main.cpp

1. #include <Windows.h>
2. #include <iostream>  
3. #include <string>  
4. #include <Memory.h>
5. #include <tchar.h>
6. #include <psapi.h>
7. #include <stdio.h>
8. #define WIN32_LEAN_AND_MEAN
9. #include <conio.h>
10. #include <tlhelp32.h>
11. #include "main.h"
12.  
13. using namespace std;
14.  
15.  
16. int main(int argc, char **argv)
17. {
18.     PIMAGE_NT_HEADERS pINH;
19.     PIMAGE_DATA_DIRECTORY pIDD;
20.     PIMAGE_BASE_RELOCATION pIBR;
21.  
22.     HMODULE hModule;
23.     HANDLE hProcess, hThread;
24.     PVOID image, mem;
25.     DWORD i, count, nSizeOfImage;
26.     DWORD_PTR delta, OldDelta;
27.     LPWORD list;
28.     PDWORD_PTR p;
29.     BOOLEAN enabled;
30.     NTSTATUS status;
31.  
32.     OBJECT_ATTRIBUTES objAttr;
33.     CLIENT_ID cID;
34.  
35.     DWORD dwPid = 0;
36.  
37.     SetConsoleTitleA("Get Handle From processID");
38.  
39.     if (argc != 2)
40.     {
41.         std::cout << "Usage: PEInjection.exe [process_name]\n";
42.         _getch();
43.         return 1;
44.     }
45.  
46.     // Loading needed libraries
47.      
48.     _RtlImageNtHeader RtlImageNtHeader = (_RtlImageNtHeader)GetLibraryProcAddress("ntdll.dll", "RtlImageNtHeader");
49.     _RtlAdjustPrivilege RtlAdjustPrivilege = (_RtlAdjustPrivilege)GetLibraryProcAddress("ntdll.dll", "RtlAdjustPrivilege");
50.     _NtOpenProcess NtOpenProcess = (_NtOpenProcess)GetLibraryProcAddress("ntdll.dll", "NtOpenProcess");
51.     _NtWriteVirtualMemory NtWriteVirtualMemory = (_NtWriteVirtualMemory)GetLibraryProcAddress("ntdll.dll", "NtWriteVirtualMemory");
52.     _NtClose NtClose = (_NtClose)GetLibraryProcAddress("ntdll.dll", "NtClose");
53.  
54.  
55.     std::cout << "Waiting for the process...\n\n";
56.    
57.     RtlAdjustPrivilege(20, TRUE, FALSE, &enabled);
58.  
59.     hModule = GetModuleHandle(NULL);
60.     pINH = RtlImageNtHeader(hModule);
61.     nSizeOfImage = pINH->OptionalHeader.SizeOfImage;
62.  
63.     InitializeObjectAttributes(&objAttr, NULL, 0, NULL, NULL);
64.     int disari;
65.     disari = atoi(argv[1]);
66.  
67.     cID.UniqueProcess = (PVOID)disari;
68.     cID.UniqueThread = 0;
69.      
70.     if (!NT_SUCCESS(status = NtOpenProcess(&hProcess, PROCESS_ALL_ACCESS, &objAttr, &cID)))
71.     {
72.         std::cout << "Error: Unable to open target process handle. NtOpenProcess failed with status: " << status << "\n";
73.  
74.         _getch();
75.         return 1;
76.     }
77.     mem = VirtualAllocEx(hProcess, NULL, nSizeOfImage, MEM_COMMIT | MEM_RESERVE, PAGE_EXECUTE_READWRITE);
78.     if (mem == NULL)
79.     {
80.         std::cout << "Error: Unable to allocate memory in the target process. " << GetLastError() << "\n";
81.         NtClose(hProcess);
82.         _getch();
83.         return 1;
84.     }
85.     std::cout << "processID : " << disari << "\n";
86.  
87.     std::cout << "Memory Address: 0x" << mem << "\n";
88.  
89.  
90.     _getch();
91.     return 0;
92. }
93.  
94.  
95.  
96. PVOID GetLibraryProcAddress(PSTR LibraryName, PSTR ProcName)
97. {
98.     return GetProcAddress(GetModuleHandleA(LibraryName), ProcName);
99. }