Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- //using System;
- //using System.Collections.Generic;
- //using System.ComponentModel;
- //using System.Data;
- //using System.Drawing;
- //using System.Linq;
- //using System.Text;
- //using System.Threading.Tasks;
- //using System.Windows.Forms;
- //using System.Threading;
- //using System.Runtime.InteropServices;
- //using System.Diagnostics;
- //using System.IO;
- //using System.Reflection;
- //namespace kursOS
- //{
- // public partial class Form1 : Form
- // {
- // public Form1()
- // {
- // InitializeComponent();
- // }
- // private void button1_Click(object sender, EventArgs e)
- // {
- // // MessageBox.Show(Convert.ToString( ));
- // Injection.Execute();
- // }
- // }
- //}
- //public class Injection
- //{
- // [DllImport("kernel32.dll")]
- // public static extern IntPtr OpenProcess(int dwDesiredAccess, bool bInheritHandle, int dwProcessId);
- // [DllImport("kernel32.dll", CharSet = CharSet.Auto)]
- // public static extern IntPtr GetModuleHandle(string lpModuleName);
- // [DllImport("kernel32", CharSet = CharSet.Ansi, ExactSpelling = true, SetLastError = true)]
- // static extern IntPtr GetProcAddress(IntPtr hModule, string procName);
- // [DllImport("kernel32.dll", SetLastError = true, ExactSpelling = true)]
- // static extern IntPtr VirtualAllocEx(IntPtr hProcess,
- // IntPtr lpAddress,
- // uint dwSize,
- // uint flAllocationType,
- // uint flProtect);
- // [DllImport("kernel32.dll", SetLastError = true)]
- // static extern bool WriteProcessMemory(IntPtr hProcess,
- // IntPtr lpBaseAddress,
- // byte[] lpBuffer,
- // uint nSize,
- // out UIntPtr lpNumberOfBytesWritten);
- // [DllImport("kernel32.dll")]
- // static extern IntPtr CreateRemoteThread(IntPtr hProcess,
- // IntPtr lpThreadAttributes,
- // uint dwStackSize,
- // IntPtr lpStartAddress,
- // IntPtr lpParameter,
- // uint dwCreationFlags,
- // IntPtr lpThreadId);
- // // privileges
- // const int PROCESS_CREATE_THREAD = 0x0002;
- // const int PROCESS_QUERY_INFORMATION = 0x0400;
- // const int PROCESS_VM_OPERATION = 0x0008;
- // const int PROCESS_VM_WRITE = 0x0020;
- // const int PROCESS_VM_READ = 0x0010;
- // // used for memory allocation
- // const uint MEM_COMMIT = 0x00001000;
- // const uint MEM_RESERVE = 0x00002000;
- // const uint PAGE_READWRITE = 4;
- // public static bool isInjected = false;
- // [DllImport("kernel32.dll", SetLastError = true, CallingConvention = CallingConvention.Winapi)]
- // [return: MarshalAs(UnmanagedType.Bool)]
- // private static extern bool IsWow64Process(
- // [In] IntPtr hProcess,
- // [Out] out bool wow64Process
- // );
- // static bool is64BitProcess = (IntPtr.Size == 8);
- // static bool is64BitOperatingSystem = is64BitProcess || InternalCheckIsWow64();
- // public static int inject(string dllPath, Process tProcess)
- // {
- // Process targetProcess = tProcess;
- // string dllName = dllPath;
- // IntPtr procHandle = OpenProcess(PROCESS_CREATE_THREAD | PROCESS_QUERY_INFORMATION | PROCESS_VM_OPERATION | PROCESS_VM_WRITE | PROCESS_VM_READ, false, targetProcess.Id);
- // IntPtr loadLibraryAddr = GetProcAddress(GetModuleHandle("kernel32.dll"), "LoadLibraryA");
- // IntPtr allocMemAddress = VirtualAllocEx(procHandle, IntPtr.Zero, (uint)((dllName.Length + 1) * Marshal.SizeOf(typeof(char))), MEM_COMMIT | MEM_RESERVE, PAGE_READWRITE);
- // UIntPtr bytesWritten;
- // WriteProcessMemory(procHandle, allocMemAddress, Encoding.Default.GetBytes(dllName), (uint)((dllName.Length + 1) * Marshal.SizeOf(typeof(char))), out bytesWritten);
- // CreateRemoteThread(procHandle, IntPtr.Zero, 0, loadLibraryAddr, allocMemAddress, 0, IntPtr.Zero);
- // return 0;
- // }
- // public static void Execute()
- // {
- // string rawDLL = String.Empty;
- // if (is64BitOperatingSystem)
- // {
- // rawDLL = Path.Combine(Path.GetDirectoryName(Assembly.GetEntryAssembly().Location), "dllproj.dll");
- // }
- // else
- // {
- // rawDLL = Path.Combine(Path.GetDirectoryName(Assembly.GetEntryAssembly().Location), "dllproj.dll");
- // }
- // // Execution of injection
- // Process proc = Process.GetProcessesByName("mspaint")[0];
- // Injection.inject(rawDLL, proc);
- // isInjected = true;
- // }
- // public static Boolean isInjectedAlready()
- // {
- // if (isInjected)
- // {
- // return true;
- // }
- // else
- // {
- // return false;
- // }
- // }
- // public static bool InternalCheckIsWow64()
- // {
- // if ((Environment.OSVersion.Version.Major == 5 && Environment.OSVersion.Version.Minor >= 1) ||
- // Environment.OSVersion.Version.Major >= 6)
- // {
- // using (Process p = Process.GetCurrentProcess())
- // {
- // bool retVal;
- // if (!IsWow64Process(p.Handle, out retVal))
- // {
- // return false;
- // }
- // return retVal;
- // }
- // }
- // else
- // {
- // return false;
- // }
- // }
- //}
- /*
- using System;
- using System.Collections.Generic;
- using System.ComponentModel;
- using System.Data;
- using System.Drawing;
- using System.Text;
- using System.Windows.Forms;
- using System.Diagnostics;
- using System.Runtime.InteropServices;
- using System.Threading;
- namespace kursOS
- {
- public partial class Form1 : Form
- {
- public Form1()
- {
- InitializeComponent();
- }
- [DllImport("kernel32")]
- public static extern IntPtr CreateRemoteThread(
- IntPtr hProcess,
- IntPtr lpThreadAttributes,
- uint dwStackSize,
- UIntPtr lpStartAddress, // raw Pointer into remote process
- IntPtr lpParameter,
- uint dwCreationFlags,
- out IntPtr lpThreadId
- );
- [DllImport("kernel32.dll")]
- public static extern IntPtr OpenProcess(
- UInt32 dwDesiredAccess,
- Int32 bInheritHandle,
- Int32 dwProcessId
- );
- [DllImport("kernel32.dll")]
- public static extern Int32 CloseHandle(
- IntPtr hObject
- );
- [DllImport("kernel32.dll", SetLastError = true, ExactSpelling = true)]
- static extern bool VirtualFreeEx(
- IntPtr hProcess,
- IntPtr lpAddress,
- UIntPtr dwSize,
- uint dwFreeType
- );
- [DllImport("kernel32.dll", CharSet = CharSet.Ansi, ExactSpelling = true)]
- public static extern UIntPtr GetProcAddress(
- IntPtr hModule,
- string procName
- );
- [DllImport("kernel32.dll", SetLastError = true, ExactSpelling = true)]
- static extern IntPtr VirtualAllocEx(
- IntPtr hProcess,
- IntPtr lpAddress,
- uint dwSize,
- uint flAllocationType,
- uint flProtect
- );
- [DllImport("kernel32.dll")]
- static extern bool WriteProcessMemory(
- IntPtr hProcess,
- IntPtr lpBaseAddress,
- string lpBuffer,
- UIntPtr nSize,
- out IntPtr lpNumberOfBytesWritten
- );
- [DllImport("kernel32.dll", CharSet = CharSet.Auto)]
- public static extern IntPtr GetModuleHandle(
- string lpModuleName
- );
- [DllImport("kernel32", SetLastError = true, ExactSpelling = true)]
- internal static extern Int32 WaitForSingleObject(
- IntPtr handle,
- Int32 milliseconds
- );
- public Int32 GetProcessId(String proc)
- {
- Process[] ProcList;
- ProcList = Process.GetProcessesByName(proc);
- return ProcList[0].Id;
- }
- public void InjectDLL(IntPtr hProcess, String strDLLName)
- {
- IntPtr bytesout;
- // Length of string containing the DLL file name +1 byte padding
- Int32 LenWrite = strDLLName.Length + 1;
- // Allocate memory within the virtual address space of the target process
- IntPtr AllocMem = (IntPtr)VirtualAllocEx(hProcess, (IntPtr)null, (uint)LenWrite, 0x1000, 0x40); //allocation pour WriteProcessMemory
- // Write DLL file name to allocated memory in target process
- WriteProcessMemory(hProcess, AllocMem, strDLLName, (UIntPtr)LenWrite, out bytesout);
- // Function pointer "Injector"
- UIntPtr Injector = (UIntPtr)GetProcAddress(GetModuleHandle("kernel32.dll"), "LoadLibraryA");
- if (Injector == null)
- {
- MessageBox.Show(" Injector Error! \n ");
- // return failed
- return;
- }
- // Create thread in target process, and store handle in hThread
- IntPtr hThread = (IntPtr)CreateRemoteThread(hProcess, (IntPtr)null, 0, Injector, AllocMem, 0, out bytesout);
- // Make sure thread handle is valid
- if (hThread == null)
- {
- //incorrect thread handle ... return failed
- MessageBox.Show(" hThread [ 1 ] Error! \n ");
- return;
- }
- // Time-out is 10 seconds...
- int Result = WaitForSingleObject(hThread, 10 * 1000);
- // Check whether thread timed out...
- if (Result == 0x00000080L || Result == 0x00000102L || Result == 0xFFFFFFFF)
- {
- /* Thread timed out...
- MessageBox.Show(" hThread [ 2 ] Error! \n ");
- // Make sure thread handle is valid before closing... prevents crashes.
- if (hThread != null)
- {
- //Close thread in target process
- CloseHandle(hThread);
- }
- return;
- }
- // Sleep thread for 1 second
- Thread.Sleep(1000);
- // Clear up allocated space ( Allocmem )
- VirtualFreeEx(hProcess, AllocMem, (UIntPtr)0, 0x8000);
- // Make sure thread handle is valid before closing... prevents crashes.
- if (hThread != null)
- {
- //Close thread in target process
- CloseHandle(hThread);
- }
- // return succeeded
- return;
- }
- private void button1_Click(object sender, EventArgs e)
- {
- String strDLLName = "C:\\Users\\user\\source\\repos\\kursOS\\kursOS\\bin\\Debug\\dllproj.dll";
- String strProcessName = "mspaint";
- Int32 ProcID = GetProcessId(strProcessName);
- if (ProcID >= 0)
- {
- IntPtr hProcess = (IntPtr)OpenProcess(0x1F0FFF, 1, ProcID);
- if (hProcess == null)
- {
- MessageBox.Show("OpenProcess() Failed!");
- return;
- }
- else
- InjectDLL(hProcess, strDLLName);
- }
- }
- }
- }
- */
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement