private static void Run(CliOptions cli)
{
uint pid = GetProcessId(cli);
var process = new InjectableProcess(pid);
Console.WriteLine("PID: " + pid);
Console.WriteLine("Status: " + process.GetStatus());
Console.WriteLine("Arch: " + process.GetArchitecture());
if (process.GetStatus() != ProcessStatus.Ok)
{
Console.WriteLine("Cannot inject into target process: " + process.GetStatus());
return;
}
var dllPath = CopyToTempPath(cli.DllPath);
Console.WriteLine("Copied DLL to " + dllPath);
process.Inject(dllPath, cli.EntryType, cli.EntryMethod);
if (process.GetStatus() != ProcessStatus.Ok)
{
throw new Exception("Expected OK status for process");
}
}
/// <summary>
/// You can't register a method like <see cref="YouSavedScience"/> in static methods.
/// </summary>
public void WakingUpToScience()
{
int pid = 0;
Console.WriteLine("Input process name:");
string processName = Console.ReadLine();
//Get a process by name
var ps = Process.GetProcessesByName(processName);
bool getted = false;
foreach (var process in ps)
{
//if (string.IsNullOrEmpty(process.MainWindowTitle))
// continue;
pid = process.Id;
getted = true;
break;
}
if (!getted)
{
Console.WriteLine("Can not find that process!");
Console.ReadLine();
return;
}
//pass through target PID
InjectableProcess ip = new InjectableProcess(pid);
//Good morning. You have been in suspension for nine nine nine... nine nine ni-
ip.SleepInterval = 9999999; //Don't worry, since when we call Eject, the dll thread will be woke up immediately.
//Register a method to handle DLL's response
//Always register methods BEFORE DLL injection
ip.OnClientResponse += YouSavedScience;
//If a method would not associate with any local vars (like below), it is safe and can be registered even in static methods
ip.OnClientExit += (s, e) => { MessageBox.Show("[Host]Got client offline message.\nNow I only Want You Gone-"); };
//Inject method would return 0 If inject failed (same as VInjDn do)
if (ip.Inject(@"TestDLL.dll", @"TestDLL.dll") == 0)
{
Console.WriteLine("Failed to inject!");
Console.ReadLine();
return;
}
//Commands To Test By
ip.Command("This was a triumph.");
Console.ReadLine();
//Reconstructing More Science
ip.Command(1); //Tell me something about your process!
Console.ReadLine();
//Use this to release DLL
//ip.Eject();
Console.WriteLine("Total Response:" + TestChamber);
Console.ReadLine();
}
public void Inject(InjectableProcess process, string dllPath, string typeName, string methodName)
{
bool x86 = !process.Is64Bit;
var clrVersion = GetClrVersion();
var bindToRuntimeAddr = GetCorBindToRuntimeExAddress(process.Pid, process.FullHandle, x86);
var callStub = CreateCallStub(process.FullHandle, dllPath, typeName, methodName, null, bindToRuntimeAddr, x86, clrVersion);
var hThread = CodeInjectionUtils.RunRemoteCode(process.FullHandle, callStub, x86);
Console.WriteLine("Thread handle: " + hThread.ToInt32().ToString("X8"));
}
