/// <summary> /// Inject and load the CoreHook hooking module <paramref name="injectionLibrary"/> /// in the existing created process referenced by <paramref name="processId"/>. /// </summary> /// <param name="processId">The target process ID to inject and load plugin into.</param> /// <param name="injectionLibrary">The path of the plugin that is loaded into the target process.</param> /// <param name="injectionPipeName">The pipe name which receives messages during the plugin initialization stage.</param> private static void InjectDllIntoTarget( int processId, string injectionLibrary, string injectionPipeName = InjectionPipeName) { ValidateFilePath(injectionLibrary); if (Examples.Common.ModulesPathHelper.GetCoreLoadPaths( ProcessHelper.GetProcessById(processId).Is64Bit(), out NativeModulesConfiguration nativeConfig) && Examples.Common.ModulesPathHelper.GetCoreLoadModulePath( out string coreLoadLibrary)) { RemoteInjector.Inject( processId, new RemoteInjectorConfiguration(nativeConfig) { InjectionPipeName = injectionPipeName, ClrBootstrapLibrary = coreLoadLibrary, PayloadLibrary = injectionLibrary, VerboseLog = HostVerboseLog }, PipePlatform, CoreHookPipeName); } }
/// <summary> /// Start the application at <paramref name="exePath"/> /// and then inject and load the CoreHook hooking module <paramref name="injectionLibrary"/> /// in the newly created process. /// </summary> /// <param name="exePath">The path to the application to be launched.</param> /// <param name="injectionLibrary">The path of the plugin to be loaded in the target process.</param> /// <param name="injectionPipeName">The pipe name which receives messages during the plugin initialization stage.</param> private static void CreateAndInjectDll( string exePath, string injectionLibrary, string injectionPipeName = InjectionPipeName) { ValidateFilePath(injectionLibrary); if (Examples.Common.ModulesPathHelper.GetCoreLoadPaths( false, out NativeModulesConfiguration config32) && Examples.Common.ModulesPathHelper.GetCoreLoadPaths( true, out NativeModulesConfiguration config64) && Examples.Common.ModulesPathHelper.GetCoreLoadModulePath( out string coreLoadLibrary)) { RemoteInjector.CreateAndInject( new ProcessCreationConfiguration { ExecutablePath = exePath, CommandLine = null, ProcessCreationFlags = 0x00 }, config32, config64, new RemoteInjectorConfiguration { ClrBootstrapLibrary = coreLoadLibrary, InjectionPipeName = injectionPipeName, PayloadLibrary = injectionLibrary, VerboseLog = HostVerboseLog }, PipePlatform, out _, CoreHookPipeName); } }
internal static void InjectDllIntoTarget( Process target, string injectionLibrary, string injectionPipeName, params object[] remoteArguments ) { if (Examples.Common.ModulesPathHelper.GetCoreLoadPaths( target.Is64Bit(), out NativeModulesConfiguration nativeConfig) && Examples.Common.ModulesPathHelper.GetCoreLoadModulePath( out string coreLoadLibrary)) { RemoteInjector.Inject( target.Id, new RemoteInjectorConfiguration(nativeConfig) { InjectionPipeName = injectionPipeName, ClrBootstrapLibrary = coreLoadLibrary, PayloadLibrary = injectionLibrary, VerboseLog = false }, new PipePlatformBase(), remoteArguments); } }
/// <summary> /// Inject and load the CoreHook hooking module <paramref name="injectionLibrary"/> /// in the existing created process referenced by <paramref name="processId"/>. /// </summary> /// <param name="processId">The target process ID to inject and load plugin into.</param> /// <param name="injectionLibrary">The path of the plugin that is loaded into the target process.</param> /// <param name="injectionPipeName">The pipe name which receives messages during the plugin initialization stage.</param> private static void InjectDllIntoTarget( int processId, string injectionLibrary, string injectionPipeName = InjectionPipeName) { if (Examples.Common.ModulesPathHelper.GetCoreLoadPaths( ProcessHelper.GetProcessById(processId).Is64Bit(), out NativeModulesConfiguration nativeConfig) && Examples.Common.ModulesPathHelper.GetCoreLoadModulePath( out string coreLoadLibrary)) { // Make sure the native dll modules can be accessed by the UWP application GrantAllAppPackagesAccessToFile(nativeConfig.HostLibrary); GrantAllAppPackagesAccessToFile(nativeConfig.DetourLibrary); RemoteInjector.Inject( processId, new RemoteInjectorConfiguration(nativeConfig) { InjectionPipeName = injectionPipeName, ClrBootstrapLibrary = coreLoadLibrary, PayloadLibrary = injectionLibrary, VerboseLog = HostVerboseLog }, PipePlatform, CoreHookPipeName); } }
public static void Main(string[] args) { int targetPid; string targetExe; ConsoleAsker.GetTargetExeOrPid(args, out targetExe, out targetPid); try { var dllToInject = "CreateFileHookLib.dll"; var notifyClient = new NotifyClient(); var formattableString = RemoteInjector.InjectDll(dllToInject, targetExe, ref targetPid, out _channelName, notifyClient); if (!string.IsNullOrEmpty(formattableString)) { Console.WriteLine(formattableString); } Console.WriteLine("<Press any key to exit>"); Console.ReadKey(); } catch (Exception extInfo) { Console.WriteLine("There was an error while connecting to target:\r\n{0}", extInfo); Console.WriteLine("<Press any key to exit>"); Console.ReadKey(); } }
public static void CreateProcessWHooker_ProcessCreated(object sender, HookedEventArgs e) { var processId = Convert.ToInt32(e.Entries["DwProcessId"]); Console.WriteLine($"Process ID (PID): {processId}"); Console.WriteLine($"Process Handle: {e.Entries["HProcess"]}"); Console.WriteLine("Process Thread : " + e.Entries["HThread"]); IntPtr threadHandle = (IntPtr)e.Entries["HThread"]; var dllToInject = _dllWithHook; var notifyClient = new NotifyClient(); string channelName; var formattableString = RemoteInjector.InjectDll(dllToInject, "", ref processId, out channelName, notifyClient); if (!string.IsNullOrEmpty(formattableString)) { Console.WriteLine(formattableString); } }