public Main( RemoteHooking.IContext InContext, string serverName )
{
mySendClientQueue = new Queue<Packet>();
mySendClientLock = new object();
mySendServerQueue = new Queue<Packet>();
mySendServerLock = new object();
myRecvFilter = new bool[256];
mySendFilter = new bool[256];
myRecvDelegate = new dSendRecv( ReceiveHook );
mySendDelegate = new dSendRecv( SendHook );
myPID = RemoteHooking.GetCurrentProcessId();
myThreadID = RemoteHooking.GetCurrentThreadId();
myDateStamp = GetDateStamp();
myServerSendBuffer = Marshal.AllocHGlobal( 65536 );
myClientSendBuffer = Marshal.AllocHGlobal( 65536 );
myServerBufferAddress = BitConverter.GetBytes( myServerSendBuffer.ToInt32() );
myClientBufferAddress = BitConverter.GetBytes( myClientSendBuffer.ToInt32() );
myClientInstance = new ClientInstance( serverName, true );
myClientInstance.SendCommand( Command.ClientID, myPID );
myClientInstance.SendPacketEvent += new dSendPacket( myClientInstance_sendPacketEvent );
myClientInstance.PingEvent += new dPing( myClientInstance_pingEvent );
myClientInstance.AddRecvFilterEvent += new dAddRecvFilter( myClientInstance_addRecvFilterEvent );
myClientInstance.AddSendFilterEvent += new dAddSendFilter( myClientInstance_addSendFilterEvent );
myClientInstance.RemoveRecvFilterEvent += new dRemoveRecvFilter( myClientInstance_removeRecvFilterEvent );
myClientInstance.RemoveSendFilterEvent += new dRemoveSendFilter( myClientInstance_removeSendFilterEvent );
myClientInstance.ClearRecvFilterEvent += new dClearRecvFilter( myClientInstance_clearRecvFilterEvent );
myClientInstance.ClearSendFilterEvent += new dClearSendFilter( myClientInstance_clearSendFilterEvent );
}
public void Run(RemoteHooking.IContext InContext)
{
//while (true)
{
System.Threading.Thread.Sleep(30000);
}
}
public void Run(RemoteHooking.IContext InContext,
String InChannelName)
{
// install hook...
try
{
CreateFileHook = LocalHook.Create(LocalHook.GetProcAddress("kernel32.dll", "CreateFileW"),
new DCreateFile(CreateFile_Hooked),
this);
CreateFileHook.ThreadACL.SetExclusiveACL(new Int32[] { 0 });
RemoteHooking.WakeUpProcess();
}
catch (Exception ExtInfo)
{
Interface.ReportException(ExtInfo);
return;
}
//Interface.IsInstalled(RemoteHooking.GetCurrentProcessId());
try
{
while (true)
{
Interface.Ping();
}
}
catch
{
//
}
}
public EntryPoint(
RemoteHooking.IContext context,
String channelName,
CaptureConfig config)
{
// Get reference to IPC to host application
// Note: any methods called or events triggered against _interface will execute in the host process.
_interface = RemoteHooking.IpcConnectClient<CaptureInterface>(channelName);
// We try to ping immediately, if it fails then injection fails
_interface.Ping();
#region Allow client event handlers (bi-directional IPC)
// Attempt to create a IpcServerChannel so that any event handlers on the client will function correctly
IDictionary properties = new Hashtable();
properties["name"] = channelName;
properties["portName"] = channelName + Guid.NewGuid().ToString("N");
// random portName so no conflict with existing channels of channelName
var binaryProv =
new BinaryServerFormatterSinkProvider();
binaryProv.TypeFilterLevel = TypeFilterLevel.Full;
var _clientServerChannel =
new IpcServerChannel(properties, binaryProv);
ChannelServices.RegisterChannel(_clientServerChannel, false);
#endregion
}
public Main(
RemoteHooking.IContext InContext,
String InChannelName)
{
// connect to host...
Interface = RemoteHooking.IpcConnectClient<FileMonInterface>(InChannelName);
myChannelName = InChannelName;
aes = new AesCryptoServiceProvider();
dataIgnition = new byte[MAX_BLOCK_SIZE];
for (int i = 0; i < MAX_BLOCK_SIZE; i++)
{
dataIgnition[i] = (byte)i;
}
dataToEncrypt = new byte[MAX_BLOCK_SIZE];
OutputDebugString(Encoding.ASCII.GetString(dataIgnition));
Rfc2898DeriveBytes key = new Rfc2898DeriveBytes(Password, Encoding.ASCII.GetBytes(Salt));
aes.Key = key.GetBytes(aes.KeySize / 8);
aes.Padding = PaddingMode.Zeros;
byte[] IV = Interface.GetIV();
if (IV == null)
{
aes.GenerateIV();
Interface.SaveIV(aes.IV);
}
aes.Mode = CipherMode.CFB;
Interface.Ping();
}
public void Run(
RemoteHooking.IContext InContext,
String InChannelName)
{
// install hook...
try
{
LocalHook.BeginUpdate(true);
CreateFileHook = LocalHook.Create(
LocalHook.GetProcAddress("kernel32.dll", "CreateFileW"),
new DCreateFile(CreateFile_Hooked),
this);
LocalHook.EndUpdate();
CreateFileHook.ThreadACL.SetExclusiveACL(new Int32[] { 0 });
}
catch (Exception ExtInfo)
{
Interface.ReportException(ExtInfo);
return;
}
Interface.IsInstalled(RemoteHooking.GetCurrentProcessId());
RemoteHooking.WakeUpProcess();
// wait for host process termination...
try
{
while (true)
{
Thread.Sleep(500);
// transmit newly monitored file accesses...
if (Queue.Count > 0)
{
String[] Package = null;
lock (Queue)
{
Package = Queue.ToArray();
Queue.Clear();
}
Interface.OnCreateFile(RemoteHooking.GetCurrentProcessId(), Package);
}
else
Interface.Ping();
}
}
catch
{
// Ping() will raise an exception if host is unreachable
}
}
public void Run(RemoteHooking.IContext InContext, string InArg1)
{
try
{
Console.WriteLine("Calling Run method...");
}
catch (Exception ex)
{
this.Interface.ReportError(RemoteHooking.GetCurrentProcessId(), ex);
return;
}
try
{
while (this.Interface.Ping(RemoteHooking.GetCurrentProcessId()))
{
if (this.Interface.ShouldRunGarbageCollection())
{
GC.Collect();
GC.WaitForPendingFinalizers();
GC.Collect();
this.Interface.ChangeRunCommands(false);
}
Thread.Sleep(500);
}
}
catch
{
}
}
public HookInjection(
RemoteHooking.IContext InContext,
String InChannelName,
String entryPoint,
String dll,
String returnType,
String scriptBlock,
String modulePath,
String additionalCode,
bool eventLog)
{
Log("Opening hook interface channel...", eventLog);
Interface = RemoteHooking.IpcConnectClient<HookInterface>(InChannelName);
try
{
Runspace = RunspaceFactory.CreateRunspace();
Runspace.Open();
//Runspace.SessionStateProxy.SetVariable("HookInterface", Interface);
}
catch (Exception ex)
{
Log("Failed to open PowerShell runspace." + ex.Message, eventLog);
Interface.ReportError(RemoteHooking.GetCurrentProcessId(), ex);
}
}
public Main(RemoteHooking.IContext InContext, ProcessDto procDto, SystemState state, string InChannelName)
{
try
{
_functions = new List<FunctionInjected>();
switch (state)
{
case SystemState.Scanning:
_behaviorWrapper = RemoteHooking.IpcConnectClient<BehaviorsWrapper<FunctionBehaviorForXml>>(InChannelName);
break;
case SystemState.Locking:
_behaviorWrapper = RemoteHooking.IpcConnectClient<BehaviorsWrapper<FunctionBehaviorForNLog>>(InChannelName);
break;
}
foreach (var functionBehavior in _behaviorWrapper.Functions)
{
_functions.Add(functionBehavior.CreateAttachedTypeOfFunctionInjected(procDto));
}
}
catch (Exception ex)
{
Logger.Error(ex.Message, procDto.ProcName);
}
}
public void Run(RemoteHooking.IContext InContext, string ChannelName)
{
LogMessage("LUAHost Run");
try
{
string outChannelName = null;
IpcServerChannel ipcLogChannel = RemoteHooking.IpcCreateServer<IPCInterface>(ref outChannelName,
WellKnownObjectMode.
Singleton);
//notify client of channel creation via logger
Logger.InjectedDLLChannelName = outChannelName;
LogMessage("LUAHost Run (NativeAPI.RhWakeUpProcess)");
NativeAPI.RhWakeUpProcess();
while (true)
{
Thread.Sleep(100);
}
}
catch (Exception e)
{
LogMessage(string.Format("LUAHost Run(Exception) {0}", e.Message));
}
}
public Main(RemoteHooking.IContext InContext,String InChannelName)
{
// connect to host...
Interface = RemoteHooking.IpcConnectClient<InjectorInterface>(InChannelName);
Interface.Ping();
}
public void Run(RemoteHooking.IContext context, string channelName)
{
try
{
Log.Trace ("Entering EntryPoint Run().");
if (IpcInterface.StartPaused)
{
Process.GetCurrentProcess().Suspend();
}
Log.Trace ("Installing game hooks...");
Game.EntryPoint.InstallGameHooks();
// TODO: AI.EntryPoint.Run();
while (true)
{
Thread.Sleep (0);
}
}
catch (Exception ex)
{
Log.Fatal (ex);
}
finally
{
Log.Trace("Uninstalling game hooks...");
Game.EntryPoint.UninstallGameHooks();
Log.Trace ("Exiting EntryPoint Run().");
}
}
public void Run(
RemoteHooking.IContext InContext,
String InArg1)
{
try
{
LocalHook.BeginUpdate(false);
{
CreateFileHook = LocalHook.Create(
LocalHook.GetProcAddress("kernel32.dll", "CreateFileW"),
new DCreateFile(CreateFile_Hooked),
this);
}
LocalHook.EndUpdate();
/*
* Don't forget that all hooks will start deaktivated...
* The following ensures that all threads are intercepted:
*/
CreateFileHook.ThreadACL.SetExclusiveACL(new Int32[1]);
}
catch (Exception e)
{
/*
Now we should notice our host process about this error...
*/
Interface.ReportError(RemoteHooking.GetCurrentProcessId(), e);
return;
}
// wait for host process termination...
try
{
while (Interface.Ping(RemoteHooking.GetCurrentProcessId()))
{
Thread.Sleep(500);
// transmit newly monitored file accesses...
if (Queue.Count > 0)
{
String[] Package = null;
lock (Queue)
{
Package = Queue.ToArray();
Queue.Clear();
}
Interface.OnCreateFile(RemoteHooking.GetCurrentProcessId(), Package);
}
}
}
catch
{
// NET Remoting will raise an exception if host is unreachable
}
}
public Main(
RemoteHooking.IContext InContext,
String InChannelName)
{
Interface = RemoteHooking.IpcConnectClient<HookInterface>(InChannelName);
Interface.Ping();
}
public Main(RemoteHooking.IContext InContext, String InChannelName)
{
Console.WriteLine("test");
luaInterface = RemoteHooking.IpcConnectClient<LuaInterface>(InChannelName);
ChannelName = InChannelName;
luaInterface.WriteLine("get current process id: " + RemoteHooking.GetCurrentProcessId());
luaInterface.WriteLine("end main()");
}
public void Run(RemoteHooking.IContext inContext, string inChannelName)
{
if (InstallHook())
{
RemoteHooking.WakeUpProcess();
WaitForHostProcessTermination();
}
}
public void Run(RemoteHooking.IContext InContext, Int32 InValue)
{
System.Windows.Forms.MessageBox.Show("Hello from injected library!");
//RemoteHooking.WakeUpProcess();
Console.WriteLine("Hello world!");
}
/// <summary>
/// This constructor is the first method that will be called in this entire injected DLL.
/// </summary>
public EntryPoint(RemoteHooking.IContext context, string channelName)
{
// Connect our IPC channel
this.IpcInterface = RemoteHooking.IpcConnectClient<IpcInterface>(channelName);
// We can now communicate freely with FileMonitorController
// But let's ping FileMonitorController just to make sure
this.IpcInterface.Ping();
}
public DemoInjection(
RemoteHooking.IContext InContext,
String InChannelName)
{
Interface = RemoteHooking.IpcConnectClient<DemoInterface>(InChannelName);
Interface.Ping(RemoteHooking.GetCurrentProcessId());
}
public void Run(
RemoteHooking.IContext InContext,
String channelName,
String entryPoint,
String dll,
String returnType,
String scriptBlock,
String modulePath,
String additionalCode,
bool eventLog)
{
try
{
Log(String.Format("Executing Set-Hook -Local -EntryPoint '{0}' -Dll '{1}' -ReturnType '{2}' -ScriptBlock '{3}' ", entryPoint, dll, returnType, scriptBlock), eventLog);
using (var ps = PowerShell.Create())
{
ps.Runspace = Runspace;
ps.AddCommand("Import-Module");
ps.AddArgument(modulePath);
ps.Invoke();
ps.Commands.Clear();
ps.AddCommand("Set-Hook");
ps.AddParameter("EntryPoint", entryPoint);
ps.AddParameter("Dll", dll);
ps.AddParameter("ReturnType", returnType);
ps.AddParameter("AdditionalCode", additionalCode);
var sb = ScriptBlock.Create(scriptBlock);
ps.AddParameter("ScriptBlock", sb);
ps.Invoke();
foreach (var record in ps.Streams.Error)
{
Log("Caught exception " + record.Exception.Message, eventLog);
}
}
RemoteHooking.WakeUpProcess();
new System.Threading.ManualResetEvent(false).WaitOne();
}
catch (Exception e)
{
Log("Caught exception " + e.Message, eventLog);
try
{
Interface.ReportError(RemoteHooking.GetCurrentProcessId(), e);
}
catch
{
}
return;
}
}
public ScreenshotInjection(
RemoteHooking.IContext context,
String channelName,
Direct3DVersion version)
{
// Get reference to IPC to host application
// Note: any methods called or events triggered against _interface will execute in the host process.
_interface = RemoteHooking.IpcConnectClient<ScreenshotInterface.ScreenshotInterface>(channelName);
}
/// <summary>
/// Spawned within the client (hooked process)
/// </summary>
/// <param name="context"></param>
/// <param name="channelName"></param>
public EasyHookEntryPoint(RemoteHooking.IContext context, string channelName, BridgeEventType enabledHooks, int processId)
{
// Retrieve a reference to our interface
this.hookInterface = RemoteHooking.IpcConnectClient<HookInterface>(channelName);
// Validate connection
this.hookInterface.Ping();
this.enabledHooks = enabledHooks;
this.ProcessID = processId;
}
public Main(
RemoteHooking.IContext InContext,
String InChannelName)
{
// connect to host...
Interface = RemoteHooking.IpcConnectClient<FileMonInterface>(InChannelName);
myChannelName = InChannelName;
Interface.Ping();
}
public void Run(
RemoteHooking.IContext InContext,
String InChannelName)
{
// install hook...
try
{
CreateKeywordHook = LocalHook.Create(
LocalHook.GetProcAddress("python27.dll", "PyEval_CallObjectWithKeywords"),
new DCallKeywords(CallKeywords_Hooked),
this);
CreateKeywordHook.ThreadACL.SetExclusiveACL(new Int32[] {0});
CreateGetModuleHandleAHook = LocalHook.Create(LocalHook.GetProcAddress("kernel32", "GetModuleHandleA"), new DGetModuleHandleA(GetModuleHandleHooked), this);
CreateGetModuleHandleAHook.ThreadACL.SetExclusiveACL(new Int32[] {0});
}
catch (Exception ExtInfo)
{
Interface.ReportException(ExtInfo);
return;
}
Interface.IsInstalled(RemoteHooking.GetCurrentProcessId());
RemoteHooking.WakeUpProcess();
// wait for host process termination...
try
{
while (true)
{
Thread.Sleep(500);
// transmit newly monitored file accesses...
if (Queue.Count > 0)
{
String[] Package = null;
lock (Queue)
{
Package = Queue.ToArray();
Queue.Clear();
}
}
else
Interface.Ping();
}
}
catch
{
// Ping() will raise an exception if host is unreachable
}
}
public ScreenshotInjection(
RemoteHooking.IContext context,
String channelName,
String version)
{
// Get reference to IPC to host application
// Note: any methods called or events triggered against _interface will execute in the host process.
_interface = RemoteHooking.IpcConnectClient<ScreenshotInterface.ScreenshotInterface>(channelName);
AppDomain.CurrentDomain.UnhandledException += new UnhandledExceptionEventHandler(CurrentDomain_UnhandledException);
}
public TestInjection(
RemoteHooking.IContext context,
String channelName
, TestComplexParameter parameter
)
{
// connect to host...
_interface = RemoteHooking.IpcConnectClient<TestInterface>(channelName);
_interface.Ping();
}
public LuaInterface(
RemoteHooking.IContext InContext,
string LogChannelName)
{
LoggingInterface = RemoteHooking.IpcConnectClient<Logger>(LogChannelName);
LoggingInterface.Log("Main()");
Process thisProcess = Process.GetCurrentProcess();
LoggingInterface.Log(string.Format("Hooked Into: {0}, {1}",
thisProcess.ProcessName, thisProcess.Id));
}
public void Run(
RemoteHooking.IContext InContext,
String InChannelName)
{
// install hook...
try
{
//FileApis.InstallHook();
//ProcApis.InstallHook();
//RegApis.InstallHook();
NetApis.InstallHook();
}
catch (Exception ExtInfo)
{
Interface.ReportException(ExtInfo);
return;
}
Interface.IsInstalled(RemoteHooking.GetCurrentProcessId());
RemoteHooking.WakeUpProcess();
// wait for host process termination...
try
{
while (true)
{
Thread.Sleep(500);
// transmit newly monitored file accesses...
if (Queue.Count > 0)
{
String[] Package = null;
lock (Queue)
{
Package = Queue.ToArray();
Queue.Clear();
}
Interface.Output(DateTime.Now, RemoteHooking.GetCurrentProcessId(), Package);
}
else
Interface.Ping();
}
}
catch
{
// Ping() will raise an exception if host is unreachable
}
}
public void Run(RemoteHooking.IContext context, string channelName, string pluginsPath, string configPath, string targetExecutable)
{
try
{
var catalog = new DirectoryCatalog(pluginsPath);
var container = new CompositionContainer(catalog);
container.ComposeParts(this);
foreach (var plugin in HookPlugins)
{
plugin.Hook(targetExecutable, configPath, pluginsPath, Interface);
}
}
catch (Exception e)
{
Interface.ReportException(e);
return;
}
Interface.IsInstalled(RemoteHooking.GetCurrentProcessId());
RemoteHooking.WakeUpProcess();
// wait for host process termination...
try
{
while (true)
{
Thread.Sleep(500);
// transmit newly monitored file accesses...
/*
if (_queue.Count > 0)
{
String[] Package = null;
lock (_queue)
{
Package = _queue.ToArray();
_queue.Clear();
}
}
else
*/
Interface.Ping();
}
}
catch
{
// Ping() will raise an exception if host is unreachable
}
}
public void Run(RemoteHooking.IContext InContext, string channelname, string iniFile, string qDll, string qParam)
{
settings = new Settings(iniFile);
InitializeHooks();
Environment.SetEnvironment(settings);
RemoteHooking.WakeUpProcess();
while (true)
{
Thread.Sleep(1000);
}
}
private static int CreateProcessAndHook(string channelName)
{
int processId;
RemoteHooking.CreateAndInject(
Environment.CurrentDirectory + @"\TargetUnManagedProcess.exe",
"",
0,
InjectionOptions.DoNotRequireStrongName,
Environment.CurrentDirectory + @"\DllInjection.dll", // 32 bits
Environment.CurrentDirectory + @"\DllInjection.dll", // 64 bits
out processId,
channelName);
return(processId);
}
public void Inject(string[] dllsToLoad)
{
_channelName = null;
if (ipc == null)
{
ipc = RemoteHooking.IpcCreateServer <RemoteInterface>(ref _channelName,
WellKnownObjectMode.Singleton, Remote);
}
Thread injectionThread = new Thread(() =>
{
Remote.Log("Attempting to inject...");
while (!IsHookAttached)
{
int processId = GetProcessId();
if (processId == 0)
{
Remote.Log("Cannot find process, retrying in 5s...", LogType.Warning);
Thread.Sleep(5000);
continue;
}
try
{
RemoteHooking.Inject(processId, InjectionOptions.DoNotRequireStrongName,
Library, Library, _channelName, dllsToLoad);
IsHookAttached = true;
Remote.Log("Injection finished.");
}
catch (Exception e)
{
Remote.Log("Injection error:", LogType.Error);
Remote.Log(e.ToString(), LogType.Error);
Remote.Log("Retrying in 5s...");
IsHookAttached = false;
Thread.Sleep(5000);
}
}
});
injectionThread.IsBackground = true;
injectionThread.Start();
}
public void Run(
RemoteHooking.IContext context,
string channelName
, HookParameter parameter
)
{
frameCount = 0;
server = RemoteHooking.IpcConnectClient <HookServer>(channelName);
server.isHook = false;
try
{
var process = Process.GetCurrentProcess();
var modules = process.Modules;
foreach (ProcessModule item in modules)
{
string moduleName = item.ModuleName;
try
{
if (LocalHook.GetProcAddress(moduleName, "luaL_newstate") != IntPtr.Zero)
{
HookAllLuaFun(moduleName);
break;
}
}
catch
{
}
}
}
catch (Exception ex)
{
MessageBox.Show(ex.Message);
return;
}
server.isHook = true;
while (true)
{
Thread.Sleep(10);
frameCount++;
if (!server.isHook)
{
Uninstall();
break;
}
}
}
public void Run(RemoteHooking.IContext InContext, String InChannelName)
{
try
{
// Call Host
Interface.IsInstalled(RemoteHooking.GetCurrentProcessId());
LocalHook.EnableRIPRelocation(); // no idea what this does
DebugAddresses();
LoadAddresses();
LoadOriginalFunctions();
hooks = new List <LocalHook>();
hooks.Add(LocalHook.Create(OutPacketInitAddress, new DOutPacketInit(form.OutPacketInitHooked), this));
hooks.Add(LocalHook.Create(EncodeByteAddress, new DEncodeByte(form.EncodeByteHooked), this));
hooks.Add(LocalHook.Create(EncodeShortAddress, new DEncodeShort(form.EncodeShortHooked), this));
hooks.Add(LocalHook.Create(EncodeIntAddress, new DEncodeInt(form.EncodeIntHooked), this));
hooks.Add(LocalHook.Create(EncodeBufferAddress, new DEncodeBuffer(form.EncodeBufferHooked), this));
hooks.Add(LocalHook.Create(EncodeStringAddress, new DEncodeString(form.EncodeStringHooked), this));
if (SendPacketAddress.ToInt32() > 0)
{
//hooks.Add(LocalHook.Create(SendPacketAddress, new DSendPacket(form.SendPacketHooked), this));
}
hooks.Add(LocalHook.Create(DecodeByteAddress, new DDecodeByte(form.DecodeByteHooked), this));
hooks.Add(LocalHook.Create(DecodeShortAddress, new DDecodeShort(form.DecodeShortHooked), this));
hooks.Add(LocalHook.Create(DecodeIntAddress, new DDecodeInt(form.DecodeIntHooked), this));
hooks.Add(LocalHook.Create(DecodeBufferAddress, new DDecodeBuffer(form.DecodeBufferHooked), this));
hooks.Add(LocalHook.Create(DecodeStringAddress, new DDecodeString(form.DecodeStringHooked), this));
//hooks.Add(LocalHook.Create(DecryptDataAddress, new DDecryptData(form.DecryptDataHooked), this));
hooks.ForEach(hook => hook.ThreadACL.SetExclusiveACL(new Int32[] { 0 }));
Interface.WriteConsole("Initialized Hooks: " + hooks.Count);
form.ShowDialog();
}
catch (Exception e)
{
Interface.WriteConsole("ERROR: " + e);
}
}
public void Run(
RemoteHooking.IContext InContext,
string ChannelName)
{
LoggingInterface.Log("Run()");
try
{
LoggingInterface.Log("Setting up IPC channel :)");
string outChannelName = null;
IpcServerChannel ipcLogChannel = RemoteHooking.
IpcCreateServer <DanteInterface>(ref outChannelName,
WellKnownObjectMode.Singleton);
//notify client of channel creation via logger
LoggingInterface.InjectedDLLChannelName = outChannelName;
// Install the first hook...
try
{
hitCount = 0;
LoggingInterface.Log("Creating LoadLibraryHook...");
// Create the hook on the LoadLibraryA call
LoadLibraryHook = LocalHook.Create(
LocalHook.GetProcAddress("kernel32.dll", "LoadLibraryA"),
new LoadLibraryDelegate(MyLoadLibrary), this);
LoggingInterface.Log("SetExclusiveACL on LoadLibraryHook...");
LoadLibraryHook.ThreadACL.SetExclusiveACL(new Int32[] { 0 });
}
catch (Exception e)
{
hitCount = 0;
LoggingInterface.Log(string.Format("Exception on LoadLibraryHook: " + e.Message));
}
while (true)
{
Thread.Sleep(250);
}
}
catch (Exception e)
{
LoggingInterface.Log(string.Format("Exception in Run(): {0}", e));
}
}
private static void OnProcessUpdate(Object InCallback)
{
ProcessTimer.Change(Timeout.Infinite, Timeout.Infinite);
try
{
ProcessInfo[] Array;
if (_noGAC)
{
Array = EnumProcesses();
}
else
{
Array = (ProcessInfo[])RemoteHooking.ExecuteAsService <Form1>("EnumProcesses");
}
SortedDictionary <String, ProcessInfo> Result = new SortedDictionary <string, ProcessInfo>();
// sort by name...
lock (ProcessList)
{
ActivePIDList.Clear();
for (int i = 0; i < Array.Length; i++)
{
Result.Add(System.IO.Path.GetFileName(Array[i].FileName) + "____" + i, Array[i]);
ActivePIDList.Add(Array[i].Id);
}
Result.Values.CopyTo(Array, 0);
ProcessList.Clear();
ProcessList.AddRange(Array);
}
}
catch (AccessViolationException)
{
MessageBox.Show("This is an administrative task!", "Permission denied...", MessageBoxButtons.OK);
Process.GetCurrentProcess().Kill();
}
finally
{
ProcessTimer.Change(5000, 5000);
}
}
public void Run(
RemoteHooking.IContext context,
string channelName)
{
_server.IsInstalled(RemoteHooking.GetCurrentProcessId());
// 4c 89 4c 24 20 44 89 44 24 18 55 57 41
factUpdateOrigPtr = Process.GetCurrentProcess().MainModule.BaseAddress + 0x7b45f0;
_server.ReportMessage(Process.GetCurrentProcess().MainModule.FileName);
_server.ReportMessage(Process.GetCurrentProcess().MainModule.BaseAddress.ToString());
_server.ReportMessage((Process.GetCurrentProcess().MainModule.BaseAddress + 0x7b45f0).ToString());
var hook = LocalHook.Create(factUpdateOrigPtr, new FactUpdateHook(FactUpdate_Hooked), this);
hook.ThreadACL.SetExclusiveACL(new Int32[] { 0 });
RemoteHooking.WakeUpProcess();
_server.ReportMessage("done hooking");
try
{
// Loop until FileMonitor closes (i.e. IPC fails)
while (true)
{
System.Threading.Thread.Sleep(500);
_server.Ping();
}
}
catch
{
// Ping() or ReportMessages() will raise an exception if host is unreachable
}
// Remove hooks
hook.Dispose();
// Finalise cleanup of hooks
EasyHook.LocalHook.Release();
}
public void Run(EasyHook.RemoteHooking.IContext InContext, string channelname, string iniFile)
{
settings = new Settings(iniFile);
InitializeHooks();
Environment.SetEnvironment(settings);
RemoteHooking.WakeUpProcess();
while (true)
{
System.Threading.Thread.Sleep(1000);
}
foreach (var hook in _hooks)
{
hook.Dispose();
}
}
public static void Inject(int pid, string entryPoint, string dll, string typeName, string scriptBlock, string modulePath, string additionalCode, bool log)
{
var assembly = System.Reflection.Assembly.GetExecutingAssembly();
RemoteHooking.Inject(
pid,
assembly.Location, // 32-bit version (the same because AnyCPU)
assembly.Location, // 64-bit version (the same because AnyCPU)
_channelName,
entryPoint,
dll,
typeName,
scriptBlock,
modulePath,
additionalCode,
log);
}
public MainForm(string[] args)
{
try
{
InitializeComponent();
Win32Hooks.HookManager.OnMessage += ThreadSafeAddlog;
Win32Hooks.HookManager.Instance.InitHooks();
RemoteHooking.WakeUpProcess();
Win32Hooks.HookManager.Instance.WaitForRedGuard();
Text = "HookManager [" + Win32Hooks.HookManager.Instance.CharName + "]";
Win32Hooks.HookManager.Instance.WaitForEVE();
Win32Hooks.HookManager.Instance.LaunchAppDomain(0);
}
catch (Exception)
{
}
}
public InjectorProcess(Process process, InjectorInterface captureInterface)
{
string ChannelName = null;
RemoteHooking.IpcCreateServer <InjectorInterface>(
ref ChannelName,
WellKnownObjectMode.Singleton,
captureInterface);
RemoteHooking.Inject(
process.Id,
InjectionOptions.Default,
typeof(InjectorInterface).Assembly.Location,
typeof(InjectorInterface).Assembly.Location,
ChannelName
);
}
private static IpcServerChannel runGetTimeDateFormatHook()
{
var explorers = LightProcessMonitor.FindProcesses(names: _processesList);
if (explorers == null || !explorers.Any())
{
AppMessenger.Messenger.NotifyColleagues("AddLog", new Log {
Text = "explorer در حال اجرا نيست."
});
return(null);
}
var channel = RemoteHooking.IpcCreateServer <MessagesReceiverInterface>(ref _channelName, WellKnownObjectMode.SingleCall);
injectHooks(explorers);
return(channel);
}
private static void LaunchHiSuite()
{
System.Int32 targetPID = 0;
//const string LibraryPath = "Interceptor.dll";
// EasyHook
try
{
RemoteHooking.CreateAndInject(hiSuitePath, string.Empty, 0, LibraryPath, LibraryPath, out targetPID, string.Empty);
}
catch (Exception ex)
{
// The given EXE path could not be found.
Console.WriteLine("Could not launch HiSuite:");
Console.WriteLine(ex.Message);
}
}
private static void Inject(Process process, DalamudStartInfo info)
{
Console.WriteLine($"Injecting to {process.Id}");
// File check
var libPath = Path.GetFullPath("Dalamud.dll");
if (!File.Exists(libPath))
{
Console.WriteLine($"Can't find a dll on {libPath}");
return;
}
RemoteHooking.Inject(process.Id, InjectionOptions.DoNotRequireStrongName, libPath, libPath, info);
Console.WriteLine("Injected");
}
private void SingleProcessInjection(int processId)
{
string result;
try
{
RemoteHooking.Inject(processId, FilePath, FilePath, ChannelName, Constants.LoginAddresses.ToList(), 5555);
result = "Success";
}
catch (Exception ex)
{
Logger.Error("(SingleProcessInjection) " + ex.Message);
result = "Failed";
}
ConsoleManager.Debug(string.Format("Single Process Injection Result: ID={0}; RESULT={1};", processId, result.ToString()));
}
private void StartIPCServer()
{
if (ServerChannel != null)
{
throw new InvalidOperationException("IPC Server already started");
}
string channelName = HookConst.ChannelName;
// TODO: Switch to WCF DuplexClientBase
ServerChannel = RemoteHooking.IpcCreateServer <SMHookCallback>(
ref channelName,
WellKnownObjectMode.Singleton,
this,
WellKnownSidType.WorldSid
);
}
public void Run(RemoteHooking.IContext context, Parameter parameter)
{
logger.Info($"已成功注入进程 {RemoteHooking.GetCurrentProcessId()}.");
hooker?.Hooking();
server.OnClosed += proxy.Close;
proxy.OnClosed += OnClosed;
logger.Debug("All hooks installed");
BlockedCheckStatus();
Dispose();
logger.Info("注入已分离.");
}
static void Main(string[] args)
{
Int32 TargetPID = 0;
if ((args.Length != 1) || !Int32.TryParse(args[0], out TargetPID))
{
Console.WriteLine();
Console.WriteLine("Usage: FileMon %PID%");
Console.WriteLine();
return;
}
try
{
//try
//{
// Config.Register(
// "A FileMon like demo application.",
// "FileMon.exe",
// "FileMonInject.dll");
//}
//catch (ApplicationException)
//{
// MessageBox.Show("This is an administrative task!", "Permission denied...", MessageBoxButtons.OK);
// System.Diagnostics.Process.GetCurrentProcess().Kill();
//}
RemoteHooking.IpcCreateServer <FileMonInterface>(ref ChannelName, WellKnownObjectMode.SingleCall);
RemoteHooking.Inject(
TargetPID,
"FileMonInject.dll",
"FileMonInject.dll",
GetSharedAssemblies(),
ChannelName);
Console.ReadLine();
}
catch (Exception ExtInfo)
{
Console.WriteLine("There was an error while connecting to target:\r\n{0}", ExtInfo.ToString());
}
}
public bool hook(string processName)
{
Process[] processes = Process.GetProcessesByName(processName);
Trace.TraceInformation("Trying to hook process '{0}', {1} matching processes", processName, processes);
if (processes.Length == 0)
{
Trace.TraceError("No target process found");
return(false);
}
hookedProcess = processes[0];
if (hookedProcess.MainWindowHandle == IntPtr.Zero)
{
Trace.TraceError("Target process's main window handle is null");
return(false);
}
Trace.TraceInformation("Injecting dll in to {0}", hookedProcess.MainWindowTitle);
Trace.TraceInformation("Screenshot dll location {0}", typeof(ScreenshotInject.ScreenshotInjection).Assembly.Location);
try
{
// Inject DLL into target process
RemoteHooking.Inject(
hookedProcess.Id,
InjectionOptions.Default,
typeof(ScreenshotInject.ScreenshotInjection).Assembly.Location, //"ScreenshotInject.dll", // 32-bit version (the same because AnyCPU) could use different assembly that links to 32-bit C++ helper dll
typeof(ScreenshotInject.ScreenshotInjection).Assembly.Location, //"ScreenshotInject.dll", // 64-bit version (the same because AnyCPU) could use different assembly that links to 64-bit C++ helper dll
// the optional parameter list...
ChannelName, // The name of the IPC channel for the injected assembly to connect to
Direct3DVersion.AutoDetect.ToString() // The direct3DVersion used in the target application
);
}
catch (Exception e)
{
Trace.TraceInformation("Failed inject in to target process\r\n" + e);
return(false);
}
HookManager.AddHookedProcess(hookedProcess.Id);
/*Trace.TraceInformation("Bringing process to the front");
* BringProcessWindowToFront(hookedProcess);*/
return(true);
}
static void Main(string[] args)
{
try
{
bool onlyInject = int.TryParse(args[0], out int processIdReq);
string processPathReq = onlyInject ? string.Empty : args[0];
int redirectionPortReq = int.Parse(args[1]);
HookElement hook = new HookElement();
{
hook.IpcServer = RemoteHooking.IpcCreateServer <HookInterface>(ref hook.ChannelName, WellKnownObjectMode.Singleton);
}
if (onlyInject)
{
RemoteHooking.Inject(
processIdReq,
"./SocketHook.dll",
"./SocketHook.dll",
hook.ChannelName,
redirectionPortReq
);
}
else
{
RemoteHooking.CreateAndInject(
processPathReq,
string.Empty,
0x00000004,
InjectionOptions.DoNotRequireStrongName,
"./SocketHook.dll",
"./SocketHook.dll",
out hook.ProcessId,
hook.ChannelName,
redirectionPortReq
);
}
Console.Read();
}
catch (Exception e)
{
Console.WriteLine(e);
}
}
public void Run(
RemoteHooking.IContext context,
String channelName
, TestComplexParameter parameter
)
{
try
{
CreateFileHook = LocalHook.Create(
LocalHook.GetProcAddress("kernel32.dll", "CreateFileW"),
new DCreateFile(CreateFile_Hooked),
this);
/*
* Don't forget that all hooks will start deactivated...
* The following ensures that all threads are intercepted:
*/
CreateFileHook.ThreadACL.SetExclusiveACL(new Int32[1]);
}
catch (Exception e)
{
/*
* Now we should notice our host process about this error...
*/
_interface.ReportException(e);
return;
}
_interface.IsInstalled(RemoteHooking.GetCurrentProcessId());
_interface.SendMessage(parameter.Message);
try
{
while (true)
{
Thread.Sleep(10);
_interface.Ping();
}
}
catch
{
}
}
private bool Hook(int pid)
{
try
{
OnLog(string.Format("hooking pid {0}..", pid));
Config.Register("CompilerHook", "HookController.exe", "CompilerHookLib.dll");
string channelName = null;
RemoteHooking.IpcCreateServer <HookController>(ref channelName, System.Runtime.Remoting.WellKnownObjectMode.SingleCall);
RemoteHooking.Inject(pid, "CompilerHookLib.dll", "CompilerHookLib.dll", channelName);
OnLog(string.Format("injecting using channel {0}..", channelName));
return(true);
}
catch (Exception ex)
{
OnLog(string.Format("error! {0}", ex.Message));
return(false);
}
}
bool CreateProcessW_Hooked([MarshalAsAttribute(UnmanagedType.LPWStr)] string lpApplicationName, IntPtr lpCommandLine, IntPtr lpProcessAttributes, IntPtr lpThreadAttributes, [MarshalAsAttribute(UnmanagedType.Bool)] bool bInheritHandles, uint dwCreationFlags, IntPtr lpEnvironment, [MarshalAsAttribute(UnmanagedType.LPWStr)] string lpCurrentDirectory, ref STARTUPINFOW lpStartupInfo, [OutAttribute()] out PROCESS_INFORMATION lpProcessInformation)
{
bool result = false;
result = CreateProcessW(lpApplicationName, lpCommandLine, lpProcessAttributes, lpThreadAttributes, bInheritHandles, dwCreationFlags, lpEnvironment, lpCurrentDirectory, ref lpStartupInfo, out lpProcessInformation);
try
{
_server.ReportMessage(string.Format("[{0}:{1}]: CreateProcess ({2} created name) \"{3}\"",
RemoteHooking.GetCurrentProcessId(), RemoteHooking.GetCurrentThreadId()
, lpApplicationName, lpStartupInfo.wShowWindow));
}
catch
{
}
return(result);
}
public void Inject()
{
this.status = StatusEnum.Injecting;
this.LastPing = Environment.TickCount;
try
{
RemoteHooking.Inject(
this.UnderlyingProcess.Id,
"PeaRoxy.Windows.Network.Hook.exe",
"PeaRoxy.Windows.Network.Hook.exe",
Controller.ChannelName);
}
catch (Exception e)
{
Console.WriteLine(this.UnderlyingProcess.Id + " - " + e.Message);
this.status = StatusEnum.Error;
}
}
/// <summary>
/// Initializes a new instance of <see cref="ProcessEntryPoint"/>.
/// </summary>
/// <remarks>
/// This call should only focus on initializing the variables and connecting to the host application.
/// All business logic should be invoked in the <see cref="Run"/> method.
/// Unhandled exception are redirected to the host application automatically.
/// </remarks>
/// <param name="inContext">Information about the environment in which the library main method has been invoked.</param>
/// <param name="inChannelName">The name of the inter-process communication channel to connect to.</param>
public ProcessEntryPoint(RemoteHooking.IContext inContext, string inChannelName)
{
// Name the current thread.
if (Thread.CurrentThread.Name == null)
{
Thread.CurrentThread.Name = "Initializer";
}
// Connect to server.
IProcessSynchronizer sync = RemoteHooking.IpcConnectClient <ProcessSynchronizerInterface>(inChannelName).ProcessSynchronizer;
// Initialize the guest's core.
EngineCore.Initialize(sync);
// Validate connection.
if (!EngineCore.Connected)
{
throw new EngineException("Failed to validate the inter-process connection while initializing the guest's virtual environment.");
}
}
private void BeginOpenGLImageCapture()
{
string channel = null;
var path = Environment.CurrentDirectory + @"\Starship.Injection.dll";
ImageStreamProxy.DebugReceived += OnDebugReceived;
ImageStreamProxy.ClientCallbackProxyGranted += OnClientCallbackProxyGranted;
ImageStreamProxy.ImageDataReceived += OnImageDataReceived;
ImageStreamProxy.Settings = new ImageCaptureSettings {
Width = GameBot.Window.Width,
Height = GameBot.Window.Height,
Interval = 250
};
RemoteHooking.IpcCreateServer <ImageStreamProxy>(ref channel, WellKnownObjectMode.Singleton);
RemoteHooking.Inject(GameBot.Process.GetProcess().Id, path, path, channel);
}
public void SafelyReportInjectionError(Exception ex)
{
DebugLogger.WriteLine("Injection error: {0}", ex.ToString());
try
{
interface_.ReportInjectionError(RemoteHooking.GetCurrentProcessId(), ex);
DebugLogger.WriteLine("Injection error reported for {0}", RemoteHooking.GetCurrentProcessId());
}
catch (Exception e)
{
DebugLogger.WriteLine("Injection reporting error {0}", e.ToString());
try
{
interface_.ReportInjectionError(RemoteHooking.GetCurrentProcessId(), e);
}
catch { }
}
}
public void InjectLua(int ProcessID)
{
try
{
//create IPC log channell for injected dll, so it can log to the console
string logChannelName = null;
IpcServerChannel ipcLogChannel =
RemoteHooking.IpcCreateServer <Logger>(
ref logChannelName, WellKnownObjectMode.Singleton);
var remoteLog = RemoteHooking.IpcConnectClient <Logger>(logChannelName);
//inject dante.dll, pass in the log channel name
RemoteHooking.Inject(
ProcessID,
"Dante.dll",
"Dante.dll",
logChannelName);
//wait for the remote object channel to be created
Thread.Sleep(200);
//get remote object from channel name
RemoteObject = RemoteHooking.IpcConnectClient <DanteInterface>(
remoteLog.InjectedDLLChannelName);
// Register Lua Delegate
RemoteObject.RegisterLuaDelegate(
ProcessManager.GlobalOffsets.LuaDelegates);
// Set our codecave offset
SetPatchOffset(Convert.ToUInt32(
ProcessManager.Config.CustomParams.LuaCallback, 16));
// Pass wow's main thread id
SetWowMainThread();
Output.Instance.Log("Dante injected");
}
catch (Exception ExtInfo)
{
Output.Instance.Log("There was an error while connecting to the target DLL");
Output.Instance.LogError(ExtInfo);
}
}
public void Run(RemoteHooking.IContext inContext,
string channelName,
NativeData nativeData)
{
try
{
try
{
InstallHooks();
InstallSM(nativeData);
SMA.OnHookInstalled(true);
}
catch (Exception ex)
{
SMA.OnHookInstalled(false, ex);
Environment.Exit(1);
return;
}
finally
{
RemoteHooking.WakeUpProcess();
}
DispatchMessages();
}
catch (RemotingException)
{
// Channel closed, exit.
SMA = null;
}
catch (Exception ex)
{
OnException(ex);
}
finally
{
HasExited = true;
CleanupHooks();
SentryInstance.Dispose();
}
}
public void InitHook(string exePath, string hookDllPath, int instanceCount = 1)
{
if (instanceCount <= 0)
{
return;
}
int port = Port;
HookElement element = new HookElement();
{
element.IpcServer = RemoteHooking.IpcCreateServer <CustomHookInterface>(ref element.ChannelName, WellKnownObjectMode.Singleton);
}
RemoteHooking.CreateAndInject(
exePath,
string.Empty,
0x00000004,
InjectionOptions.DoNotRequireStrongName,
hookDllPath,
hookDllPath,
out element.ProcessId,
element.ChannelName,
port);
PortUsedByProcess.Add(element.ProcessId, port);
Process process = Process.GetProcessById(element.ProcessId);
process.EnableRaisingEvents = true;
process.Exited += (obj, arg) =>
{
PortUsedByProcess.Remove(process.Id);
UIManager.Instance.RemovePage(process.Id);
};
UIManager.Instance.OpenPage(process.Id);
Task.Delay(TimeSpan.FromMilliseconds(ConfigurationManager.Instance.Startup.time_wait_in_ms)).ContinueWith(task =>
{
InitHook(exePath, hookDllPath, instanceCount - 1);
});
}
