private static void Run(CliOptions cli) { uint pid = GetProcessId(cli); var process = new InjectableProcess(pid); Console.WriteLine("PID: " + pid); Console.WriteLine("Status: " + process.GetStatus()); Console.WriteLine("Arch: " + process.GetArchitecture()); if (process.GetStatus() != ProcessStatus.Ok) { Console.WriteLine("Cannot inject into target process: " + process.GetStatus()); return; } var dllPath = CopyToTempPath(cli.DllPath); Console.WriteLine("Copied DLL to " + dllPath); process.Inject(dllPath, cli.EntryType, cli.EntryMethod); if (process.GetStatus() != ProcessStatus.Ok) { throw new Exception("Expected OK status for process"); } }
/// <summary> /// You can't register a method like <see cref="YouSavedScience"/> in static methods. /// </summary> public void WakingUpToScience() { int pid = 0; Console.WriteLine("Input process name:"); string processName = Console.ReadLine(); //Get a process by name var ps = Process.GetProcessesByName(processName); bool getted = false; foreach (var process in ps) { //if (string.IsNullOrEmpty(process.MainWindowTitle)) // continue; pid = process.Id; getted = true; break; } if (!getted) { Console.WriteLine("Can not find that process!"); Console.ReadLine(); return; } //pass through target PID InjectableProcess ip = new InjectableProcess(pid); //Good morning. You have been in suspension for nine nine nine... nine nine ni- ip.SleepInterval = 9999999; //Don't worry, since when we call Eject, the dll thread will be woke up immediately. //Register a method to handle DLL's response //Always register methods BEFORE DLL injection ip.OnClientResponse += YouSavedScience; //If a method would not associate with any local vars (like below), it is safe and can be registered even in static methods ip.OnClientExit += (s, e) => { MessageBox.Show("[Host]Got client offline message.\nNow I only Want You Gone-"); }; //Inject method would return 0 If inject failed (same as VInjDn do) if (ip.Inject(@"TestDLL.dll", @"TestDLL.dll") == 0) { Console.WriteLine("Failed to inject!"); Console.ReadLine(); return; } //Commands To Test By ip.Command("This was a triumph."); Console.ReadLine(); //Reconstructing More Science ip.Command(1); //Tell me something about your process! Console.ReadLine(); //Use this to release DLL //ip.Eject(); Console.WriteLine("Total Response:" + TestChamber); Console.ReadLine(); }
public void Inject(InjectableProcess process, string dllPath, string typeName, string methodName) { bool x86 = !process.Is64Bit; var clrVersion = GetClrVersion(); var bindToRuntimeAddr = GetCorBindToRuntimeExAddress(process.Pid, process.FullHandle, x86); var callStub = CreateCallStub(process.FullHandle, dllPath, typeName, methodName, null, bindToRuntimeAddr, x86, clrVersion); var hThread = CodeInjectionUtils.RunRemoteCode(process.FullHandle, callStub, x86); Console.WriteLine("Thread handle: " + hThread.ToInt32().ToString("X8")); }