private static bool CheckError(bool condition, InjectorErrors.Error onError, ref InjectorErrors.Error resultError) { if (null != resultError) { return(false); } if (condition) { return(true); } resultError = onError; return(false); }
static int Main(string[] args) { InjectorErrors.Error result = null; string strArgs = string.Join(" ", args); try { int delimiterPos = strArgs.IndexOf(" "); string strDwProcessId = strArgs.Substring(0, delimiterPos); UInt32 dwProcessId = UInt32.Parse(strDwProcessId); string strDllPath = strArgs.Substring(delimiterPos + 1); result = Injector.Inject(dwProcessId, strDllPath); } catch (Exception e) { System.Windows.Forms.MessageBox.Show(e.ToString(), "injector Error", MessageBoxButtons.OK, MessageBoxIcon.Error); result = InjectorErrors.Unknown; } return((int)(null == result ? 0 : result.Code)); }
public static InjectorErrors.Error Inject(UInt32 dwProcessId, string dllPath) { string baseDirectory = System.IO.Path.GetDirectoryName(dllPath); byte[] datDllPath = Encoding.Unicode.GetBytes(dllPath + "\0"); byte[] datBaseDirectory = Encoding.Unicode.GetBytes(baseDirectory + "\0"); byte[] image = null; IntPtr argDllDir = IntPtr.Zero; IntPtr argDllFilePath = IntPtr.Zero; UIntPtr dllDirectorySz = new UIntPtr((ulong)datBaseDirectory.LongLength); UIntPtr dllFilePathSz = new UIntPtr((ulong)datDllPath.LongLength); UIntPtr imageSz = UIntPtr.Zero; IntPtr hProc = IntPtr.Zero; IntPtr hThread = IntPtr.Zero; IntPtr imageAfxHook = IntPtr.Zero; InjectorErrors.Error error = null; bool bOk = true; try { bOk = true && CheckError(IntPtr.Zero != (hProc = OpenProcess(createThreadAccess, false, dwProcessId)), InjectorErrors.OpenProcessFailed, ref error) && CheckError(IntPtr.Zero != (argDllDir = VirtualAllocEx(hProc, IntPtr.Zero, dllDirectorySz, AllocationType.Reserve | AllocationType.Commit, MemoryProtection.ReadWrite)), InjectorErrors.VirtualAllocExReadWriteFailed, ref error) && CheckError(IntPtr.Zero != (argDllFilePath = VirtualAllocEx(hProc, IntPtr.Zero, dllFilePathSz, AllocationType.Reserve | AllocationType.Commit, MemoryProtection.ReadWrite)), InjectorErrors.VirtualAllocExReadWriteFailed, ref error) && CheckError(null != (image = GetImage(m_PGetModuleHandleW, m_PGetProcAddress, argDllDir, argDllFilePath)), InjectorErrors.GetImageFailed, ref error) ; if (bOk) { imageSz = new UIntPtr((ulong)image.LongLength); bOk = true && CheckError(IntPtr.Zero != (imageAfxHook = VirtualAllocEx(hProc, IntPtr.Zero, imageSz, AllocationType.Reserve | AllocationType.Commit, MemoryProtection.ExecuteReadWrite)), InjectorErrors.VirtualAllocExReadWriteExecuteFailed, ref error) && CheckError(WriteProcessMemory(hProc, argDllDir, datBaseDirectory, dllDirectorySz, IntPtr.Zero), InjectorErrors.WriteProcessMemoryFailed, ref error) && CheckError(WriteProcessMemory(hProc, argDllFilePath, datDllPath, dllFilePathSz, IntPtr.Zero), InjectorErrors.WriteProcessMemoryFailed, ref error) && CheckError(WriteProcessMemory(hProc, imageAfxHook, image, imageSz, IntPtr.Zero), InjectorErrors.WriteProcessMemoryFailed, ref error) && CheckError(FlushInstructionCache(hProc, imageAfxHook, imageSz), InjectorErrors.FlushInstructionCacheFailed, ref error) && CheckError(IntPtr.Zero != (hThread = CreateRemoteThread(hProc, IntPtr.Zero, UIntPtr.Zero, imageAfxHook, IntPtr.Zero, 0, IntPtr.Zero)), InjectorErrors.CreateRemoteThreadFailed, ref error) ; if (bOk) { bOk = false; bool bWait; do { bWait = false; for (int i = 0; i < 60; i++) { if (WAIT_OBJECT_0 == WaitForSingleObject(hThread, 1000)) { bOk = true; break; } } if (!bOk) { bWait = DialogResult.Yes == MessageBox.Show("Image injection problem.\nContinue waiting?", "injector Warning", MessageBoxButtons.YesNo, MessageBoxIcon.Warning); } } while (bWait); if (!bOk) { TerminateThread(hThread, 1); } else { UInt32 exitCode; bOk = GetExitCodeThread(hThread, out exitCode); if (bOk) { if (0 != exitCode) { bOk = false; if (1 <= exitCode && exitCode <= 15) { error = InjectorErrors.Instance.GetById((int)exitCode); } else { error = InjectorErrors.AfxHookUnknown; MessageBox.Show("Unknown AfxHook exit code: " + exitCode.ToString(), "injector Error", MessageBoxButtons.OK, MessageBoxIcon.Error); } } } } } } } finally { if (IntPtr.Zero != hThread) { CloseHandle(hThread); } if (IntPtr.Zero != imageAfxHook) { VirtualFreeEx(hProc, imageAfxHook, UIntPtr.Zero, AllocationType.Release); } if (IntPtr.Zero != argDllDir) { VirtualFreeEx(hProc, argDllFilePath, UIntPtr.Zero, AllocationType.Release); } if (IntPtr.Zero != argDllFilePath) { VirtualFreeEx(hProc, argDllDir, UIntPtr.Zero, AllocationType.Release); } if (IntPtr.Zero != hProc) { CloseHandle(hProc); } } CheckError(bOk, InjectorErrors.Unknown, ref error); return(error); }
public static bool Load(IEnumerable <GetHookPathDelegate> getHookPathCollection, string programPath, string cmdLine, string environment = null) { bool bOk = true; try { string programOptions = "\"" + programPath + "\" " + cmdLine; string programDirectory = System.IO.Path.GetDirectoryName(programPath); PROCESS_INFORMATION processInfo = new PROCESS_INFORMATION(); STARTUPINFOW startupInfo = new STARTUPINFOW(); startupInfo.cb = (UInt32)Marshal.SizeOf(startupInfo); if (!CreateProcessW( programPath , programOptions , null , null , true // inherit handles , //CREATE_DEFAULT_ERROR_MODE| CREATE_NEW_PROCESS_GROUP | DETACHED_PROCESS | CREATE_SUSPENDED //DEBUG_ONLY_THIS_PROCESS| //DEBUG_PROCESS // we want to catch debug event's (sadly also of childs) | CREATE_UNICODE_ENVIRONMENT , environment , programDirectory , ref startupInfo , out processInfo) ) { throw new System.ApplicationException("Failed to launch program, error code: " + Marshal.GetLastWin32Error()); } try { bool isProcess64Bit = IsProcess64Bit(processInfo.hProcess); foreach (GetHookPathDelegate getHookPath in getHookPathCollection) { string hookPath = getHookPath(isProcess64Bit); using (System.Diagnostics.Process injector = new System.Diagnostics.Process()) { injector.StartInfo.UseShellExecute = false; injector.StartInfo.FileName = System.AppDomain.CurrentDomain.BaseDirectory + (isProcess64Bit ? "\\x64" : "") + "\\injector.exe"; injector.StartInfo.CreateNoWindow = true; injector.StartInfo.Arguments = processInfo.dwProcessId.ToString() + " " + hookPath; try { injector.Start(); } catch (Exception e) { throw new System.AccessViolationException( "Failed to start injector: " + injector.StartInfo.FileName + "." + Environment.NewLine + "Error: " + e.ToString() + Environment.NewLine + "Solution: Check that your Anti Virus did not remove it due to a false positive. If so restore it and add an exception for injector / the HLAE folder." ); } injector.WaitForExit(); if (0 != injector.ExitCode) { InjectorErrors.Error error = InjectorErrors.Instance.GetById(injector.ExitCode); throw new System.AccessViolationException( "Injector(" + (isProcess64Bit ? "x64" : "x86") + ") failed," + Environment.NewLine + "Could not inject \"" + hookPath + "\"." + Environment.NewLine + "Error: " + error.Text + Environment.NewLine + "Solution: " + error.Solution ); } } } } finally { System.Threading.Thread.Sleep(2000); ResumeThread(processInfo.hThread); CloseHandle(processInfo.hThread); CloseHandle(processInfo.hProcess); } } catch (Exception e) { MessageBox.Show(e.ToString(), "Loader failed", MessageBoxButtons.OK, MessageBoxIcon.Error); return(false); } return(bOk); }