Exemplo n.º 1
0
        static void Main(string[] args)
        {
            var strPid = args.Length > 0 ? args[0] : null;

            if (int.TryParse(strPid, out int pid))
            {
                RemoteExcuteAPI.InjectDLL(pid, InjectNativeDll);
                ProcessAPI.LoadLibrary(InjectNativeDll);
                var module      = ProcessAPI.GetProcessModule(Process.GetCurrentProcess().Id).First(m => m.ModuleName == InjectNativeDll);
                var startProc   = ProcessAPI.GetProcAddress(module.BaseAddress, "Start") - (int)module.BaseAddress;
                var remotModule = ProcessAPI.GetProcessModule(pid).First(m => m.ModuleName == InjectNativeDll);
                RemoteExcuteAPI.ExcuteRemoteFunction(pid, remotModule.BaseAddress + (int)startProc, Encoding.Unicode.GetBytes(Directory.GetCurrentDirectory() + "\\" + InjectSharpDll));
            }
        }
Exemplo n.º 2
0
        static IntPtr GetParamAddress(IntPtr hndProc)
        {
            var assemblyPath     = $"{Directory.GetCurrentDirectory()}\\{InjectSharpDll}";
            var className        = "SharpLib.Main";
            var staticMethodName = "Start";
            var argument         = "CLR Started!";
            var param            = new LoadClrLibraryParam
            {
                AssemblyPath     = RemoteExcuteAPI.CopyToRemoteMemory(hndProc, Encoding.Unicode.GetBytes(assemblyPath)),
                ClassName        = RemoteExcuteAPI.CopyToRemoteMemory(hndProc, Encoding.Unicode.GetBytes(className)),
                StaticMethodName = RemoteExcuteAPI.CopyToRemoteMemory(hndProc, Encoding.Unicode.GetBytes(staticMethodName)),
                Argument         = RemoteExcuteAPI.CopyToRemoteMemory(hndProc, Encoding.Unicode.GetBytes(argument))
            };

            return(RemoteExcuteAPI.CopyToRemoteMemory(hndProc, param));
        }
Exemplo n.º 3
0
        static void Main(string[] args)
        {
            var pid = Process.GetProcessesByName("DemoWinFormApp").First().Id;

            if (!File.Exists(InjectNativeDll))
            {
                Console.WriteLine($"{InjectNativeDll} not exists!");
                return;
            }
            ProcessAPI.LoadLibrary(InjectNativeDll);
            var module = ProcessAPI.GetProcessModule(Process.GetCurrentProcess().Id).FirstOrDefault(m => m.ModuleName == InjectNativeDll);

            if (module == null)
            {
                Console.WriteLine("locale native dll load failed!");
                return;
            }
            var startProc = ProcessAPI.GetProcAddress(module.BaseAddress, "LoadClrLibrary") - (int)module.BaseAddress;

            RemoteExcuteAPI.InjectDLL(pid, Directory.GetCurrentDirectory() + "\\" + InjectNativeDll);
            WindowsApi.ProcessModule remotModule = null;
            for (int i = 0; i < 10 && remotModule == null; i++)
            {
                remotModule = ProcessAPI.GetProcessModule(pid).FirstOrDefault(m => m.ModuleName == InjectNativeDll);
                if (remotModule == null)
                {
                    Thread.Sleep(100);
                }
            }
            if (remotModule == null)
            {
                Console.WriteLine("remote native dll load failed!");
                return;
            }
            if (!RemoteExcuteAPI.ExcuteRemoteFunction(pid, remotModule.BaseAddress + (int)startProc, GetParamAddress))
            {
                Console.WriteLine("excute remote function failed!");
            }
        }