std::wstring& moduleName, const std::wstring& exportName, LPVOID functionParam) const
{
//Get the modules baseaddress
DWORD_PTR moduleBase = getModuleBaseByName(moduleName, true);
if(!moduleBase)
throw std::runtime_error("Process::callExport Error : Module not found");
//Load module as data so we can read the EAT locally
SafeModule module(LoadLibraryExW(moduleName.c_str(), NULL, DONT_RESOLVE_DLL_REFERENCES));
if(!module)
throw WinException("Process::callExport()", "LoadLibraryExW()", GetLastError());
//Get module pointer
DWORD_PTR modulePointer = reinterpret_cast<DWORD_PTR>(module.get());
//Find export
std::string exportNameA(exportName.begin(), exportName.end());
DWORD_PTR exportAddress = reinterpret_cast<DWORD_PTR>(GetProcAddress(module, exportNameA.c_str()));
if (!exportAddress)
throw WinException("Process::callExport()", "GetProcAddress()", GetLastError());
//If image is relocated we need to recalculate the address
if(modulePointer != moduleBase)
exportAddress = moduleBase + (exportAddress - modulePointer);
//Call the remote thread and wait until it terminates
SafeHandle remoteThread(createThread(exportAddress, functionParam, false, INFINITE));
//Get thread exit code
DWORD exitCode = 0;
if (!GetExitCodeThread(remoteThread, &exitCode))
throw WinException("Process::callExport()", "GetExitCodeThread()", GetLastError());
return exitCode;
}
}
#endif //__INJECTION_HPP__
|
|
|
|
|
03/13/2010, 18:54
|
#4
|
elite*gold: 1
Join Date: Feb 2009
Posts: 1,726
Received Thanks: 729
|
wäre besser wenn du ihm die Exe gibts.
Er wird mit dem Code nichts anfangen können
|
|
|
|
|
03/13/2010, 20:00
|
#5
|
elite*gold: 0
Join Date: Oct 2009
Posts: 33
Received Thanks: 3
|
@General Desert
Jaa DLL können detected werden bei Spielen wie z.B Crossfire oder S4(was wahrscheinlich er spielt ) , bei diesen Spielen gibt es eine zusätzliche Sicherheitssoftware(XTRAP) die das spiel Stoppt wenn man dll injected hat // Ich brauchs zufällig auch für Crossfire wäre gut wenn flo8464 mehr infos dazu geben könnte 
€dit
GOOGLE SAGT :
Versuchs mal mit den , da steht zwar DETECTED aber ich GLAUBE der geht noch
MFG albanianstar ♣
|
|
|
|
|
03/13/2010, 22:07
|
#6
|
elite*gold: 7110
Join Date: Jun 2009
Posts: 28,903
Received Thanks: 25,407
|
Quote:
Originally Posted by albanianstar
@General Desert
Jaa DLL können detected werden bei Spielen wie z.B Crossfire oder S4(was wahrscheinlich er spielt ) , bei diesen Spielen gibt es eine zusätzliche Sicherheitssoftware(XTRAP) die das spiel Stoppt wenn man dll injected hat // Ich brauchs zufällig auch für Crossfire wäre gut wenn flo8464 mehr infos dazu geben könnte
€dit
GOOGLE SAGT :
Versuchs mal mit den , da steht zwar DETECTED aber ich GLAUBE der geht noch
MFG albanianstar ♣ |
meine güte.
es geht hier aber um dll injector 
Dll injector können nicht detected werden, da sie ja vorher gestartet werden.
nur die dll selbst!
deshalb regt es mich auch immer auf, wenn ich lese "perx is detected, den will ich nich!"
|
|
|
|
|
03/13/2010, 22:18
|
#7
|
elite*gold: 60
Join Date: Jun 2009
Posts: 717
Received Thanks: 431
|
Hey Sm!th, darum geht's mir nicht.. es geht darum, dass es doch noch nen anderen injector alsPerX geben sollte und wininject funzt bei mir nicht Xx
Quote:
Code:
/**********************************************************************
This file is part of the Navigator library.
Navigator is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
any later version.
Navigator is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with Navigator. If not, see <http://www.gnu.org/licenses/>.
Navigator is a little library for writing custom gamecheats etc
Copyright (C) <2009> <flo8464 ()>
**********************************************************************/
#ifndef __INJECTION_HPP__
#define __INJECTION_HPP__
//Definition Include
#include "ProcessDef.hpp"
namespace Navigator
{
void Process::injectModuleAndCallExport(const std::wstring& dllPath, const std::wstring& exportName, LPVOID functionParam) const
{
//Write path into targets memory
SafeRemoteMemory remotePathBuffer(allocateMemory((dllPath.length() + 1) * sizeof(wchar_t)), processHandle_);
writeWideString(remotePathBuffer, dllPath);
//Load kernel32.dll to get LoadLibraryW address
SafeModule kernel32(LoadLibraryW(L"kernel32.dll"));
if(!kernel32)
throw WinException("Process::injectModuleAndCallExport()", "LoadLibraryW()", GetLastError());
//Get LoadLibraryW address
DWORD_PTR addressLoadLibaryW = reinterpret_cast<DWORD_PTR>(customGetProcAddress(kernel32, "LoadLibraryW"));
if (!addressLoadLibaryW)
throw std::runtime_error("Process::injectModuleAndCallExport Error : customGetProcAddress() failed");
//Create remote Thread and wait until its finished
SafeHandle remoteThread(createThread(addressLoadLibaryW, remotePathBuffer, false, INFINITE));
//Get remote threads exit code
DWORD threadExitCode = 0;
if (!GetExitCodeThread(remoteThread, &threadExitCode))
throw WinException("Process::injectModuleAndCallExport()", "GetExitCodeThread()", GetLastError());
//Its zero, LoadLibraryW failed
if(!threadExitCode)
throw std::runtime_error("Process::injectLibraryAndCallExport Error : LoadLibraryW() in remote process failed");
//Call the export, if wanted
if(!exportName.empty() && exportName != L" ")
callExport(dllPath, exportName, functionParam);
}
void Process::ejectModule(const std::wstring& module, bool isPath) const
{
//Load kernel32.dll to get FreeLibrary's address
SafeModule kernel32(LoadLibraryW(L"kernel32.dll"));
if(!kernel32)
throw WinException("Process::ejectModule()", "LoadLibraryW()", GetLastError());
//Get FreeLibrary address
DWORD_PTR addressEjectLibrary = reinterpret_cast<DWORD_PTR>(customGetProcAddress(kernel32, "FreeLibrary"));
if (!addressEjectLibrary)
throw std::runtime_error("Process::ejectModule() Error : customGetProcAddress() failed");
DWORD_PTR moduleBase = getModuleBaseByName(module, isPath);
//Create remote Thread and wait until its finished
SafeHandle remoteThread(createThread(addressEjectLibrary, reinterpret_cast<LPVOID>(moduleBase), false, INFINITE));
//Get remote threads exit code
DWORD threadExitCode = 0;
if (!GetExitCodeThread(remoteThread, &threadExitCode))
throw WinException("Process::ejectModule()", "GetExitCodeThread()", GetLastError());
//Its zero, FreeLibrary failed
if(!threadExitCode)
throw std::runtime_error("Process::ejectModule() Error : FreeLibrary() in remote process failed");
}
/Written by Cypher, credit him
FARPROC Process::customGetProcAddress(HMODULE module, const std::string& functionName) const
{
PIMAGE_DOS_HEADER pDosHeader = reinterpret_cast<PIMAGE_DOS_HEADER>(module);
if(!pDosHeader || pDosHeader->e_magic != IMAGE_DOS_SIGNATURE)
throw std::runtime_error("Process::customGetProcAddress Error : DOS PE header is invalid.");
PIMAGE_NT_HEADERS pNtHeader = reinterpret_cast<PIMAGE_NT_HEADERS>(reinterpret_cast<PCHAR>(module) + pDosHeader->e_lfanew);
if(pNtHeader->Signature != IMAGE_NT_SIGNATURE)
throw std::runtime_error("Process::customGetProcAddress Error : NT PE header is invalid.");
PVOID pExportDirTemp = reinterpret_cast<PBYTE>(module) + pNtHeader->OptionalHeader.DataDirectory
[IMAGE_DIRECTORY_ENTRY_EXPORT].VirtualAddress;
PIMAGE_EXPORT_DIRECTORY pExportDir = reinterpret_cast<PIMAGE_EXPORT_DIRECTORY>(pExportDirTemp);
if(pExportDir->AddressOfNames == NULL)
throw std::runtime_error("Process::customGetProcAddress Error : Symbol names missing entirely.");
PDWORD pNamesRvas = reinterpret_cast<PDWORD>(reinterpret_cast<PBYTE>(module) + pExportDir->AddressOfNames);
PWORD pNameOrdinals = reinterpret_cast<PWORD>(reinterpret_cast<PBYTE>(module) + pExportDir->AddressOfNameOrdinals);
PDWORD pFunctionAddresses = reinterpret_cast<PDWORD>( reinterpret_cast<PBYTE>(module) + pExportDir->AddressOfFunctions);
for (DWORD n = 0; n < pExportDir->NumberOfNames; n++)
{
PSTR CurrentName = reinterpret_cast<PSTR>(reinterpret_cast<PBYTE>(module) + pNamesRvas[n]);
if(functionName == CurrentName)
{
WORD Ordinal = pNameOrdinals[n];
return reinterpret_cast<FARPROC>(reinterpret_cast<PBYTE>(module) + pFunctionAddresses[Ordinal]);
}
}
return 0;
}
DWORD Process::callExport(const std::wstring& moduleName, const std::wstring& exportName, LPVOID functionParam) const
{
//Get the modules baseaddress
DWORD_PTR moduleBase = getModuleBaseByName(moduleName, true);
if(!moduleBase)
throw std::runtime_error("Process::callExport Error : Module not found");
//Load module as data so we can read the EAT locally
SafeModule module(LoadLibraryExW(moduleName.c_str(), NULL, DONT_RESOLVE_DLL_REFERENCES));
if(!module)
throw WinException("Process::callExport()", "LoadLibraryExW()", GetLastError());
//Get module pointer
DWORD_PTR modulePointer = reinterpret_cast<DWORD_PTR>(module.get());
//Find export
std::string exportNameA(exportName.begin(), exportName.end());
DWORD_PTR exportAddress = reinterpret_cast<DWORD_PTR>(GetProcAddress(module, exportNameA.c_str()));
if (!exportAddress)
throw WinException("Process::callExport()", "GetProcAddress()", GetLastError());
//If image is relocated we need to recalculate the address
if(modulePointer != moduleBase)
exportAddress = moduleBase + (exportAddress - modulePointer);
//Call the remote thread and wait until it terminates
SafeHandle remoteThread(createThread(exportAddress, functionParam, false, INFINITE));
//Get thread exit code
DWORD exitCode = 0;
if (!GetExitCodeThread(remoteThread, &exitCode))
throw WinException("Process::callExport()", "GetExitCodeThread()", GetLastError());
return exitCode;
}
}
#endif //__INJECTION_HPP__
|
-> Ich hab kein VisualBasic (da es so weit ichs erkenne c++/c# ist...)
@Albanistar: Den hab ich schon und wenn man mit dme injectet wird man sofort wieder von gamesecurety gekickt ...
|
|
|
|
|
03/13/2010, 22:36
|
#8
|
elite*gold: 1
Join Date: Feb 2009
Posts: 1,726
Received Thanks: 729
|
probiere mal den von CE
|
|
|
|
|
03/13/2010, 22:38
|
#9
|
elite*gold: 0
Join Date: Nov 2009
Posts: 1,258
Received Thanks: 396
|
wenn man sowas liest
ich kann mich nur Mr Smith anschließen
Quote:
|
Den hab ich schon und wenn man mit dme injectet wird man sofort wieder von gamesecurety gekickt
|
nochmal zum mitlesen
es gibt keine UD oder Dt injectoren das ist einfach nur ein programm um die DLL in den prozess zu bringen
Ihr tut ja immer so als ob der injector ein rootkit ist das prozesshiding betreibt ^^
und nu denk doch lieber mal eine diese datei die sich DLL nennt vllt ist an der ja was faul
wenn es nicht geht dann wird es nicht gehen
da könnt ihr alle injectoren probieren die ihr findet wenn man durch sonstige anticheatprogramme gekickt/gebannt werdet wird es ganz sicher nicht am injector liegen
vllt solltet ihr euch lieber mal sowas anschauen bzw durchlesen
die erste zeile sagt doch schon alles
|
|
|
|
|
03/13/2010, 22:41
|
#10
|
elite*gold: 1
Join Date: Feb 2009
Posts: 1,726
Received Thanks: 729
|
Ihr habt alle recht, aber ich muss auch dazu sagen das die meisten Injectoren von OS abhängig sind.
Deswegen würde ich mal checken ob der Injector damit kompatibel ist.
Wenn ja, Dll checken ob alle Funktionen richtig gecallt werden
|
|
|
|
|
03/13/2010, 22:45
|
#11
|
elite*gold: 0
Join Date: Nov 2009
Posts: 1,258
Received Thanks: 396
|
nehme den OSH injector der ging bei mir bei XP 32 bit dann vista 64 bit und funzt jetzt bei win7 64 bit auch noch
meist ist nicht der injector schuld der muss ja einfach nur den prozesstreffen
|
|
|
|
|
03/13/2010, 22:46
|
#12
|
elite*gold: 1
Join Date: Feb 2009
Posts: 1,726
Received Thanks: 729
|
wenn er richtig gut ist, ist es egal.
aber wenn er "schlampig" programmiert wurde (bestimme Kriterien die nur ein spezielles OS hat) gehts nicht.
Ich habe auch mal einen unter XP gemacht und unter Win7 geht er nicht mehr weil...(weiß ebend auch nicht warum)
|
|
|
|
|
03/14/2010, 12:05
|
#13
|
elite*gold: 0
Join Date: Nov 2008
Posts: 161
Received Thanks: 38
|
Quote:
Originally Posted by General Desert
wäre besser wenn du ihm die Exe gibts.
Er wird mit dem Code nichts anfangen können
|
Wenn er das in der Coder-Section schreibt, gehe ich davon aus, dass er es selbst machen möchte.
Mein Code lässt sich 1:1 in jeder Sprache umsetzen, die DLL importieren kann (WinAPI), dh. in praktisch jeder.
|
|
|
|
|
03/14/2010, 13:57
|
#14
|
elite*gold: 20
Join Date: Oct 2006
Posts: 855
Received Thanks: 112
|
Quote:
Originally Posted by coladose
-> Ich hab kein VisualBasic (da es so weit ichs erkenne c++/c# ist...)
|
Ich überleg noch welche der Satzhälften jetzt grade der dümmere ist....
Der Injector wird nie erkannt nur die DLL selber, wäre ja auch sinnfrei o.O
|
|
|
|
|
03/14/2010, 14:07
|
#15
|
elite*gold: 1
Join Date: Feb 2009
Posts: 1,726
Received Thanks: 729
|
Richtig.
Visual Basic und C++/C# sind zwei ganz verschiedene Sprachen
|
|
|
|
Similar Threads
|
[Request] Need a Good Injector
09/06/2010 - CrossFire - 5 Replies
OMFGZ injector worked for me for crossfire but when i installed a new windows it doesnt work anymore dont know why....
Faith injector and all crossfire injector have virus so is there a clean injector?
|
request use cheetah injector
05/24/2010 - Grand Chase Hacks, Bots, Cheats & Exploits - 1 Replies
use cheetah injector for using hacks cheetah injector useful for using a hack example
remove all you see on screen except hack.dll
get a hack.dll any hack.dll and use injector browse hack.dll on injector dont open your GC type on rigth on choose progress type grandchase.exe tick auto inject and play GC and happy hacking
download cheetah injector here
|
REQUEST: X1NJCT INJECTOR
01/21/2010 - Soldier Front Philippines - 7 Replies
PLS POST LINK OR POST WHERE I CAN DOWNLOAD THE X1NJECT DLL INJCTOR.
|
[REQUEST]DLL Injector.
08/14/2009 - CO2 Private Server - 1 Replies
REQUEST #CLOSE , FOUND 1!
|
All times are GMT +1. The time now is 19:48.
|
|
![[REQUEST]Dll-Injector](https://www.elitepvpers.com/forum/iconimages/general-coding/request-dll-injector_ltr.gif){kind=small}
