/// <summary>
/// Prepares capturing in the target process. Note that the process must not already be hooked, and must have a MainWindowHandle/>.
/// </summary>
/// <param name="process">The process to inject into</param>
/// <param name="config"></param>
/// <param name="captureInterface"></param>
/// <exception cref="ProcessHasNoWindowHandleException">Thrown if the <paramref name="process"/> does not have a window handle. This could mean that the process does not have a UI, or that the process has not yet finished starting.</exception>
/// <exception cref="ProcessAlreadyHookedException">Thrown if the <paramref name="process"/> is already hooked</exception>
/// <exception cref="InjectionFailedException">Thrown if the injection failed - see the InnerException for more details.</exception>
/// <remarks>The target process will have its main window brought to the foreground after successful injection.</remarks>
public CaptureProcess(Process process, CaptureConfig config, CaptureInterface captureInterface)
{
// If the process doesn't have a MainWindowHandle yet, skip it (we need to be able to get the hwnd to set foreground etc)
if (process.MainWindowHandle == IntPtr.Zero)
{
throw new ProcessHasNoWindowHandleException();
}
// Skip if the process is already hooked (and we want to hook multiple applications)
if (HookManager.IsHooked(process.Id))
{
throw new ProcessAlreadyHookedException();
}
Process = process;
Process.EnableRaisingEvents = true;
captureInterface.ProcessId = Process.Id;
CaptureInterface = captureInterface;
//_serverInterface = new CaptureInterface() { ProcessId = process.Id };
// Initialise the IPC server (with our instance of _serverInterface)
RemoteHooking.IpcCreateServer(
ref channelName,
WellKnownObjectMode.Singleton,
CaptureInterface);
try
{
// Inject DLL into target process
RemoteHooking.Inject(
Process.Id,
InjectionOptions.Default,
typeof(CaptureInterface).Assembly.Location, // 32-bit (the same because AnyCPU) could use different assembly that links to 32-bit C++ helper dll
typeof(CaptureInterface).Assembly.Location, // 64-bit (the same because AnyCPU) could use different assembly that links to 64-bit C++ helper dll
// the optional parameter list...
channelName, // The name of the IPC channel for the injected assembly to connect to
config
);
}
catch (Exception e)
{
throw new InjectionFailedException(e);
}
HookManager.AddHookedProcess(Process.Id);
// Ensure the target process is in the foreground,
// this prevents an issue where the target app appears to be in
// the foreground but does not receive any user inputs.
// Note: the first Alt+Tab out of the target application after injection
// may still be an issue - switching between windowed and
// fullscreen fixes the issue however (see ScreenshotInjection.cs for another option)
BringProcessWindowToFront();
Process.Exited += (_, _) =>
{
Dispose();
};
}
public static void Start()
{
DebugInit();
string channelName = null;
channel = RemoteHooking.IpcCreateServer <Host.Remote>(ref channelName, WellKnownObjectMode.SingleCall);
ChannelName = channelName;
if (ProxyEndPoint == null)
{
throw new Exception("Missing proxy end point");
}
try
{
Config.Register("PeaRoxy", "PeaRoxy.Windows.Network.Hook.exe");
}
catch (ApplicationException)
{
Console.WriteLine("This is an administrative task! No admin privilege.");
Console.ReadLine();
Environment.Exit(0);
}
while (true)
{
try
{
Process[] processes = Process.GetProcesses();
foreach (Process process in processes)
{
if (InternalTargetProcesses.Contains(process.ProcessName.ToLower().Trim()))
{
if (!InternalHosts.ContainsKey(process.Id))
{
InternalHosts.Add(process.Id, new Host(process));
}
}
}
foreach (KeyValuePair <int, Host> injectedHost in new Dictionary <int, Host>(InternalHosts))
{
switch (injectedHost.Value.Status)
{
case Host.StatusEnum.Idle:
injectedHost.Value.Inject();
break;
case Host.StatusEnum.Aborted:
InternalHosts.Remove(injectedHost.Key);
break;
}
}
Thread.Sleep(100);
}
catch (Exception e)
{
DebugPrint(e.ToString());
}
}
}
private void hookProcess(int processId)
{
string channelName = null;
string hookAssyPath = Path.Combine(Path.GetDirectoryName(Assembly.GetExecutingAssembly().Location), HOOK_DLL);
RemoteHooking.IpcCreateServer <HookCallbackHandler>(ref channelName, System.Runtime.Remoting.WellKnownObjectMode.Singleton);
RemoteHooking.Inject(processId, InjectionOptions.DoNotRequireStrongName, hookAssyPath, hookAssyPath, new Object[] { channelName, processId, Properties.Resources.ApplicationName });
// wait for host process termination
try
{
do
{
Thread.Sleep(30000);
} while (Process.GetProcessById(processId) != null);
}
catch
{
// if process is no longer running, GetProcessById throws
}
string tipText = String.Format(Properties.Resources.ProcessClosedMsg, this.currentProcessName);
if (!this.silent)
{
TrayIcon.ShowBalloonTip(0, Properties.Resources.ApplicationName, tipText, ToolTipIcon.Info);
}
this.log.LogInfo(tipText);
Application.Exit();
}
private void OnAttachRequested(object aObject, int aProcessId)
{
try
{
_xinputHookServer = RemoteHooking.IpcCreateServer <ButtplugGameVibrationRouterInterface>(
ref _channelName,
WellKnownObjectMode.Singleton);
var dllFile = System.IO.Path.Combine(
System.IO.Path.GetDirectoryName(typeof(ButtplugGameVibrationRouterPayload).Assembly.Location),
"B******g.Apps.GameVibrationRouter.Payload.dll");
_log.Info($"Beginning process injection on {aProcessId}...");
_log.Info($"Injecting DLL {dllFile}");
RemoteHooking.Inject(
aProcessId,
InjectionOptions.Default,
dllFile,
dllFile,
// the optional parameter list...
_channelName);
_log.Info($"Finished process injection on {aProcessId}...");
_processTab.Attached = true;
_processTab.ProcessError = "Attached to process";
}
catch (Exception ex)
{
Detach();
_log.Error(ex);
_processTab.ProcessError = "Error attaching, see logs for details.";
}
}
public bool Inject()
{
var guilty_gear = Process.GetProcessesByName("GuiltyGearXrd");
if (guilty_gear.Length > 0)
{
var PID = guilty_gear[0].Id;
var library = Path.Combine(Path.GetDirectoryName(System.Reflection.Assembly.GetExecutingAssembly().Location), "Rev2Hook.dll");
RemoteHooking.IpcCreateServer <XrdServer>(ref channelName, System.Runtime.Remoting.WellKnownObjectMode.Singleton);
try
{
RemoteHooking.Inject(PID, library, library, channelName);
server = RemoteHooking.IpcConnectClient <XrdServer>(channelName);
server.SetModsPath(
Path.GetDirectoryName(System.Reflection.Assembly.GetExecutingAssembly().Location)
+ "\\rev2_mods");
return(true);
}
catch (Exception e)
{
Console.WriteLine("Error while injecting: {0}", e);
return(false);
}
}
;
return(false);
}
public void Start(string targetExecutable, string commandLine = "")
{
try
{
// All loaded modules should use .Net Framework <= 3.5
Config.Register(
"Lua injection",
"LuaInjectAgent.dll",
"System.ComponentModel.Composition.dll"
);
string channelName = null;
RemoteHooking.IpcCreateServer <Client>(ref channelName, WellKnownObjectMode.SingleCall);
int targetPid;
RemoteHooking.CreateAndInject(targetExecutable, commandLine, 0,
"LuaInjectAgent.dll",
"LuaInjectAgent.dll",
out targetPid,
channelName, //channel
Path.Combine(Directory.GetCurrentDirectory(), "HookPlugins"), //plugins directory
Path.Combine(Directory.GetCurrentDirectory(), "Config"), //config directory
targetExecutable //target executable
);
}
catch (Exception e)
{
MessageBox.Show(e.Message + "\n" + e.StackTrace, "Failed", MessageBoxButtons.OK);
}
}
static void Main(string[] args)
{
Int32 TargetPID = 0;
if ((args.Length != 1) || !Int32.TryParse(args[0], out TargetPID))
{
Console.WriteLine();
Console.WriteLine("Usage: MSAccessHookTests %PID%");
Console.WriteLine();
return;
}
try
{
string _ChannelName = null;
RemoteHooking.IpcCreateServer <FileMonInterface>(ref _ChannelName, WellKnownObjectMode.SingleCall);
ChannelName = _ChannelName;
RemoteHooking.Inject(
TargetPID,
InjectionOptions.NoService,
"MSAccessHookTests.exe",
"MSAccessHookTests.exe",
ChannelName);
Console.ReadLine();
}
catch (Exception ExtInfo)
{
Console.WriteLine("There was an error while connecting to target:\r\n{0}", ExtInfo.ToString());
}
}
async void ProcessWatcher_ProcessStarted(object sender, ProcessStartedEventArgument e)
{
if (!SuspiciousProcesses.Contains(e.ProcessName))
{
return;
}
logger.Information($"Injecting keyboard override library into process {e.ProcessName}.");
var injectedLibraryName = GetInjectedLibraryName();
string channelName = null;
RemoteHooking.IpcCreateServer(
ref channelName,
WellKnownObjectMode.SingleCall,
communicator,
WellKnownSidType.WorldSid);
const InjectionOptions injectionOptions =
InjectionOptions.DoNotRequireStrongName &
InjectionOptions.NoService &
InjectionOptions.NoWOW64Bypass;
RemoteHooking.Inject(
e.ProcessId,
injectionOptions,
injectedLibraryName,
injectedLibraryName,
channelName);
logger.Information($"Keyboard override library successfully injected.");
}
public void Hook()
{
if (IsHooked)
{
return;
}
var ri = new RemoteInterface
{
//Wrap the target delegate in our own delegate for reference safety
SystemId = (x, y) => _systemDeviceId(x, y),
Unload = () => !IsHooked,
ErrorHandler = RaiseOnError
};
RemoteHooking.IpcCreateServer(ref _channelName, WellKnownObjectMode.Singleton, ri);
RemoteHooking.Inject(
_processId,
InjectionOptions.DoNotRequireStrongName,
typeof(IMMDeviceEnumerator).Assembly.Location,
typeof(IMMDeviceEnumerator).Assembly.Location,
_channelName);
IsHooked = true;
}
private void InjectIntoProcess(int targetPID, string targetProcessName)
{
if (_crashList.Contains(targetProcessName))
{
return;
}
Thread.Sleep(1000);
try
{
Log($"Attempting to inject into process {targetProcessName}, PID {targetPID}");
string channelName = null;
ServerInterface server = new ServerInterface(Log, RemoveServer, ShouldAbort);
RemoteHooking.IpcCreateServer(ref channelName, WellKnownObjectMode.Singleton, server);
RemoteHooking.Inject(
targetPID,
InjectionOptions.DoNotRequireStrongName,
_injectionLibraryPath,
_injectionLibraryPath,
channelName);
_servers.AddOrUpdate(targetPID, server, (pid, s) => server);
}
catch (Exception ex)
{
Log($"Error: {ex}");
_crashList.Add(targetProcessName);
}
}
bool InjectPayload(Process proc, string injectionLibrary)
{
string channelName = null;
RemoteHooking.IpcCreateServer <InjectorInterface>(ref channelName, WellKnownObjectMode.Singleton);
var parameter = new EntryPointParameters
{
Message = "Test Message",
HostProcessId = RemoteHooking.GetCurrentProcessId(),
ScreenWidth = 640,
ScreenHeight = 480
};
try
{
RemoteHooking.Inject(
proc.Id,
InjectionOptions.Default | InjectionOptions.DoNotRequireStrongName,
injectionLibrary,
injectionLibrary,
channelName,
parameter
);
return(true);
}
catch (Exception ex)
{
return(false);
}
}
static void Main(string[] args)
{
try
{
/*Config.Register(
* "ThrInj",
* currdir + "ThrInj_Con.exe",
* currdir + "ThrInj.dll");*/
//args = new string[] { "TestApp.exe" };
RemoteHooking.IpcCreateServer <RemoteMon>(
ref ChannelName, WellKnownObjectMode.Singleton);
int processid;
//RemoteHooking.CreateAndInject(args[0], "", 0, currdir + "ThrInj.dll", currdir + "ThrInj.dll", out processid, ChannelName);
ProcessStartInfo f = new ProcessStartInfo();
f.FileName = args[0];
Process x = Process.Start(f);
RemoteHooking.Inject(x.Id, InjectionOptions.DoNotRequireStrongName, currdir + "ThrInj.dll", currdir + "ThrInj.dll", new Object[] { ChannelName });
}
catch (Exception ExtInfo)
{
Console.WriteLine("There was an error while connecting " +
"to target:\r\n{0}", ExtInfo.ToString());
Console.ReadLine();
}
while (true)
{
Thread.Sleep(1000);
}
}
public static void Inject()
{
// Setup remote hooking
_ipcServer = RemoteHooking.IpcCreateServer <InjectionInterface>(ref _channelName, WellKnownObjectMode.Singleton);
// Find by process name
var processes = Process.GetProcessesByName(TARGET_PROCESS_NAME);
foreach (var process in processes)
{
// Full path to our dll file
string injectionLibrary = Path.Combine(Path.GetDirectoryName(typeof(InjectionInterface).Assembly.Location), INJECT_DLL_NAME);
try
{
// Inject dll into the process
RemoteHooking.Inject(
process.Id, // ID of process to inject into
(_noGAC ? InjectionOptions.DoNotRequireStrongName : InjectionOptions.Default), // if not using GAC allow assembly without strong name
injectionLibrary, // 32-bit version (the same because AnyCPU)
injectionLibrary, // 64-bit version (the same because AnyCPU)
_channelName
);
// Success
return;
}
catch (Exception ex)
{
throw new InterceptorException(string.Format("Failed to inject to target: {0}", ex.Message), ex);
}
}
throw new InterceptorException(string.Format("{0} not found in list of processes", TARGET_PROCESS_NAME));
}
public void Connect()
{
_ChannelName = null;
log.Info("Dll to inject: " + _InjectDll);
try
{
log.Info(" Creating IPC server");
IpcServer = RemoteHooking.IpcCreateServer <PSInterface>(
ref _ChannelName, System.Runtime.Remoting.WellKnownObjectMode.Singleton);
log.Info(" Connect to IPC as client to get interface");
Iface = RemoteHooking.IpcConnectClient <PSInterface>(_ChannelName);
;
log.Info(" Set interface properties");
Iface.RunButton = Valve.VR.EVRButtonId.k_EButton_Axis0;
log.Info(" Interface RunButton: " + Iface.RunButton);
Iface.ButtonType = PStrafeButtonType.Press;
log.Info(" Interface ButtonType: " + Iface.ButtonType);
Iface.Hand = PStrafeHand.Left;
log.Info(" Interface Hand: " + Iface.Hand);
log.Info(" Subscribe to interface events:");
log.Info(" UserIsRunning event");
this.WhenAnyValue(x => x.UserIsRunning)
.Do(x => Iface.UserIsRunning = x)
.Subscribe();
}
catch (Exception ex)
{
log.Error(" EasyHook Error: " + ex.Message);
log.Error(ex);
throw new PocketStrafeOutputDeviceException(ex.Message);
}
}
public static bool InjectDll(Controller cont)
{
try
{
RemoteHooking.IpcCreateServer <RemoteMonitor>(ref ChannelName, WellKnownObjectMode.SingleCall);
var processId = -1;
foreach (var p in Process.GetProcessesByName("PokerStars"))
{
processId = p.Id;
break;
}
if (processId == -1)
{
Console.WriteLine("No PokerStars.exe process running");
Console.ReadLine();
}
RemoteHooking.Inject(processId, InjectionOptions.DoNotRequireStrongName, DllPath, DllPath, ChannelName);
return(true);
}
catch (Exception ex)
{
cont.Log.Error($"Error: {ex}");
cont.InjectorErrorMessage = ex.Message;
return(false);
}
}
static void Main(string[] args)
{
try
{
// only needed if we want to register our binaries in the GAC
// since version 3.7 EasyHook can do it without
//Config.Register( "Message hook for AO.", "AO.Hook.Example.exe", "AO.Hook.dll" );
RemoteHooking.IpcCreateServer <HookInterface>(ref _channelName, WellKnownObjectMode.SingleCall);
string hookLib = Path.Combine(Path.GetDirectoryName(System.Reflection.Assembly.GetExecutingAssembly().Location), "AO.Hook.dll");
Process[] processes = Process.GetProcessesByName("AnarchyOnline");
foreach (Process process in processes)
{
RemoteHooking.Inject(process.Id, InjectionOptions.DoNotRequireStrongName, hookLib, hookLib, _channelName);
}
Console.ReadLine();
}
catch (Exception e)
{
Console.WriteLine("Error: Can't connect to target: " + e.ToString());
Console.ReadLine();
}
}
/// <summary>
/// Injects our payload into the process
/// </summary>
/// <param name="process">the process</param>
/// <param name="injectionLibrary">the payload lib</param>
/// <param name="passParams">Parameters to be passed</param>
/// <returns>Did work correctly?</returns>
public static bool InjectPayload(Process process, string injectionLibrary, params object[] passParams)
{
string channelName = null;
// Create IPC server
RemoteHooking.IpcCreateServer <InjectorInterface>(ref channelName, WellKnownObjectMode.Singleton);
// Get our payload library path
try
{
//Config.Register("ElertanCheatBase",
// Payload.Core.AssemblyPath,
// injectionLibrary);
// Inject payload
RemoteHooking.Inject(
process.Id, // ID of process to inject into
injectionLibrary, // 32-bit library to inject (if target is 32-bit)
injectionLibrary, // 64-bit library to inject (if target is 64-bit)
channelName
// the parameters to pass into injected library
);
return(true);
}
catch (Exception ex)
{
return(false);
}
}
public void Attach(int aProcessId)
{
try
{
_xinputHookServer = RemoteHooking.IpcCreateServer <GHRXInputModInterface.GHRXInputModInterface>(
ref _channelName,
WellKnownObjectMode.Singleton);
var dllFile = System.IO.Path.Combine(
System.IO.Path.GetDirectoryName(typeof(GHRXInputModPayload.GHRXInputModPayload).Assembly.Location),
"GHRXInputModPayload.dll");
_log.Info($"Beginning process injection on {aProcessId}...");
_log.Info($"Injecting DLL {dllFile}");
RemoteHooking.Inject(
aProcessId,
InjectionOptions.Default,
dllFile,
dllFile,
// the optional parameter list...
_channelName);
_log.Info($"Finished process injection on {aProcessId}...");
}
catch (Exception ex)
{
Detach();
_log.Error(ex);
}
}
async void ProcessWatcher_ProcessStarted(object sender, ProcessStartedEventArgument e)
{
if (!SuspiciousProcesses.Contains(e.ProcessName))
{
return;
}
logger.Information($"Injecting keyboard override library into process {e.ProcessName}.");
var injectedLibraryName = GetInjectedLibraryName();
string channelName = null;
RemoteHooking.IpcCreateServer(
ref channelName,
WellKnownObjectMode.SingleCall,
communicator,
WellKnownSidType.WorldSid);
await Task.Delay(1000);
RemoteHooking.Inject(
e.ProcessId,
injectedLibraryName,
injectedLibraryName,
channelName);
logger.Information($"Keyboard override library successfully injected.");
}
public void HookCursorAtStartUp(string exePath)
{
#if DEBUG
string channelName = null;
// DEBUG 时创建 IPC server
RemoteHooking.IpcCreateServer <ServerInterface>(ref channelName, WellKnownObjectMode.Singleton);
#endif
// 获取 CursorHook.dll 的绝对路径
string injectionLibrary = Path.Combine(
Path.GetDirectoryName(Assembly.GetExecutingAssembly().Location),
"CursorHook.dll"
);
try {
EasyHook.RemoteHooking.CreateAndInject(
exePath, // 可执行文件路径
"", // 命令行参数
0, // 传递给 CreateProcess 的标志
injectionLibrary, // 32 位 DLL
injectionLibrary, // 64 位 DLL
out int _ // 忽略进程 ID
// 下面为传递给注入 DLL 的参数
#if DEBUG
, channelName
#endif
);
} catch (Exception e) {
Console.WriteLine("CursorHook 注入失败:" + e.Message);
}
}
private static void Main(string[] args)
{
AppDomain.CurrentDomain.ProcessExit += CurrentDomain_ProcessExit;
Process process = null;
while (process == null)
{
process = Process.GetProcessesByName("Warframe.x64").FirstOrDefault();
}
string channelName = null;
string libraryPath = "WfDx.dll";
RemoteHooking.IpcCreateServer <ServerInterface>(ref channelName, WellKnownObjectMode.Singleton);
client = RemoteHooking.IpcConnectClient <ServerInterface>(channelName);
try
{
RemoteHooking.Inject(process.Id, libraryPath, libraryPath, channelName);
Console.ReadLine();
client.RunLibrary = false;
}
catch (Exception e)
{
Console.WriteLine($"Something goes wrong {e}");
}
}
/// <summary>
/// Injects enabled hooks to the desired process id
/// </summary>
public static string Inject(int processId, BridgeEventType enabledHooks = (BridgeEventType)uint.MaxValue)
{
string channelName = null;
Console.WriteLine("Injecting to {0}!", processId);
try
{
// Register assemblies to the GAC
Config.Register(
"AOHook library by Demoder",
"Demoder.AoHookBridge.dll"
);
RemoteHooking.IpcCreateServer <HookInterface>(
ref channelName,
WellKnownObjectMode.SingleCall);
RemoteHooking.Inject(
processId,
"Demoder.AoHookBridge.dll",
"Demoder.AoHookBridge.dll",
channelName,
enabledHooks,
processId);
return(channelName);
}
catch (Exception ex)
{
Console.WriteLine("Injector::Inject: Exception:");
Console.WriteLine(ex.ToString());
}
return(null);
}
private bool InstallHookInternal(int processId)
{
try
{
var parameter = new HookParameter
{
Msg = "已经成功注入目标进程",
HostProcessId = RemoteHooking.GetCurrentProcessId()
};
serverInterface = new HookServer();
string channelName = null;
RemoteHooking.IpcCreateServer <HookServer>(ref channelName, System.Runtime.Remoting.WellKnownObjectMode.Singleton, serverInterface);
RemoteHooking.Inject(
processId,
InjectionOptions.Default,
typeof(HookParameter).Assembly.Location,
typeof(HookParameter).Assembly.Location,
channelName,
parameter
);
}
catch (Exception ex)
{
Debug.Print(ex.ToString());
return(false);
}
injectButton.Enabled = false;
deattachBtn.Enabled = true;
return(true);
}
static void Main(string[] args)
{
try
{
Config.Register("XInput hook", "XInputEmu.exe", "XInputHook.dll");
RemoteHooking.IpcCreateServer <XInputHookInterface>(ref ChannelName, WellKnownObjectMode.SingleCall);
int pid;
if (args.Length == 1)
{
pid = Int32.Parse(args[0]);
}
else
{
Process[] processes = Process.GetProcessesByName("DARKSOULS");
pid = processes[0].Id;
}
RemoteHooking.Inject(pid, "XInputHook.dll", "XInputHook.dll", ChannelName);
Console.ReadLine();
}
catch (Exception e)
{
Console.WriteLine("caught exception {0}", e.ToString());
}
}
/// <summary>
/// Injects the hook into the specified process
/// </summary>
/// <param name="process">The process to inject into</param>
public void Inject(Process process)
{
// Skip if the process is already hooked, or if there is no main window
if (this.GraphicsInterface != null || this.SpeedHackInterface != null || (process == null || process.MainWindowHandle == IntPtr.Zero))
{
return;
}
String projectDirectory = Path.GetDirectoryName(ProjectExplorerViewModel.GetInstance().ProjectFilePath);
String channelName = null;
this.GraphicsInterface = GraphicsFactory.GetGraphicsInterface(projectDirectory);
this.SpeedHackInterface = new SpeedHackInterface();
// Initialize the IPC server, giving the server access to the interfaces defined here
RemoteHooking.IpcCreateServer <HookClient>(ref channelName, WellKnownObjectMode.Singleton, this);
try
{
// Inject DLL into target process
RemoteHooking.Inject(
process.Id,
InjectionOptions.Default,
typeof(HookClient).Assembly.Location,
typeof(HookClient).Assembly.Location,
channelName,
projectDirectory);
}
catch (Exception ex)
{
throw new Exception("Unable to Inject:" + ex);
}
}
/// <summary>
/// Injects enabled hooks to the desired process id
/// </summary>
public static string Inject(int processId, BridgeEventType enabledHooks = (BridgeEventType)uint.MaxValue)
{
Debug.WriteLine("Injecting to {0}", processId);
string channelName = null;
try
{
//Config.Register("AOHook library by Demoder", typeof(AoHookBridge.HookInterface).Assembly.Location);
//Config.Register("AOHook library by Demoder", System.Reflection.Assembly.GetEntryAssembly().Location + "\\AoHookBridge.dll");
RemoteHooking.IpcCreateServer <HookInterface>(ref channelName, WellKnownObjectMode.SingleCall);
RemoteHooking.Inject(
processId,
InjectionOptions.DoNotRequireStrongName,
AppDomain.CurrentDomain.BaseDirectory + "\\AoHookBridge.dll",
AppDomain.CurrentDomain.BaseDirectory + "\\AoHookBridge.dll",
channelName,
enabledHooks,
processId
);
return(channelName);
}
catch (Exception ex)
{
Debug.WriteLine("Injection failed: " + ex.ToString());
}
return(null);
}
public void Run(RemoteHooking.IContext InContext, string ChannelName)
{
LogMessage("LUAHost Run");
try
{
string outChannelName = null;
IpcServerChannel ipcLogChannel = RemoteHooking.IpcCreateServer <IPCInterface>(ref outChannelName,
WellKnownObjectMode.
Singleton);
//notify client of channel creation via logger
Logger.InjectedDLLChannelName = outChannelName;
LogMessage("LUAHost Run (NativeAPI.RhWakeUpProcess)");
NativeAPI.RhWakeUpProcess();
while (true)
{
Thread.Sleep(100);
}
}
catch (Exception e)
{
LogMessage(string.Format("LUAHost Run(Exception) {0}", e.Message));
}
}
private void hook_Click(object sender, RoutedEventArgs e)
{
String ChannelName = null;
Int32 TargetPID = 0;
Process[] procs = Process.GetProcessesByName("exefile");
if (procs.Length == 0)
{
Log.log("Could not find EVE (exefile.exe)");
return;
}
try
{
TargetPID = procs[0].Id;
RemoteHooking.IpcCreateServer <HookInterface>(ref ChannelName, WellKnownObjectMode.SingleCall);
string injectionLibrary = Path.Combine(Path.GetDirectoryName(System.Reflection.Assembly.GetExecutingAssembly().Location), "HookInject.dll");
RemoteHooking.Inject(
TargetPID,
injectionLibrary,
injectionLibrary,
ChannelName);
// SharedCache\tq
var path = Path.GetDirectoryName(Path.GetDirectoryName(procs[0].MainModule.FileName));
var pyPath = path + "\\code.ccp;" + path + "\\bin64";
// Copy object DB
var dbFile = "mapObjects.db";
var dbPath = path + "\\bin64\\staticdata\\" + dbFile;
if (!File.Exists(dbFile) || File.GetLastWriteTime(dbFile) != File.GetLastWriteTime(dbPath))
{
File.Copy(dbPath, dbFile, true);
}
// Load Python
var pyDll = LoadLibrary(path + "\\bin64\\python27.dll");
if (pyDll != IntPtr.Zero)
{
var Py_GetPathWData = GetProcAddress(pyDll, "Py_GetPathWData");
var rawPath = Marshal.AllocHGlobal(pyPath.Length * 2 + 2);
var pathBytes = Encoding.Unicode.GetBytes(pyPath);
Marshal.Copy(pathBytes, 0, rawPath, pathBytes.Length);
Marshal.WriteIntPtr(Py_GetPathWData, rawPath);
pythonLoaded = true;
}
else
{
Log.log("Failed to load " + path + "\\bin64\\python27.dll");
}
}
catch (Exception ExtInfo)
{
Log.log("-- error while connecting to target --");
Log.log(ExtInfo.ToString(), false);
Log.log("-- /error while connecting to target --");
}
}
/// <summary>
/// Executes VB6. The VB6 log output is written to the specified writer.
/// </summary>
public int Execute(TextWriter writer)
{
Prepare();
if (File.Exists(log))
{
File.Delete(log);
}
// generate new channel to call back into parent
string channelName = null;
RemoteHooking.IpcCreateServer <RemoteExecutor>(ref channelName, WellKnownObjectMode.Singleton, this);
// spawn VB6 process
RemoteHooking.CreateAndInject(
Exe,
BuildArgs(),
0,
InjectionOptions.DoNotRequireStrongName,
typeof(RemoteEntryPoint).Assembly.Location,
typeof(RemoteEntryPoint).Assembly.Location,
out var pid,
channelName);
// wait for exit of process
var prc = Process.GetProcessById(pid);
while (prc != null && !prc.HasExited)
{
prc.WaitForExit(500);
}
// copy output to writer
if (writer != null)
{
if (File.Exists(log))
{
using (var l = new StreamReader(File.OpenRead(log)))
while (l.ReadLine() is string s)
{
writer.WriteLine(s);
}
}
}
try
{
if (File.Exists(log))
{
File.Delete(log);
}
}
catch
{
}
return((int)exitCode);
}
public static void Setup()
{
// Reset the channel name.
ChannelName = null;
// Start an Ipc server for the DLL to connect to.
InjectionServer = RemoteHooking.IpcCreateServer <ChatInterface>(ref ChannelName, WellKnownObjectMode.Singleton);
}