Generic Dll Injector for x86 and x64 + Export Caller
Because Apoc fails at DLL injection I’ve ripped my loader from Hades and am open-sourcing it.
First off, an overview of functionality:
- Full native x86 and native x64 support.
- Support for calling an arbitrary export in the module once injected.
- Injection via PID.
- Injection via process name.
- Injection via window name.
- Injection via process spawning.
- Support for passing args when spawning.
- Support for arbitrary modules.
Example usage for WoW (spawn):
“Loader32.exe” -launch=”C:\WoW\WoW.exe” -args=”-console” -module=”Module32.dll” -export=”Initialize”
Example usage for Notepad on x64 (process):
“Loader64.exe” -process=”notepad.exe” -module=”Module64.dll” -export=”Initialize”
Example usage for WoW (window):
“Loader32.exe” -window=”World of Warcraft” -module=”Module64.dll” -export=”Initialize”
Example usage for PID (x64):
“Loader64.exe” -pid=”1234″ -module=”Module64.dll” -export=”Initialize”
Notes:
Written in C++, requires Visual Studio 2008 SP1, and Boost, in order to compile (it may work on other compilers but this is the only tested config). No I will not help you set up Boost, if you can’t manage that on your own then you shouldn’t be attempting to program in C++.
License:
Licensed under the GPL v3. Yes I know it sucks but I’m happy to give you an unrestrictive license (like the MIT) upon request. The reason I’m using the GPL as the default is because of asshats who rip code and stick it in a cheat they’re selling without even attribution. As long as you’re not one of those assholes I’m normally happy to grant you use under the license of your choice.
Credits:
- Apoc - Giving me a reason to get off my ass and release this
- Harko - Testing XP support (its working now Apoc! )
- Kynox - He’s from NZ
- Greyman - His name reminds me of a Digimon
- Boost - I’m using Boost libs
- Code Deception - Being an awesome resource
- Windows via C++ - The EnsureCleanup base implementation
Download:
No longer available
Awesome that you are making it open source, i don’t know anything about C++ yet but this and Kynox blog is kind of inspiring me to try to start.
Hi.
I am going to start a free, open source bot project with a friend.
As I am not really sure what GPL allows me to do (downloaded a copy of it, kinda confusing to read as non-nativ english speaker), may I pick out that code thats interesting for our project?
Of course we ll credit you and like said it will be released open source.
Its just a sexy piece of code ;P
Edit: I am stupid ^^
You say your bot will be open source… correct?
Well, what license will the source be released under. If I know that then I can tell you whether your license is GPL-compatible.
For some reason I can’t inject with the -launch parameter.
After some debuging, here’s what i found so far:
1. the process is created suspended
2. dll gets injected
3. the export is not called for some reason
4. after the target process is resumed, it just exits
5. the injector reports “Successfully injected module!”
Command line used:
Loader32.exe -launch=”c:\windows\notepad.exe” -module=”Module32.dll” -export=”Initialize”
I’m on Win XP SP3 (32bit) + VS2008 w/ SP1 + Boost 1.39.
As an experiment, I removed the call to WaitForSingleObject() in Injector::InjectLib().The result was kinda weird, the app resumed normally, but the dll was not injected.
Then I found this: msdn.microsoft.com/en-us/library/ms686724(VS.85).aspx,
more to the point: “If the thread is the only active thread in the process, the process is terminated.”
I tested another similar project, same thing except the export is called this time.
Any ideas why is this happening?
That is indeed strange…..
The problem is most likely in your module. Would you mind posting it for me?
I’m using the example from the archive You provided in this post.
Here’s the binary build with my settings: Download no Longer available>
Okay I’ll take a look next time I get some time.