Ejemplo n.º 1
0
        internal MethodWrapper(int targetProcessId, string dllPath, bool randomiseDllName, bool methodIsManualMap)
        {
            // Ensure the users operating system is supported

            ValidationHandler.ValidateOperatingSystem();

            // Ensure the arguments passed in are valid

            if (targetProcessId <= 0 || string.IsNullOrWhiteSpace(dllPath))
            {
                throw new ArgumentException("One or more of the arguments provided were invalid");
            }

            if (randomiseDllName)
            {
                // Create a temporary DLL on disk

                var temporaryDllName = WrapperTools.GenerateRandomDllName();

                var temporaryDllPath = WrapperTools.CreateTemporaryDll(temporaryDllName, File.ReadAllBytes(dllPath));

                _propertyWrapper = methodIsManualMap ? new PropertyWrapper(targetProcessId, File.ReadAllBytes(temporaryDllPath)) : new PropertyWrapper(targetProcessId, temporaryDllPath);
            }

            else
            {
                _propertyWrapper = methodIsManualMap ? new PropertyWrapper(targetProcessId, File.ReadAllBytes(dllPath)) : new PropertyWrapper(targetProcessId, dllPath);
            }

            // Ensure the architecture of the DLL is valid

            ValidationHandler.ValidateDllArchitecture(_propertyWrapper);
        }
Ejemplo n.º 2
0
        internal ExtensionWrapper(int targetProcessId, string dllPath, bool randomiseDllName)
        {
            // Ensure the users operating system is supported

            ValidationHandler.ValidateOperatingSystem();

            // Ensure the arguments passed in are valid

            if (targetProcessId <= 0 || string.IsNullOrWhiteSpace(dllPath))
            {
                throw new ArgumentException("One or more of the arguments provided were invalid");
            }

            if (randomiseDllName)
            {
                // Assume the DLL is the newest file in the temporary directory

                var temporaryDirectoryInfo = new DirectoryInfo(Path.Combine(Path.GetTempPath(), "Bleak"));

                var newestTemporaryFile = temporaryDirectoryInfo.GetFiles().OrderByDescending(file => file.LastWriteTime).First();

                _propertyWrapper = new PropertyWrapper(targetProcessId, newestTemporaryFile.FullName);
            }

            else
            {
                _propertyWrapper = new PropertyWrapper(targetProcessId, dllPath);
            }

            ValidationHandler.ValidateDllArchitecture(_propertyWrapper);
        }
Ejemplo n.º 3
0
        internal MethodWrapper(string targetProcessName, byte[] dllBytes, bool randomiseDllName, bool methodIsManualMap)
        {
            // Ensure the users operating system is supported

            ValidationHandler.ValidateOperatingSystem();

            // Ensure the arguments passed in are valid

            if (string.IsNullOrWhiteSpace(targetProcessName) || dllBytes is null || dllBytes.Length == 0)
            {
                throw new ArgumentException("One or more of the arguments provided were invalid");
            }

            if (methodIsManualMap)
            {
                _propertyWrapper = new PropertyWrapper(targetProcessName, dllBytes);
            }

            else
            {
                // Create a temporary DLL on disk

                var temporaryDllName = randomiseDllName ? WrapperTools.GenerateRandomDllName() : WrapperTools.GenerateDllName(dllBytes);

                var temporaryDllPath = WrapperTools.CreateTemporaryDll(temporaryDllName, dllBytes);

                _propertyWrapper = new PropertyWrapper(targetProcessName, temporaryDllPath);
            }

            // Ensure the architecture of the DLL is valid

            ValidationHandler.ValidateDllArchitecture(_propertyWrapper);
        }
Ejemplo n.º 4
0
        internal InjectionContext(InjectionMethod injectionMethod, string processName, string dllPath)
        {
            _injectionWrapper = new InjectionWrapper(injectionMethod, processName, dllPath);

            // Ensure the architecture of the DLL is valid

            ValidationHandler.ValidateDllArchitecture(_injectionWrapper);
        }
Ejemplo n.º 5
0
        internal InjectionContext(InjectionMethod injectionMethod, int processId, byte[] dllBytes)
        {
            _injectionWrapper = new InjectionWrapper(injectionMethod, processId, dllBytes);

            // Ensure the architecture of the DLL is valid

            ValidationHandler.ValidateDllArchitecture(_injectionWrapper);
        }
Ejemplo n.º 6
0
        internal InjectionManager(string processName, string dllPath, InjectionMethod injectionMethod, InjectionFlags injectionFlags)
        {
            _injectionWrapper = new InjectionWrapper(GetProcess(processName), dllPath, injectionMethod, injectionFlags);

            ValidationHandler.ValidateDllArchitecture(_injectionWrapper);

            _ejectDll = new EjectDll(_injectionWrapper);

            _hideDllFromPeb = new HideDllFromPeb(_injectionWrapper);

            _injectionMethod = InitialiseInjectionMethod(injectionMethod);
        }
Ejemplo n.º 7
0
        internal InjectionManager(int processId, byte[] dllBytes, InjectionMethod injectionMethod, InjectionFlags injectionFlags)
        {
            _injectionWrapper = new InjectionWrapper(GetProcess(processId), dllBytes, injectionMethod, injectionFlags);

            ValidationHandler.ValidateDllArchitecture(_injectionWrapper);

            _ejectDll = new EjectDll(_injectionWrapper);

            _hideDllFromPeb = new HideDllFromPeb(_injectionWrapper);

            _injectionMethod = InitialiseInjectionMethod(injectionMethod);
        }
Ejemplo n.º 8
0
        internal InjectionManager(int targetProcessId, string dllPath, bool isExtension, bool randomiseDllName)
        {
            // Ensure the users operating system is valid

            ValidationHandler.ValidateOperatingSystem();

            // Ensure the arguments passed in are valid

            if (targetProcessId <= 0 || string.IsNullOrWhiteSpace(dllPath))
            {
                throw new ArgumentException("One or more of the arguments provided were invalid");
            }

            // Ensure a valid DLL exists at the provided path

            if (!File.Exists(dllPath) || Path.GetExtension(dllPath) != ".dll")
            {
                throw new ArgumentException("No DLL file exists at the provided path");
            }

            if (randomiseDllName && isExtension)
            {
                // Assume the DLL is the newest file in the directory

                var directoryInfo = new DirectoryInfo(Path.Combine(Path.GetTempPath(), "Bleak"));

                var newestFile = directoryInfo.GetFiles().OrderByDescending(file => file.LastWriteTime).First();

                _injectionProperties = new InjectionProperties(targetProcessId, newestFile.FullName);
            }

            else if (randomiseDllName)
            {
                // Create a temporary DLL on disk

                var temporaryDllPath = DllTools.CreateTemporaryDll(DllTools.GenerateRandomDllName(), File.ReadAllBytes(dllPath));

                _injectionProperties = new InjectionProperties(targetProcessId, temporaryDllPath);
            }

            else
            {
                _injectionProperties = new InjectionProperties(targetProcessId, dllPath);
            }

            // Ensure the architecture of the DLL is valid

            ValidationHandler.ValidateDllArchitecture(_injectionProperties);
        }
Ejemplo n.º 9
0
        internal InjectionManager(int targetProcessId, byte[] dllBytes, bool manualMap, bool isExtension, bool randomiseDllName)
        {
            // Ensure the users operating system is valid

            ValidationHandler.ValidateOperatingSystem();

            // Ensure the arguments passed in are valid

            if (targetProcessId <= 0 || dllBytes is null || dllBytes.Length == 0)
            {
                throw new ArgumentException("One or more of the arguments provided were invalid");
            }

            if (manualMap)
            {
                _injectionProperties = new InjectionProperties(targetProcessId, dllBytes);
            }

            else if (randomiseDllName && isExtension)
            {
                // Assume the DLL is the newest file in the directory

                var directoryInfo = new DirectoryInfo(Path.Combine(Path.GetTempPath(), "Bleak"));

                var newestFile = directoryInfo.GetFiles().OrderByDescending(file => file.LastWriteTime).First();

                _injectionProperties = new InjectionProperties(targetProcessId, newestFile.FullName);
            }

            else
            {
                // Create a temporary DLL on disk

                var temporaryDllName = randomiseDllName ? DllTools.GenerateRandomDllName() : DllTools.GenerateDllName(dllBytes);

                _injectionProperties = new InjectionProperties(targetProcessId, DllTools.CreateTemporaryDll(temporaryDllName, dllBytes));
            }

            // Ensure the architecture of the DLL is valid

            ValidationHandler.ValidateDllArchitecture(_injectionProperties);
        }
Ejemplo n.º 10
0
        internal ExtensionWrapper(int targetProcessId, byte[] dllBytes, bool randomiseDllName)
        {
            // Ensure the users operating system is supported

            ValidationHandler.ValidateOperatingSystem();

            // Ensure the arguments passed in are valid

            if (targetProcessId <= 0 || dllBytes is null || dllBytes.Length == 0)
            {
                throw new ArgumentException("One or more of the arguments provided were invalid");
            }

            if (randomiseDllName)
            {
                // Assume the DLL is the newest file in the temporary directory

                var temporaryDirectoryInfo = new DirectoryInfo(Path.Combine(Path.GetTempPath(), "Bleak"));

                var newestTemporaryFile = temporaryDirectoryInfo.GetFiles().OrderByDescending(file => file.LastWriteTime).First();

                _propertyWrapper = new PropertyWrapper(targetProcessId, newestTemporaryFile.FullName);
            }

            else
            {
                // Get the file path of the DLL on disk

                var temporaryDirectory = Path.Combine(Path.GetTempPath(), "Bleak");

                var temporaryDllName = WrapperTools.GenerateDllName(dllBytes);

                var temporaryDllPath = Path.Combine(temporaryDirectory, temporaryDllName);

                _propertyWrapper = new PropertyWrapper(targetProcessId, temporaryDllPath);
            }

            // Ensure the architecture of the DLL is valid

            ValidationHandler.ValidateDllArchitecture(_propertyWrapper);
        }
Ejemplo n.º 11
0
        internal InjectionManager(InjectionMethod injectionMethod, string processName, string dllPath)
        {
            _injectionContext = new InjectionContext();

            _injectionWrapper = new InjectionWrapper(injectionMethod, processName, dllPath);

            _injectionExtensionCache = new Dictionary <string, IInjectionExtension>
            {
                { "EjectDll", new EjectDll(_injectionWrapper) },
                { "HideDllFromPeb", new HideDllFromPeb(_injectionWrapper) },
                { "RandomiseDllHeaders", new RandomiseDllHeaders(_injectionWrapper) }
            };

            var injectionMethodType = Type.GetType(string.Concat("Bleak.Injection.Methods.", injectionMethod.ToString()));

            _injectionMethod = (IInjectionMethod)Activator.CreateInstance(injectionMethodType, _injectionWrapper);

            // Ensure the architecture of the DLL is valid

            ValidationHandler.ValidateDllArchitecture(_injectionWrapper);
        }
Ejemplo n.º 12
0
        internal InjectionManager(InjectionMethod injectionMethod, string processName, byte[] dllBytes)
        {
            _injectionContext = new InjectionContext();

            _injectionWrapper = new InjectionWrapper(injectionMethod, processName, dllBytes);

            _injectionExtensionCache = new Dictionary <string, IInjectionExtension>
            {
                { nameof(EjectDll), new EjectDll(_injectionWrapper) },
                { nameof(HideDllFromPeb), new HideDllFromPeb(_injectionWrapper) },
                { nameof(RandomiseDllHeaders), new RandomiseDllHeaders(_injectionWrapper) }
            };

            var injectionMethodType = Type.GetType("Bleak.Injection.Methods." + injectionMethod);

            _injectionMethod = (IInjectionMethod)Activator.CreateInstance(injectionMethodType, _injectionWrapper);

            // Ensure the architecture of the DLL is valid

            ValidationHandler.ValidateDllArchitecture(_injectionWrapper);
        }