public void UnloadAndCloseAssembly(InjectionConfig config, string method) { if (!string.IsNullOrEmpty(method)) { IntPtr image, klass, imethod; if ((image = GetImageFromAssembly(config.AssemblyPointer)) == IntPtr.Zero) { OnError("GetImageFromAssembly returned 0"); } else { if ((klass = GetClassFromName(image, config.Namespace, config.Class)) == IntPtr.Zero) { OnError("GetClassFromName returned 0"); } else { if ((imethod = GetMethodFromName(klass, method)) == IntPtr.Zero) { OnError("GetMethodFromName returned 0"); } else { if (RuntimeInvoke(imethod) != 0) { OnError($"Execution of {method} failed"); } } } } } CloseAssembly(config); }
private void btnEject_Click(object sender, EventArgs e) { InjectionConfig config = (InjectionConfig)lstInjected.SelectedItem; if (config != null) { string unloadMethod = txtUnload.Text; Injector.Instance.UnloadAndCloseAssembly( config, unloadMethod != "Unload method name" ? unloadMethod : null); lstInjected.Items.Remove(config); } }
private void OnError(string msg, InjectionConfig cfg = null) { /* If an injection attempt fails after the assembly was loaded, * it needs to be closed. Otherwise the next injection will cause * a crash since the assembly is already loaded */ if (cfg != null && cfg.AssemblyPointer != IntPtr.Zero) { CloseAssembly(cfg); } Error?.Invoke(msg); }
private void CloseAssembly(InjectionConfig config) { IntPtr addr = target.ModuleFactory["mono.dll"]["mono_assembly_close"].BaseAddress; if (addr != IntPtr.Zero) { factory.Execute(addr, CallingConventions.Cdecl, config.AssemblyPointer); SuccessfulEjection?.Invoke(config); return; } OnError("Could not find mono_assembly_close"); }
private void OnSuccessfulEjection(InjectionConfig config) { lstInjected.Items.Remove(config); }
private void OnSuccessfulInjection(InjectionConfig config) { lstInjected.Items.Add(config); }
public void Inject(InjectionConfig config) { Setup(config.Process); threadAttach = target.ModuleFactory["mono.dll"]["mono_thread_attach"].BaseAddress; if (threadAttach == IntPtr.Zero) { OnError("Could not find mono_thread_attach"); return; } IntPtr rawImage, image, iklass, imethod; if ((rootDomain = GetRootDomain()) == IntPtr.Zero) { OnError("GetRootDomain returned 0"); return; } if ((rawImage = OpenImageFromData(config.Assembly)) == IntPtr.Zero) { OnError("OpenImageFromData returned 0"); return; } /* From this point on, the threads created by AssemblyFactory.Execute * will have to be registered with the Mono runtime since we * are accessing Mono objects. Otherwise the target process crashes. */ attach = true; if ((config.AssemblyPointer = OpenAssemblyFromImage(rawImage)) == IntPtr.Zero) { OnError("OpenAssemblyFromImage returned 0", config); return; } if ((image = GetImageFromAssembly(config.AssemblyPointer)) == IntPtr.Zero) { OnError("GetImageFromAssembly returned 0", config); return; } if ((iklass = GetClassFromName(image, config.Namespace, config.Class)) == IntPtr.Zero) { OnError("GetClassFromName returned 0", config); return; } if ((imethod = GetMethodFromName(iklass, config.Method)) == IntPtr.Zero) { OnError("GetMethodFromName returned 0", config); return; } if (RuntimeInvoke(imethod) == 0) { SuccessfulInjection?.Invoke(config); } else { OnError($"Execution of {config.Method} failed", config); } }