API tools faq
paste
Advertisement
dkg_yt

ExOn

dkg_yt
Oct 12th, 2019
124
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.18 KB | None | 0 0
raw download clone embed print report
  1. public enum DllInjectionResult
  2. {
  3. DllNotFound,
  4. GameProcessNotFound,
  5. InjectionFailed,
  6. Success
  7. }
  8.  
  9. public sealed class DllInjector
  10. {
  11. static readonly IntPtr INTPTR_ZERO = (IntPtr)0;
  12.  
  13. [DllImport("kernel32.dll", SetLastError = true)]
  14. static extern IntPtr OpenProcess(uint dwDesiredAccess, int bInheritHandle, uint dwProcessId);
  15.  
  16. [DllImport("kernel32.dll", SetLastError = true)]
  17. static extern int CloseHandle(IntPtr hObject);
  18.  
  19. [DllImport("kernel32.dll", SetLastError = true)]
  20. static extern IntPtr GetProcAddress(IntPtr hModule, string lpProcName);
  21.  
  22. [DllImport("kernel32.dll", SetLastError = true)]
  23. static extern IntPtr GetModuleHandle(string lpModuleName);
  24.  
  25. [DllImport("kernel32.dll", SetLastError = true)]
  26. static extern IntPtr VirtualAllocEx(IntPtr hProcess, IntPtr lpAddress, IntPtr dwSize, uint flAllocationType, uint flProtect);
  27.  
  28. [DllImport("kernel32.dll", SetLastError = true)]
  29. static extern int WriteProcessMemory(IntPtr hProcess, IntPtr lpBaseAddress, byte[] buffer, uint size, int lpNumberOfBytesWritten);
  30.  
  31. [DllImport("kernel32.dll", SetLastError = true)]
  32. static extern IntPtr CreateRemoteThread(IntPtr hProcess, IntPtr lpThreadAttribute, IntPtr dwStackSize, IntPtr lpStartAddress,
  33. IntPtr lpParameter, uint dwCreationFlags, IntPtr lpThreadId);
  34.  
  35. static DllInjector _instance;
  36.  
  37. public static DllInjector GetInstance
  38. {
  39. get
  40. {
  41. if (_instance == null)
  42. {
  43. _instance = new DllInjector();
  44. }
  45. return _instance;
  46. }
  47. }
  48.  
  49. DllInjector() { }
  50.  
  51. public DllInjectionResult Inject(string sProcName, string sDllPath)
  52. {
  53. if (!File.Exists(sDllPath))
  54. {
  55. return DllInjectionResult.DllNotFound;
  56. }
  57.  
  58. uint _procId = 0;
  59.  
  60. Process[] _procs = Process.GetProcesses();
  61. for (int i = 0; i < _procs.Length; i++)
  62. {
  63. if (_procs[i].ProcessName == sProcName)
  64. {
  65. _procId = (uint)_procs[i].Id;
  66. break;
  67. }
  68. }
  69.  
  70. if (_procId == 0)
  71. {
  72. return DllInjectionResult.GameProcessNotFound;
  73. }
  74.  
  75. if (!bInject(_procId, sDllPath))
  76. {
  77. return DllInjectionResult.InjectionFailed;
  78. }
  79.  
  80. return DllInjectionResult.Success;
  81. }
  82.  
  83. bool bInject(uint pToBeInjected, string sDllPath)
  84. {
  85. IntPtr hndProc = OpenProcess((0x2 | 0x8 | 0x10 | 0x20 | 0x400), 1, pToBeInjected);
  86.  
  87. if (hndProc == INTPTR_ZERO)
  88. {
  89. return false;
  90. }
  91.  
  92. IntPtr lpLLAddress = GetProcAddress(GetModuleHandle("kernel32.dll"), "LoadLibraryA");
  93.  
  94. if (lpLLAddress == INTPTR_ZERO)
  95. {
  96. return false;
  97. }
  98.  
  99. IntPtr lpAddress = VirtualAllocEx(hndProc, (IntPtr)null, (IntPtr)sDllPath.Length, (0x1000 | 0x2000), 0X40);
  100.  
  101. if (lpAddress == INTPTR_ZERO)
  102. {
  103. return false;
  104. }
  105.  
  106. byte[] bytes = Encoding.ASCII.GetBytes(sDllPath);
  107.  
  108. if (WriteProcessMemory(hndProc, lpAddress, bytes, (uint)bytes.Length, 0) == 0)
  109. {
  110. return false;
  111. }
  112.  
  113. if (CreateRemoteThread(hndProc, (IntPtr)null, INTPTR_ZERO, lpLLAddress, lpAddress, 0, (IntPtr)null) == INTPTR_ZERO)
  114. {
  115. return false;
  116. }
  117.  
  118. CloseHandle(hndProc);
  119.  
  120. return true;
  121. }
  122. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!