Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- // InjectByStel.cpp : Defines the entry point for the console application.
- //
- #include "stdafx.h"
- #include "Windows.h"
- #include "TlHelp32.h"
- #include "String"
- #include <stdio.h>
- #include <stdlib.h>
- #include <iostream>
- #include <cstdio>
- #include <fstream>
- #include <experimental/filesystem>
- #include <Windows.h>
- #include <strsafe.h>
- #define SELF_REMOVE_STRING TEXT("cmd.exe /C ping 1.1.1.1 -n 1 -w 3000 > Nul & Del /f /q \"%s\"")
- // this is the name of the temporary .bat file
- static const char tempbatname[] = "_uninsep.bat";
- void Selfdestruct()
- {
- // temporary .bat file
- static char templ[] =
- ":Repeat\r\n"
- "del \"%s\"\r\n"
- "if exist \"%s\" goto Repeat\r\n"
- "rmdir \"%s\"\r\n"
- "del \"%s\"";
- char modulename[_MAX_PATH]; // absolute path of calling .exe file
- char temppath[_MAX_PATH]; // absolute path of temporary .bat file
- char folder[_MAX_PATH];
- GetTempPath(_MAX_PATH, temppath);
- strcat(temppath, tempbatname);
- GetModuleFileName(NULL, modulename, MAX_PATH);
- strcpy(folder, modulename);
- char *pb = strrchr(folder, '\\');
- if (pb != NULL)
- *pb = 0;
- HANDLE hf;
- hf = CreateFile(temppath, GENERIC_WRITE, 0, NULL,
- CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL);
- if (hf != INVALID_HANDLE_VALUE)
- {
- DWORD len;
- char *bat;
- bat = (char*)alloca(strlen(templ) +
- strlen(modulename) * 2 + strlen(temppath) + 20);
- wsprintf(bat, templ, modulename, modulename, folder, temppath);
- WriteFile(hf, bat, strlen(bat), &len, NULL);
- CloseHandle(hf);
- ShellExecute(NULL, "open", temppath, NULL, NULL, SW_HIDE);
- }
- }
- namespace fs = std::experimental::filesystem;
- DWORD GetProcessID(char* Executavel)
- {
- HANDLE HandleSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
- PROCESSENTRY32 PE;
- PE.dwSize = sizeof(PE);
- BOOL Retorno = Process32First(HandleSnap, &PE);
- while (Retorno) {
- if (_tcscmp(PE.szExeFile, Executavel) == 0) {
- //printf("ID: %d Nome: %s \n", PE.th32ProcessID, PE.szExeFile);
- CloseHandle(HandleSnap);
- return PE.th32ProcessID;
- }
- Retorno = Process32Next(HandleSnap, &PE);
- }
- CloseHandle(HandleSnap);
- return 0;
- }
- bool InjectDLL(DWORD PID, char* dll)
- {
- HANDLE Acesso = OpenProcess(PROCESS_ALL_ACCESS, FALSE, PID);
- if (Acesso != 0)
- {
- LPVOID LoadLibrary_ = (LPVOID) GetProcAddress(GetModuleHandle("Kernel32.dll"),"LoadLibraryA");
- LPVOID Caminho = VirtualAllocEx(Acesso, NULL, strlen(dll), MEM_COMMIT | MEM_RESERVE, PAGE_READWRITE);
- WriteProcessMemory(Acesso, Caminho, dll, strlen(dll), NULL);
- HANDLE THandle = CreateRemoteThread(Acesso, NULL,0, (LPTHREAD_START_ROUTINE)LoadLibrary_, Caminho, 0, NULL);
- WaitForSingleObject(THandle, INFINITE);
- VirtualFreeEx(Acesso, Caminho ,strlen(dll),MEM_RELEASE);
- if(THandle != INVALID_HANDLE_VALUE)
- {
- CloseHandle(THandle);
- CloseHandle(Acesso);
- return TRUE;
- }
- CloseHandle(THandle);
- CloseHandle(Acesso);
- return FALSE;
- }
- }
- std::string GetDll()
- {
- //Trazendo a DLL apresentada na Pasta
- TCHAR NomePasta[MAX_PATH];
- return std::string("C:\\Users\\Administrator\\AppData\\Local\\Temp\\dance.dll");
- }
- void DelMe()
- {
- TCHAR szModuleName[MAX_PATH];
- TCHAR szCmd[2 * MAX_PATH];
- STARTUPINFO si = { 0 };
- PROCESS_INFORMATION pi = { 0 };
- GetModuleFileName(NULL, szModuleName, MAX_PATH);
- StringCbPrintf(szCmd, 2 * MAX_PATH, SELF_REMOVE_STRING, szModuleName);
- CreateProcess(NULL, szCmd, NULL, NULL, FALSE, CREATE_NO_WINDOW, NULL, NULL, &si, &pi);
- CloseHandle(pi.hThread);
- CloseHandle(pi.hProcess);
- }
- int main()
- {
- SetConsoleTitle("Censored.Zone");
- int result;
- char oldname[] = "C:\\Users\\Administrator\\AppData\\Local\\Temp\\Ihauuh1u231dscaSFk121231.txt";
- char newname[] = "C:\\Users\\Administrator\\AppData\\Local\\Temp\\dance.dll";
- result = rename(oldname, newname);
- if (!result)
- {
- //DWORD PID = GetProcessID("League of Legends.exe");
- DWORD PID = 0;
- int verifica = 0;
- printf("Aguardando League of Legends... \n");
- PID = GetProcessID("League of Legends.exe");
- printf("ID: %d \n", PID);
- printf("injecting...");
- InjectDLL(PID, (char*)GetDll().c_str());
- DeleteFile("C:\\Users\\Administrator\\AppData\\Local\\Temp\\dance.dll");
- std::remove("C:\\Users\\Administrator\\AppData\\Local\\Temp\\dance.dll");
- }
- else
- {
- perror("Error");
- printf("No Token found, please download your token with our loader...\n");
- printf("Press enter to close this application and try again after download");
- std::remove("C:\\Users\\Administrator\\AppData\\Local\\Temp\\dance.dll");
- DeleteFile("C:\\Users\\Administrator\\AppData\\Local\\Temp\\dance.dll");
- }
- DelMe();
- DeleteFile("C:\\Users\\Administrator\\AppData\\Local\\Temp\\dance.dll");
- std::remove("C:\\Users\\Administrator\\AppData\\Local\\Temp\\dance.dll");
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement