示例#1
0
        protected override void Execute(Injectable assembly)
        {
            IntPtr dllBase = Kernel32.LoadLibraryExW(assembly.PathToAssemblyFile, IntPtr.Zero, Core.Native.Enums.LoadLibraryFlags.DontResolveDllReferences);

            if (dllBase == IntPtr.Zero)
            {
                throw new Win32Exception($"Couldn't load DLL, system returned error code: {Marshal.GetLastWin32Error()}");
            }

            IntPtr entryPointAddress = Kernel32.GetProcAddress(dllBase, assembly.Entrypoint);

            if (entryPointAddress == IntPtr.Zero)
            {
                throw new Win32Exception($"Couldn't find the entry point, system returned error code: {Marshal.GetLastWin32Error()}");
            }

            IntPtr entryPointInRemoteProcess = new IntPtr((long)Process.Modules[assembly.AssemblyName.ToLower()].BaseAddress + (long)entryPointAddress - (long)dllBase);
            IntPtr thread = Kernel32.CreateRemoteThread(Process.Handle, IntPtr.Zero, 0, entryPointInRemoteProcess, IntPtr.Zero, 0, IntPtr.Zero);

            if (thread == IntPtr.Zero)
            {
                throw new Win32Exception($"Couldn't load DLL, system returned error code: {Marshal.GetLastWin32Error().ToString()}");
            }

            Process.SuspendThreads(false);
        }
示例#2
0
        public void InjectAndExecute(Injectable assembly, bool attach)
        {
            UpdateFiles(assembly.PathToAssemblyFile);

            PreExecution(assembly);

            Process.RefreshModules();

            Process.AllocConsole();

            // In case we want to attach then we have to do so BEFORE we execute to give full debugging capabilities.
            if (attach && Debugger.IsAttached)
            {
                Process.AttachDebugger();
            }

            Execute(assembly);
        }
示例#3
0
 /// <summary>
 ///     Execution after the DLL has been injected.
 /// </summary>
 /// <param name="pathToDll"></param>
 /// <param name="entryPoint"></param>
 protected abstract void Execute(Injectable assembly);
示例#4
0
 /// <summary>
 ///     DLL needs to be the same platform as the target process (e.g. x64 or x86).
 /// </summary>
 /// <param name="pathToDll"></param>
 /// <param name="entryPoint"></param>
 protected abstract void PreExecution(Injectable assembly);
示例#5
0
        protected override void Execute(Injectable assembly)
        {
            IMemoryAddress allocatedMemory = Process.AllocateManagedMemory(assembly.PathToAssemblyFile.Length);

            allocatedMemory.Write(Encoding.Unicode.GetBytes(assembly.PathToAssemblyFile));
        }
示例#6
0
 protected override void PreExecution(Injectable assembly)
 {
 }
示例#7
0
        protected override void PreExecution(Injectable assembly)
        {
            Process.SuspendThreads(true);

            Process.LoadLibrary(assembly.PathToAssemblyFile);
        }
示例#8
0
 protected override void PostExecution(Injectable assembly)
 {
     Process.SuspendThreads(false);
 }
示例#9
0
 protected virtual void PostExecution(Injectable assembly)
 {
 }