Beispiel #1
0
		public static RhAssemblyInfo[] GetSharedAssemblies()
        {
			// Example of a complete fullname is:
			// easyhook, version=2.5.0.0, culture=neutral, publickeytoken=4b580fca19d0b0c5, processorarchitecture=msil
			RhAssemblyInfo[] assemblies = new RhAssemblyInfo[3];
			var name = AssemblyName.GetAssemblyName("EasyHook.dll");
			assemblies[0] = new RhAssemblyInfo
			{
				FullName = name.FullName + ", ProcessorArchitecture=" + name.ProcessorArchitecture,
				AssemblyLoadPath = name.CodeBase.Substring(@"file:\\\".Length)
			};
			name = AssemblyName.GetAssemblyName("ProcMonInject.dll");
			assemblies[1] = new RhAssemblyInfo
                            {
								FullName = name.FullName + ", ProcessorArchitecture=" + name.ProcessorArchitecture,
								AssemblyLoadPath = name.CodeBase.Substring(@"file:\\\".Length)
                            };
			name = AssemblyName.GetAssemblyName("ProcessMonitor.exe");
			assemblies[2] = new RhAssemblyInfo
                            {
								FullName = name.FullName + ", ProcessorArchitecture=" + name.ProcessorArchitecture,
								AssemblyLoadPath = name.CodeBase.Substring(@"file:\\\".Length)
                            };
			return assemblies;
        }
Beispiel #2
0
        public static void Inject(
            Int32 InHostPID,
            Int32 InTargetPID,
            Int32 InWakeUpTID,
            Int32 InNativeOptions,
            String InLibraryPath_x86,
            String InLibraryPath_x64,
            RhAssemblyInfo[] Assemblies,
            params Object[] InPassThruArgs)
        {
            Install();

            m_Interface.InjectEx(
                InHostPID,
                InTargetPID, 
                InWakeUpTID,
                InNativeOptions,
                InLibraryPath_x86, 
                InLibraryPath_x64,
                Assemblies,
                false,
                true,
                InPassThruArgs);
        }
Beispiel #3
0
 public static Int32 RhInjectLibraryEx(
     Int32 InTargetPID,
     Int32 InWakeUpTID,
     Int32 InInjectionOptions,
     String InLibraryPath_x86,
     String InLibraryPath_x64,
     RhAssemblyInfo[] Assemblies,
     IntPtr InPassThruBuffer,
     Int32 InPassThruSize)
 {
   return Is64Bit
            ? NativeAPI_x64.RhInjectLibrary(
                InTargetPID, InWakeUpTID, InInjectionOptions,
                InLibraryPath_x86, InLibraryPath_x64,
                Assemblies, Assemblies != null ? Assemblies.Length : 0,
                InPassThruBuffer, InPassThruSize)
            : NativeAPI_x86.RhInjectLibrary(
                InTargetPID, InWakeUpTID, InInjectionOptions,
                InLibraryPath_x86, InLibraryPath_x64,
                Assemblies, Assemblies != null ? Assemblies.Length : 0,
                InPassThruBuffer, InPassThruSize);
 }
Beispiel #4
0
 public static void RhInjectLibrary(
       Int32 InTargetPID,
       Int32 InWakeUpTID,
       Int32 InInjectionOptions,
       String InLibraryPath_x86,
       String InLibraryPath_x64,
       RhAssemblyInfo[] Assemblies,
       IntPtr InPassThruBuffer,
       Int32 InPassThruSize)
   {
       if (Is64Bit)
         Force( NativeAPI_x64.RhInjectLibrary(
           InTargetPID, InWakeUpTID, InInjectionOptions,
           InLibraryPath_x86, InLibraryPath_x64,
           Assemblies, Assemblies.Length,
           InPassThruBuffer, InPassThruSize));
       else
         Force( NativeAPI_x86.RhInjectLibrary(
           InTargetPID, InWakeUpTID, InInjectionOptions,
           InLibraryPath_x86, InLibraryPath_x64,
           Assemblies, Assemblies.Length,
           InPassThruBuffer, InPassThruSize));
   }
Beispiel #5
0
 public static extern Int32 RhInjectLibrary(
     Int32 InTargetPID,
     Int32 InWakeUpTID,
     Int32 InInjectionOptions,
     String InLibraryPath_x86,
     String InLibraryPath_x64,
     RhAssemblyInfo[] Assemblies,
     Int32 AssembliesCount,
     IntPtr InPassThruBuffer,
     Int32 InPassThruSize);