HwcCrew

#include <Windows.h>
#include <TlHelp32.h>
#include <stdio.h>
#include <stdlib.h>
 
typedef HINSTANCE(*fpLoadLibrary)(char*);
 
DWORD GetPidByName(const char* processname)
{
        HANDLE hProcessSnap;
        PROCESSENTRY32 p;
        hProcessSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
        p.dwSize = sizeof(PROCESSENTRY32);
        if (Process32First(hProcessSnap, &p))
        {
                do{
                        if (!strcmp(processname, p.szExeFile)) return (p.th32ProcessID);
                } while (Process32Next(hProcessSnap, &p));
                return (-1);
        }
        else return (-1);
}
 
 
 
int main(int argc, char **argv)
{
 
        if (argc != 3)
        {
                printf("#DLL INJECTOR BY SAKIIR !\n");
                printf("\tUsage : ./injector <process.exe> <DLL_PATH>\n");
                printf("\tExemple : ./injector iexplorer.exe C:\\inject_me.dll\n");
                Sleep(3000);
                ExitProcess(1);
        }
 
    typedef UINT (CALLBACK* LPFNDLLFUNC1)(DWORD,UINT);
    STARTUPINFOA startupInfo;
    //PROCESS_INFORMATION processInformation;
    char PROCESS[1024];
    char DLL_PATH[1024];
    HINSTANCE hDLL;
    DWORD PID;
    HANDLE hProcess;
 
    printf("\n\n#DLL INJECTOR BY SAKIIR !\n\n");
    printf("[*] Getting Arguments..\n");
    strncpy(PROCESS, argv[1], 1023);
    strncpy(DLL_PATH, argv[2], 1023);
    printf("[+] Arguments Gotten !\n");
    printf("[*] Process Name : %s\n",PROCESS);
    printf("[*] DLL Name : %s\n", DLL_PATH);
 
 
    hDLL = GetModuleHandleA("kernel32");
    LPFNDLLFUNC1 pLoadLibrary = (LPFNDLLFUNC1)GetProcAddress(hDLL,"LoadLibraryA");
    printf("[*] LoadLibrary() : 0x%x\n",pLoadLibrary);
 
    printf("[*] Getting Process ID of %s...\n",PROCESS);
    while((PID = GetPidByName(PROCESS)) == -1) Sleep(500);
    printf("[+] Process ID Gotten !\n");
 
    printf("[*] Openning Process With All Access...\n");
    hProcess = OpenProcess(PROCESS_ALL_ACCESS, 0, PID);
    if(hProcess == NULL)
    {
        printf("[-] Failed To OpenProcess :(...\n");
        exit(1);
    }
    printf("[+] Successfully Created Process !\n");
 
 
    // Allocating Virtual Memory
    printf("[*] Allocating Virtual Memory ... \n");
    void* pReservedSpace = VirtualAllocEx(hProcess,NULL,strlen(DLL_PATH),MEM_COMMIT,PAGE_EXECUTE_READWRITE);
    if(!pReservedSpace)
    {
        printf("[-] Failed To VirtualAllocEx() ...\n");
        exit(1);
    }
    printf("[+] Succefully : Allocating Memory\n");
 
 
 
    //Writing Into Virtual Memory
    printf("[*] Writing Into Virtual Memory...\n");
    if(!WriteProcessMemory(hProcess,pReservedSpace,DLL_PATH,strlen(DLL_PATH),NULL))
    {
        printf("[-] Failed To WriteProcessMemory() ...\n");
        exit(1);
    }
    printf("[+] Succefully : Writing Into Memory\n");
 
 
 
    //Creating Remote Thread
    printf("[*] Creating Remote Thread..\n");
    HANDLE hThread = CreateRemoteThread(hProcess, NULL, 0, (LPTHREAD_START_ROUTINE)pLoadLibrary, pReservedSpace, 0, NULL);
    if(!hThread)
    {
        printf("[-] Failed To CreateRemoteThread() ...\n");
        exit(1);
    }
     printf("[+] Succefully : Creating Remote Thread\n");
     printf("[+] Thread is Created !\n");
 
    WaitForSingleObject(hThread,INFINITE);
    VirtualFreeEx(hProcess,pReservedSpace,strlen(DLL_PATH),MEM_COMMIT);
    printf("[+] END ! :)\n");
    return 0;
}
Injecteur de DLL

Be the first to give feedback !
