Beispiel #1
0
        public static bool InjectDLL(IntPtr hProcess, String strDLLName)
        {
            IntPtr bytesout;

            // Length of string containing the DLL file name +1 byte padding
            Int32 LenWrite = strDLLName.Length + 1;

            // Allocate memory within the virtual address space of the target process
            IntPtr AllocMem = (IntPtr)WINAPI.VirtualAllocEx(hProcess, (IntPtr)null, (uint)LenWrite, 0x1000, 0x40);

            // Write DLL file name to allocated memory in target process
            WINAPI.WriteProcessMemory(hProcess, AllocMem, strDLLName, (UIntPtr)LenWrite, out bytesout);

            // Function pointer "Injector"
            UIntPtr Injector = (UIntPtr)WINAPI.GetProcAddress(WINAPI.GetModuleHandle("kernel32.dll"), "LoadLibraryA");

            if (Injector == null)
            {
                throw new Exception("GetProcAddress failed!\n\n Call tech support.");
            }

            // Create thread in target process, and store handle in hThread
            IntPtr hThread = (IntPtr)WINAPI.CreateRemoteThread(hProcess, (IntPtr)null, 0, Injector, AllocMem, 0, out bytesout);

            // Make sure thread handle is valid
            if (hThread == null)
            {
                //incorrect thread handle ... return failed
                throw new Exception("CreateRemoteThread failed!\n\n Call tech support.");
            }

            // Time-out is 10 seconds...
            int Result = WINAPI.WaitForSingleObject(hThread, 10 * 1000);

            // Check whether thread timed out...
            if (Result == 0x00000080L || Result == 0x00000102L || Result == 0xFFFFFFFF)
            {
                // Make sure thread handle is valid before closing... prevents crashes.
                if (hThread != null)
                {
                    //Close thread in target process
                    WINAPI.CloseHandle(hThread);
                }

                /* Thread timed out... */
                throw new Exception("WaitForSingleObject failed!\n\n Call tech support.");
            }

            // Sleep thread so as not to crash host
            Thread.Sleep(5000);

            // Clear up allocated space ( Allocmem )
            WINAPI.VirtualFreeEx(hProcess, AllocMem, (UIntPtr)0, 0x8000);

            // Make sure thread handle is valid before closing... prevents crashes.
            if (hThread != null)
            {
                //Close thread in target process
                WINAPI.CloseHandle(hThread);
            }

            return(true);
        }