Ledger Nano X - The secure hardware wallet
SHARE
TWEET

Untitled

a guest Mar 29th, 2020 87 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #include <iostream>
  2. #include <direct.h>
  3. #include <windows.h>
  4. #include <TlHelp32.h>
  5.  
  6. #define BUFSIZE 4096
  7.  
  8. extern "C" __declspec(dllimport) void Share();
  9.  
  10. int main()
  11. {
  12.     LPCSTR dllPath = "C:\\Program Files\\Notepad++\\notepad++.exe";
  13.     int len = strlen((char*)dllPath) + 1;
  14.     // Get full path of DLL to inject ** DO IT IN strlen() FUNCTION **
  15.     //TCHAR  buffer[BUFSIZE] = TEXT("");
  16.     //TCHAR** lppPart = { NULL };
  17.     //DWORD pathLen = GetFullPathNameA((LPCSTR)dllPath,BUFSIZE, (LPSTR)buffer, (LPSTR*)lppPart);
  18.  
  19.     // Get LoadLibrary function address –
  20.     // the address doesn't change at remote process
  21.     LPCWSTR moduleName = L"myDll.dll";
  22.     FARPROC addrLoadLibrary = GetProcAddress(GetModuleHandleA("User32.dll"), "LoadLibrary");
  23.    
  24.     // Open remote process
  25.     HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS,FALSE, 15352);
  26.     // Get a pointer to memory location in remote process,
  27.     // big enough to store DLL path
  28.     int tmp = strlen((char*)dllPath) + 1;
  29.     PVOID memAddr = (PVOID)VirtualAllocEx(hProcess, 0,len, MEM_RESERVE|MEM_COMMIT, PAGE_EXECUTE_READWRITE);
  30.     if (NULL == memAddr) {
  31.         DWORD err = GetLastError();
  32.         return 0;
  33.     }
  34.     // Write DLL name to remote process memory
  35.     BOOL check = WriteProcessMemory(hProcess,memAddr, (LPCVOID)memAddr,len,NULL);
  36.     if (0 == check) {
  37.         DWORD err = GetLastError();
  38.         return 0;
  39.     }
  40.     // Open remote thread, while executing LoadLibrary
  41.     // with parameter DLL name, will trigger DLLMain
  42.     HANDLE hRemote = CreateRemoteThread(hProcess, 0, 0, (LPTHREAD_START_ROUTINE)GetProcAddress(GetModuleHandleA("Kernel32.dll"),"LoadLibraryA"), memAddr,0,0);
  43.     if (NULL == hRemote) {
  44.         DWORD err = GetLastError();
  45.         return 0;
  46.     }
  47.     WaitForSingleObject(hRemote, INFINITE);
  48.     check = CloseHandle(hRemote);
  49.  
  50.     return 0;
  51. }
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
Top