public void EjectModule(RemoteModule module)
{
if (module == null || !module.IsValid)
{
throw new DllNotFoundException("Module is invalid!");
}
IntPtr moduleHandle = module.Handle;
RemoteModule kernel32Module = GetModule("kernel32");
if (kernel32Module == null)
{
throw new DllNotFoundException("Module 'kernel32' not found!");
}
RemoteFunction freeLibrary = kernel32Module.GetFunction("FreeLibrary");
if (freeLibrary == null)
{
throw new MissingMethodException("Function 'FreeLibrary' not found in kernel32");
}
try {
if (freeLibrary.Call(moduleHandle) == 0)
{
throw new MethodAccessException("FreeLibrary call failed. This usually means that you tried to eject a non existent Module");
}
} catch (Exception e) {
throw new MethodAccessException("Method FreeLibrary could not be called!", e);
}
Refresh();
}
/// <summary>
/// Injects a module, throws an exception on failure.
/// </summary>
/// <param name="filePath">The filepath of the dynamic link library.</param>
/// <returns></returns>
public RemoteModule InjectModule(string filePath)
{
filePath = Path.GetFullPath(filePath);
if (!File.Exists(filePath))
{
throw new FileNotFoundException(filePath + " could not be found");
}
RemoteModule kernel32Module = GetModule("kernel32");
if (kernel32Module == null)
{
throw new DllNotFoundException("Module 'kernel32' not found!");
}
RemoteFunction loadLibraryW = kernel32Module.GetFunction("LoadLibraryW");
if (loadLibraryW == null || loadLibraryW.Address == IntPtr.Zero)
{
throw new MissingMethodException("Function 'LoadLibraryW' not found in kernel32");
}
try {
if (loadLibraryW.Call(filePath) == 0)
{
throw new MethodAccessException("LoadLibrary call failed. This usually means that you tried to inject a incompatible 32 bit dll in a 64 bit Process, or vice versa.");
}
} catch (Exception e) {
throw new MethodAccessException("Method LoadLibraryW could not be called!", e);
}
Refresh();
return(GetModule(filePath));
}
