Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- using System;
- using System.Collections.Generic;
- using System.Diagnostics;
- using System.IO;
- using System.IO.Pipes;
- using System.Linq;
- using System.Net;
- using System.Runtime.InteropServices;
- using System.Text;
- using System.Threading;
- using System.Threading.Tasks;
- using System.Windows.Forms;
- namespace DeepAPI
- {
- class ExploitAPI
- {
- public enum DllInjectionResult
- {
- DllNotFound,
- GameProcessNotFound,
- InjectionFailed,
- Success
- }
- public static string exploitdllname = "Rozu.dll";
- public static string luapipename = "DeepAPI";
- [DllImport("kernel32.dll", CharSet = CharSet.Auto, SetLastError = true)]
- [return: MarshalAs(UnmanagedType.Bool)]
- public static extern bool WaitNamedPipe(string name, int timeout);
- public static bool NamedPipeExist(string pipeName)
- {
- try
- {
- if (!WaitNamedPipe($"\\\\.\\pipe\\{pipeName}", 0))
- {
- int lastWin32Error = Marshal.GetLastWin32Error();
- if (lastWin32Error == 0)
- {
- return false;
- }
- if (lastWin32Error == 2)
- {
- return false;
- }
- }
- return true;
- }
- catch (Exception)
- {
- return false;
- }
- }
- public void LuaPipe(string script)
- {
- if (NamedPipeExist(luapipename))
- {
- new Thread(() =>
- {
- try
- {
- using (NamedPipeClientStream namedPipeClientStream = new NamedPipeClientStream(".", luapipename, PipeDirection.Out))
- {
- namedPipeClientStream.Connect();
- using (StreamWriter streamWriter = new StreamWriter(namedPipeClientStream, System.Text.Encoding.Default, 999999))
- {
- streamWriter.Write(script);
- streamWriter.Dispose();
- }
- namedPipeClientStream.Dispose();
- }
- }
- catch (IOException)
- {
- MessageBox.Show("Error occured connecting to the pipe.", "Connection Failed!", MessageBoxButtons.OK, MessageBoxIcon.Hand);
- }
- catch (Exception ex)
- {
- MessageBox.Show(ex.Message.ToString());
- }
- }).Start();
- }
- else
- {
- MessageBox.Show("Inject " + exploitdllname + " before Using this!", "Error", MessageBoxButtons.OK, MessageBoxIcon.Exclamation);
- return;
- }
- }
- public sealed class DllInjector
- {
- static readonly IntPtr INTPTR_ZERO = (IntPtr)0;
- [DllImport("kernel32.dll", SetLastError = true)]
- static extern IntPtr OpenProcess(uint dwDesiredAccess, int bInheritHandle, uint dwProcessId);
- [DllImport("kernel32.dll", SetLastError = true)]
- static extern int CloseHandle(IntPtr hObject);
- [DllImport("kernel32.dll", SetLastError = true)]
- static extern IntPtr GetProcAddress(IntPtr hModule, string lpProcName);
- [DllImport("kernel32.dll", SetLastError = true)]
- static extern IntPtr GetModuleHandle(string lpModuleName);
- [DllImport("kernel32.dll", SetLastError = true)]
- static extern IntPtr VirtualAllocEx(IntPtr hProcess, IntPtr lpAddress, IntPtr dwSize, uint flAllocationType, uint flProtect);
- [DllImport("kernel32.dll", SetLastError = true)]
- static extern int WriteProcessMemory(IntPtr hProcess, IntPtr lpBaseAddress, byte[] buffer, uint size, int lpNumberOfBytesWritten);
- [DllImport("kernel32.dll", SetLastError = true)]
- static extern IntPtr CreateRemoteThread(IntPtr hProcess, IntPtr lpThreadAttribute, IntPtr dwStackSize, IntPtr lpStartAddress,
- IntPtr lpParameter, uint dwCreationFlags, IntPtr lpThreadId);
- static DllInjector _instance;
- public static DllInjector GetInstance
- {
- get
- {
- if (_instance == null)
- {
- _instance = new DllInjector();
- }
- return _instance;
- }
- }
- DllInjector() { }
- public DllInjectionResult Inject(string sProcName, string sDllPath)
- {
- if (!File.Exists(sDllPath))
- {
- return DllInjectionResult.DllNotFound;
- }
- uint _procId = 0;
- Process[] _procs = Process.GetProcesses();
- for (int i = 0; i < _procs.Length; i++)
- {
- if (_procs[i].ProcessName == sProcName)
- {
- _procId = (uint)_procs[i].Id;
- break;
- }
- }
- if (_procId == 0)
- {
- return DllInjectionResult.GameProcessNotFound;
- }
- if (!bInject(_procId, sDllPath))
- {
- return DllInjectionResult.InjectionFailed;
- }
- return DllInjectionResult.Success;
- }
- bool bInject(uint pToBeInjected, string sDllPath)
- {
- IntPtr hndProc = OpenProcess((0x2 | 0x8 | 0x10 | 0x20 | 0x400), 1, pToBeInjected);
- if (hndProc == INTPTR_ZERO)
- {
- return false;
- }
- IntPtr lpLLAddress = GetProcAddress(GetModuleHandle("kernel32.dll"), "LoadLibraryA");
- if (lpLLAddress == INTPTR_ZERO)
- {
- return false;
- }
- IntPtr lpAddress = VirtualAllocEx(hndProc, (IntPtr)null, (IntPtr)sDllPath.Length, (0x1000 | 0x2000), 0X40);
- if (lpAddress == INTPTR_ZERO)
- {
- return false;
- }
- byte[] bytes = Encoding.ASCII.GetBytes(sDllPath);
- if (WriteProcessMemory(hndProc, lpAddress, bytes, (uint)bytes.Length, 0) == 0)
- {
- return false;
- }
- if (CreateRemoteThread(hndProc, (IntPtr)null, INTPTR_ZERO, lpLLAddress, lpAddress, 0, (IntPtr)null) == INTPTR_ZERO)
- {
- return false;
- }
- CloseHandle(hndProc);
- return true;
- }
- }
- // Token: 0x06000035 RID: 53
- [DllImport("kernel32", CharSet = CharSet.Ansi, SetLastError = true)]
- internal static extern IntPtr LoadLibraryA(string lpFileName);
- // Token: 0x06000036 RID: 54
- [DllImport("kernel32", CharSet = CharSet.Ansi, ExactSpelling = true, SetLastError = true)]
- internal static extern UIntPtr GetProcAddress(IntPtr hModule, string procName);
- // Token: 0x06000037 RID: 55
- [DllImport("kernel32.dll", SetLastError = true)]
- [return: MarshalAs(UnmanagedType.Bool)]
- internal static extern bool FreeLibrary(IntPtr hModule);
- // Token: 0x06000038 RID: 56
- [DllImport("kernel32.dll")]
- internal static extern IntPtr OpenProcess(ExploitAPI.ProcessAccess dwDesiredAccess, [MarshalAs(UnmanagedType.Bool)] bool bInheritHandle, int dwProcessId);
- // Token: 0x06000039 RID: 57
- [DllImport("kernel32.dll", ExactSpelling = true, SetLastError = true)]
- internal static extern IntPtr VirtualAllocEx(IntPtr hProcess, IntPtr lpAddress, uint dwSize, uint flAllocationType, uint flProtect);
- // Token: 0x0600003A RID: 58
- [DllImport("kernel32.dll", SetLastError = true)]
- internal static extern bool WriteProcessMemory(IntPtr hProcess, IntPtr lpBaseAddress, byte[] lpBuffer, uint nSize, out UIntPtr lpNumberOfBytesWritten);
- // Token: 0x0600003B RID: 59
- [DllImport("kernel32.dll")]
- internal static extern IntPtr CreateRemoteThread(IntPtr hProcess, IntPtr lpThreadAttributes, uint dwStackSize, UIntPtr lpStartAddress, IntPtr lpParameter, uint dwCreationFlags, out IntPtr lpThreadId);
- // Token: 0x0600003C RID: 60
- [DllImport("kernel32.dll", SetLastError = true)]
- internal static extern bool ReadProcessMemory(IntPtr hProcess, IntPtr lpBaseAddress, [Out] byte[] lpBuffer, int dwSize, out int lpNumberOfBytesRead);
- // Token: 0x0600003D RID: 61 RVA: 0x00002708 File Offset: 0x00000908
- public bool InjectDLL(string yes)
- {
- if (Process.GetProcessesByName("RobloxPlayerBeta").Length == 0)
- {
- return false;
- }
- Process process = Process.GetProcessesByName("RobloxPlayerBeta")[0];
- byte[] bytes = new ASCIIEncoding().GetBytes(AppDomain.CurrentDomain.BaseDirectory + yes);
- IntPtr hModule = ExploitAPI.LoadLibraryA("kernel32.dll");
- UIntPtr procAddress = ExploitAPI.GetProcAddress(hModule, "LoadLibraryA");
- ExploitAPI.FreeLibrary(hModule);
- if (procAddress == UIntPtr.Zero)
- {
- return false;
- }
- IntPtr intPtr = ExploitAPI.OpenProcess(ProcessAccess.AllAccess, false, process.Id);
- if (intPtr == IntPtr.Zero)
- {
- return false;
- }
- IntPtr intPtr2 = ExploitAPI.VirtualAllocEx(intPtr, (IntPtr)0, (uint)bytes.Length, 12288u, 4u);
- UIntPtr uintPtr;
- IntPtr intPtr3;
- return !(intPtr2 == IntPtr.Zero) && ExploitAPI.WriteProcessMemory(intPtr, intPtr2, bytes, (uint)bytes.Length, out uintPtr) && !(ExploitAPI.CreateRemoteThread(intPtr, (IntPtr)0, 0u, procAddress, intPtr2, 0u, out intPtr3) == IntPtr.Zero);
- }
- // Token: 0x02000004 RID: 4
- [Flags]
- public enum ProcessAccess
- {
- // Token: 0x04000007 RID: 7
- AllAccess = 1050235,
- // Token: 0x04000008 RID: 8
- CreateThread = 2,
- // Token: 0x04000009 RID: 9
- DuplicateHandle = 64,
- // Token: 0x0400000A RID: 10
- QueryInformation = 1024,
- // Token: 0x0400000B RID: 11
- SetInformation = 512,
- // Token: 0x0400000C RID: 12
- Terminate = 1,
- // Token: 0x0400000D RID: 13
- VMOperation = 8,
- // Token: 0x0400000E RID: 14
- VMRead = 16,
- // Token: 0x0400000F RID: 15
- VMWrite = 32,
- // Token: 0x04000010 RID: 16
- Synchronize = 1048576
- }
- public bool LaunchExploit()
- {
- if (ExploitAPI.NamedPipeExist(luapipename))
- {
- MessageBox.Show("Dll already injected", "No problems");
- }
- if (InjectDLL("Rozu.dll"))
- {
- return true;
- }
- MessageBox.Show("DLL failed to inject", "Error");
- return false;
- }
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement