API tools faq
paste
Advertisement
Guest User

AriaBlade DllInjection

a guest
Mar 24th, 2018
86
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 6.51 KB | None | 0 0
raw download clone embed print report
  1. using System;
  2. using System.Diagnostics;
  3. using System.IO;
  4. using System.Runtime.InteropServices;
  5. using System.Text;
  6.  
  7. namespace AriaBlade
  8. {
  9. internal class DllInjection
  10. {
  11. public enum DllInjectionResult
  12. {
  13. DllNotFound,
  14. GameProcessNotFound,
  15. InjectionFailed,
  16. Success
  17. }
  18.  
  19. public sealed class DllInjector
  20. {
  21. private static readonly IntPtr INTPTR_ZERO;
  22.  
  23. private static DllInjection.DllInjector _instance;
  24.  
  25. public static DllInjection.DllInjector GetInstance
  26. {
  27. get
  28. {
  29. bool flag = DllInjection.DllInjector._instance == null;
  30. if (flag)
  31. {
  32. DllInjection.DllInjector._instance = new DllInjection.DllInjector();
  33. }
  34. return DllInjection.DllInjector._instance;
  35. }
  36. }
  37.  
  38. static DllInjector()
  39. {
  40. DllInjection.DllInjector.INTPTR_ZERO = (IntPtr)0;
  41. }
  42.  
  43. private DllInjector()
  44. {
  45. }
  46.  
  47. private bool bInject(uint pToBeInjected, string sDllPath)
  48. {
  49. IntPtr intPtr = DllInjection.DllInjector.OpenProcess(1082u, 1, pToBeInjected);
  50. bool flag = intPtr == DllInjection.DllInjector.INTPTR_ZERO;
  51. bool result;
  52. if (flag)
  53. {
  54. result = false;
  55. }
  56. else
  57. {
  58. IntPtr procAddress = DllInjection.DllInjector.GetProcAddress(DllInjection.DllInjector.GetModuleHandle("kernel32.dll"), "LoadLibraryA");
  59. bool flag2 = procAddress == DllInjection.DllInjector.INTPTR_ZERO;
  60. if (flag2)
  61. {
  62. result = false;
  63. }
  64. else
  65. {
  66. IntPtr intPtr2 = DllInjection.DllInjector.VirtualAllocEx(intPtr, (IntPtr)0, (IntPtr)sDllPath.Length, 12288u, 64u);
  67. bool flag3 = intPtr2 == DllInjection.DllInjector.INTPTR_ZERO;
  68. if (flag3)
  69. {
  70. result = false;
  71. }
  72. else
  73. {
  74. byte[] bytes = Encoding.ASCII.GetBytes(sDllPath);
  75. bool flag4 = DllInjection.DllInjector.WriteProcessMemory(intPtr, intPtr2, bytes, (uint)bytes.Length, 0) == 0;
  76. if (flag4)
  77. {
  78. result = false;
  79. }
  80. else
  81. {
  82. bool flag5 = DllInjection.DllInjector.CreateRemoteThread(intPtr, (IntPtr)0, DllInjection.DllInjector.INTPTR_ZERO, procAddress, intPtr2, 0u, (IntPtr)0) == DllInjection.DllInjector.INTPTR_ZERO;
  83. if (flag5)
  84. {
  85. result = false;
  86. }
  87. else
  88. {
  89. DllInjection.DllInjector.CloseHandle(intPtr);
  90. result = true;
  91. }
  92. }
  93. }
  94. }
  95. }
  96. return result;
  97. }
  98.  
  99. [DllImport("kernel32.dll", SetLastError = true)]
  100. private static extern int CloseHandle(IntPtr hObject);
  101.  
  102. [DllImport("kernel32.dll", SetLastError = true)]
  103. private static extern IntPtr CreateRemoteThread(IntPtr hProcess, IntPtr lpThreadAttribute, IntPtr dwStackSize, IntPtr lpStartAddress, IntPtr lpParameter, uint dwCreationFlags, IntPtr lpThreadId);
  104.  
  105. [DllImport("kernel32.dll", SetLastError = true)]
  106. private static extern IntPtr GetModuleHandle(string lpModuleName);
  107.  
  108. [DllImport("kernel32.dll", SetLastError = true)]
  109. private static extern IntPtr GetProcAddress(IntPtr hModule, string lpProcName);
  110.  
  111. public DllInjection.DllInjectionResult Inject(string sProcName, string sDllPath)
  112. {
  113. bool flag = !File.Exists(sDllPath);
  114. DllInjection.DllInjectionResult result;
  115. if (flag)
  116. {
  117. result = DllInjection.DllInjectionResult.DllNotFound;
  118. }
  119. else
  120. {
  121. uint num = 0u;
  122. Process[] processes = Process.GetProcesses();
  123. for (int i = 0; i < processes.Length; i++)
  124. {
  125. bool flag2 = processes[i].ProcessName != sProcName;
  126. if (!flag2)
  127. {
  128. num = (uint)processes[i].Id;
  129. break;
  130. }
  131. }
  132. bool flag3 = num == 0u;
  133. if (flag3)
  134. {
  135. result = DllInjection.DllInjectionResult.GameProcessNotFound;
  136. }
  137. else
  138. {
  139. bool flag4 = !this.bInject(num, sDllPath);
  140. if (flag4)
  141. {
  142. result = DllInjection.DllInjectionResult.InjectionFailed;
  143. }
  144. else
  145. {
  146. result = DllInjection.DllInjectionResult.Success;
  147. }
  148. }
  149. }
  150. return result;
  151. }
  152.  
  153. [DllImport("kernel32.dll", SetLastError = true)]
  154. private static extern IntPtr OpenProcess(uint dwDesiredAccess, int bInheritHandle, uint dwProcessId);
  155.  
  156. [DllImport("kernel32.dll", SetLastError = true)]
  157. private static extern IntPtr VirtualAllocEx(IntPtr hProcess, IntPtr lpAddress, IntPtr dwSize, uint flAllocationType, uint flProtect);
  158.  
  159. [DllImport("kernel32.dll", SetLastError = true)]
  160. private static extern int WriteProcessMemory(IntPtr hProcess, IntPtr lpBaseAddress, byte[] buffer, uint size, int lpNumberOfBytesWritten);
  161. }
  162. }
  163. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!