예제 #1
0
        /// <summary>
        /// Inject and load the CoreHook hooking module <paramref name="injectionLibrary"/>
        /// in the existing created process referenced by <paramref name="processId"/>.
        /// </summary>
        /// <param name="processId">The target process ID to inject and load plugin into.</param>
        /// <param name="injectionLibrary">The path of the plugin that is loaded into the target process.</param>
        /// <param name="injectionPipeName">The pipe name which receives messages during the plugin initialization stage.</param>
        private static void InjectDllIntoTarget(
            int processId,
            string injectionLibrary,
            string injectionPipeName = InjectionPipeName)
        {
            ValidateFilePath(injectionLibrary);

            if (Examples.Common.ModulesPathHelper.GetCoreLoadPaths(
                    ProcessHelper.GetProcessById(processId).Is64Bit(),
                    out NativeModulesConfiguration nativeConfig) &&
                Examples.Common.ModulesPathHelper.GetCoreLoadModulePath(
                    out string coreLoadLibrary))
            {
                RemoteInjector.Inject(
                    processId,
                    new RemoteInjectorConfiguration(nativeConfig)
                {
                    InjectionPipeName   = injectionPipeName,
                    ClrBootstrapLibrary = coreLoadLibrary,
                    PayloadLibrary      = injectionLibrary,
                    VerboseLog          = HostVerboseLog
                },
                    PipePlatform,
                    CoreHookPipeName);
            }
        }
예제 #2
0
        /// <summary>
        /// Start the application at <paramref name="exePath"/>
        /// and then inject and load the CoreHook hooking module <paramref name="injectionLibrary"/>
        /// in the newly created process.
        /// </summary>
        /// <param name="exePath">The path to the application to be launched.</param>
        /// <param name="injectionLibrary">The path of the plugin to be loaded in the target process.</param>
        /// <param name="injectionPipeName">The pipe name which receives messages during the plugin initialization stage.</param>
        private static void CreateAndInjectDll(
            string exePath,
            string injectionLibrary,
            string injectionPipeName = InjectionPipeName)
        {
            ValidateFilePath(injectionLibrary);

            if (Examples.Common.ModulesPathHelper.GetCoreLoadPaths(
                    false, out NativeModulesConfiguration config32) &&
                Examples.Common.ModulesPathHelper.GetCoreLoadPaths(
                    true, out NativeModulesConfiguration config64) &&
                Examples.Common.ModulesPathHelper.GetCoreLoadModulePath(
                    out string coreLoadLibrary))
            {
                RemoteInjector.CreateAndInject(
                    new ProcessCreationConfiguration
                {
                    ExecutablePath       = exePath,
                    CommandLine          = null,
                    ProcessCreationFlags = 0x00
                },
                    config32,
                    config64,
                    new RemoteInjectorConfiguration
                {
                    ClrBootstrapLibrary = coreLoadLibrary,
                    InjectionPipeName   = injectionPipeName,
                    PayloadLibrary      = injectionLibrary,
                    VerboseLog          = HostVerboseLog
                },
                    PipePlatform,
                    out _,
                    CoreHookPipeName);
            }
        }
예제 #3
0
 internal static void InjectDllIntoTarget(
     Process target,
     string injectionLibrary,
     string injectionPipeName,
     params object[] remoteArguments
     )
 {
     if (Examples.Common.ModulesPathHelper.GetCoreLoadPaths(
             target.Is64Bit(), out NativeModulesConfiguration nativeConfig) &&
         Examples.Common.ModulesPathHelper.GetCoreLoadModulePath(
             out string coreLoadLibrary))
     {
         RemoteInjector.Inject(
             target.Id,
             new RemoteInjectorConfiguration(nativeConfig)
         {
             InjectionPipeName   = injectionPipeName,
             ClrBootstrapLibrary = coreLoadLibrary,
             PayloadLibrary      = injectionLibrary,
             VerboseLog          = false
         },
             new PipePlatformBase(),
             remoteArguments);
     }
 }
예제 #4
0
파일: Program.cs 프로젝트: illumen/CoreHook
        /// <summary>
        /// Inject and load the CoreHook hooking module <paramref name="injectionLibrary"/>
        /// in the existing created process referenced by <paramref name="processId"/>.
        /// </summary>
        /// <param name="processId">The target process ID to inject and load plugin into.</param>
        /// <param name="injectionLibrary">The path of the plugin that is loaded into the target process.</param>
        /// <param name="injectionPipeName">The pipe name which receives messages during the plugin initialization stage.</param>
        private static void InjectDllIntoTarget(
            int processId,
            string injectionLibrary,
            string injectionPipeName = InjectionPipeName)
        {
            if (Examples.Common.ModulesPathHelper.GetCoreLoadPaths(
                    ProcessHelper.GetProcessById(processId).Is64Bit(),
                    out NativeModulesConfiguration nativeConfig) &&
                Examples.Common.ModulesPathHelper.GetCoreLoadModulePath(
                    out string coreLoadLibrary))
            {
                // Make sure the native dll modules can be accessed by the UWP application
                GrantAllAppPackagesAccessToFile(nativeConfig.HostLibrary);
                GrantAllAppPackagesAccessToFile(nativeConfig.DetourLibrary);

                RemoteInjector.Inject(
                    processId,
                    new RemoteInjectorConfiguration(nativeConfig)
                {
                    InjectionPipeName   = injectionPipeName,
                    ClrBootstrapLibrary = coreLoadLibrary,
                    PayloadLibrary      = injectionLibrary,
                    VerboseLog          = HostVerboseLog
                },
                    PipePlatform,
                    CoreHookPipeName);
            }
        }
예제 #5
0
        public static void Main(string[] args)
        {
            int    targetPid;
            string targetExe;

            ConsoleAsker.GetTargetExeOrPid(args, out targetExe, out targetPid);

            try
            {
                var dllToInject       = "CreateFileHookLib.dll";
                var notifyClient      = new NotifyClient();
                var formattableString = RemoteInjector.InjectDll(dllToInject, targetExe, ref targetPid, out _channelName, notifyClient);
                if (!string.IsNullOrEmpty(formattableString))
                {
                    Console.WriteLine(formattableString);
                }
                Console.WriteLine("<Press any key to exit>");
                Console.ReadKey();
            }
            catch (Exception extInfo)
            {
                Console.WriteLine("There was an error while connecting to target:\r\n{0}", extInfo);
                Console.WriteLine("<Press any key to exit>");
                Console.ReadKey();
            }
        }
예제 #6
0
        public static void CreateProcessWHooker_ProcessCreated(object sender, HookedEventArgs e)
        {
            var processId = Convert.ToInt32(e.Entries["DwProcessId"]);

            Console.WriteLine($"Process ID (PID): {processId}");
            Console.WriteLine($"Process Handle: {e.Entries["HProcess"]}");
            Console.WriteLine("Process Thread : " + e.Entries["HThread"]);
            IntPtr threadHandle = (IntPtr)e.Entries["HThread"];
            var    dllToInject  = _dllWithHook;
            var    notifyClient = new NotifyClient();
            string channelName;
            var    formattableString =
                RemoteInjector.InjectDll(dllToInject, "", ref processId, out channelName, notifyClient);

            if (!string.IsNullOrEmpty(formattableString))
            {
                Console.WriteLine(formattableString);
            }
        }