A simple DLL injector by me (Source Code)

1. //  Written by Snyp3rEli7E
2. //  You can change and distribute this program however you want, but please write the original author in a comment: Snyp3rEli7E
3.  
4. #include <Windows.h>
5. #include <iostream>
6. #include <string>
7.  
8. HANDLE GetHandle(LPCSTR windowname)
9. {
10.     HWND hWnd = FindWindowA(0, windowname);
11.     std::cout << "Waiting for " << windowname << "..." << std::endl;
12.     while (!hWnd){
13.         hWnd = FindWindowA(0, windowname);
14.         Sleep(250);
15.  
16.     }
17.     system("CLS");
18.     DWORD pId;
19.  
20.     GetWindowThreadProcessId(hWnd, &pId);
21.  
22.     HANDLE hProc = OpenProcess(PROCESS_VM_READ | PROCESS_VM_WRITE | PROCESS_VM_OPERATION | PROCESS_QUERY_INFORMATION | PROCESS_CREATE_THREAD, FALSE, pId);
23.     int hprocerror = GetLastError();
24.     if (!hProc) {
25.         std::cerr << "Cannot open process. Error No. " << hprocerror << " happened.\n Try running this program in administrator mode." << std::endl;
26.         std::cin.get();
27.         return 0;
28.     }
29.     else{
30.         return hProc;
31.     }
32. }
33. DWORD AllocString(HANDLE hwnd, const char* ToAlloc, size_t strsize){
34.     PVOID addr = VirtualAllocEx(hwnd, NULL, strsize, MEM_COMMIT | MEM_RESERVE, PAGE_EXECUTE_READWRITE);
35.     WriteProcessMemory(hwnd, addr, ToAlloc, strsize, NULL);
36.     return (DWORD)addr;
37.  
38. }
39.  
40. int main(int argc, char** argv){
41.     SetConsoleTitleA("Simple DLL Injector by   Snyp3rEli7E");
42.     DWORD LLa= (DWORD)LoadLibraryA;             //Get LoadLibraryA address
43.     std::string DllPath;
44.  
45.     if (argc > 1) DllPath = argv[1];            //Get the path if the dll is dragged onto the injector
46.     else {
47.             std::cout << "Write the entire DLL path:" << std::endl;
48.             std::getline(std::cin, DllPath);    //Otherwise, get the path from userinput
49.         }
50.  
51.     std::string option;
52.     std::cout << "Are you sure the correct path of the DLL to inject is: " << DllPath << " ? (Y/N)" << std::endl;
53.     std::getline(std::cin, option);
54.  
55.     if (tolower(option[0]) == 'n') {
56.         system("cls");
57.         main(1,argv);
58.     }
59.  
60.     std::string WindowName;
61.     std::cout << "Write window title of the process: ";
62.     std::getline(std::cin, WindowName);
63.     HANDLE hwnd = GetHandle(WindowName.c_str());
64.  
65.     char Payload[13] = { 0xB8, 0x00, 0x00, 0x00, 0x00, 0x68, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xD0, 0xC3 };
66.  
67.     /*
68.     MOV EAX,00000000    ; LoadLibraryA Address here later
69.     PUSH 00000000       ; Allocated DLL path Address here later
70.     CALL EAX            ;
71.     RET                 ;
72.     */
73.  
74.     *(DWORD*)(Payload + 1) = LLa;                                   //Modify the Payload by adding LoadLibraryA address
75.     *(DWORD*)(Payload + 6) = AllocString(hwnd,DllPath.c_str(),DllPath.size());  //Modify the Payload by adding the allocated string address
76.  
77.     DWORD PayloadAddr = AllocString(hwnd, Payload, sizeof(Payload));
78.     CreateRemoteThread(hwnd, 0, 0, (LPTHREAD_START_ROUTINE)PayloadAddr, 0, 0, 0);
79.    
80.     std::cout << "Dll Injected.\nYou can close this now." << std::endl;
81.     system("PAUSE>NUL");
82.    
83. }