Grand Chase Worlds

Gostaria de reagir a esta mensagem? Crie uma conta em poucos cliques ou inicie sessão para continuar.

Bem-Vindo a GC World !


2 participantes

    [VB]Injetor de Dll

    Shunny'
    Shunny'
    Ex-Moderador
    Ex-Moderador


    Mensagens : 82
    Data de inscrição : 12/03/2011

    [VB]Injetor de Dll Empty [VB]Injetor de Dll

    Mensagem por Shunny' Ter Abr 19, 2011 11:35 pm

    Lembrando que é em Visual Basic 6

    Vamos precisar de :
    3 CommandButton
    4 Label
    1 Timer
    2 TextBox
    1 Microsoft Common Dialog Control 6.0
    3 Module
    2 Option

    Vamos começar:

    No Form Load declare o Seguinte código :
    Option1(0).Value = True
    Text2.Text = Load("HProcess", "Box2")
    If Text2.Text = Check Then Text2.Text = ""
    Text1.Text = Load("DllPath", "Box1")
    If Text1.Text = Check Then Text1.Text = ""



    Feito isso vamos proceguir.

    2° Adicione os CommandButton e dê o nome De :

    Command1 = cmdInjetar
    Command2 = cmdprocurar
    Command3 = cmdprocurar2



    Agora Adicione o Seguinte Código no "cmdInjetar"

    If ExeName = 1 Then
    ProsH = GetHProcExe(Text2.Text)
    If ProsH = 0 Then Label1.Caption = "Cant find process!": Exit Sub
    DllPath = Text1.Text
    InjectDll DllPath, ProsH
    Else
    ProsH = FindProc(Text2.Text)
    If ProsH = 0 Then Label1.Caption = "Cant find process!": Exit Sub
    DllPath = Text1.Text
    InjectDll DllPath, ProsH
    End If



    Agora Adicione os Seguintes Códigos no "cmdprocurar"

    CommonDialog1.Filter = "Application|*.EXE"
    CommonDialog1.ShowOpen
    Text2.Text = CommonDialog1.FileTitle
    Text2.SetFocus



    Agora os Códigos no "cmdprocurar2"

    CommonDialog1.Filter = "Library|*.DLL"
    CommonDialog1.ShowOpen
    Text1.Text = CommonDialog1.FileName
    Text1.SetFocus



    Agora Adicione o Componente Microsoft Common Dialog Control 6.0 pressionando CTRL+T, e Declare o Segunte Código :

    Private Declare Function GetAsyncKeyState Lib "USER32" (ByVal vKey As Long) As Integer
    Dim Content As String
    Dim DllPath As String



    Agora feito isso Adicione um Timer e ponhe o seguinte código :

    keyresult = GetAsyncKeyState(96)
    If keyresult = -32767 Then
    If ExeName = 1 Then
    ProsH = GetHProcExe(Text2.Text)
    If ProsH = 0 Then Label1.Caption = "Cant find process!": Exit Sub
    DllPath = Text1.Text
    InjectDll DllPath, ProsH
    Else
    ProsH = FindProc(Text2.Text)
    If ProsH = 0 Then Label1.Caption = "Cant find process!": Exit Sub
    DllPath = Text1.Text
    InjectDll DllPath, ProsH
    End If
    End If



    Agora Adicione as Label e dê o nome no Caption de "Processo.EXE" e "DLL Patch"

    Adicione os 2 "Option" e para o "Option0" Mude o Nome do Caption para "Nome EXE" e ponhe o seguinte código:

    Private Sub Option0_Click(Index As Integer)
    Select Case Index
    Case 0
    Label4.Caption = "Process EXE name:"
    Command3.Enabled = True
    ExeName = 1
    Case 1
    Label4.Caption = "Process Window Name:"
    Command3.Enabled = False
    ExeName = 2
    End Select
    End Sub



    No "Option1" de o nome do Caption para "Nome da Janela" e adicione o código abaixo:

    Private Sub Option1_Click(Index As Integer)
    Select Case Index
    Case 0
    Label4.Caption = "Process EXE name:"
    Command3.Enabled = True
    ExeName = 1
    Case 1
    Label4.Caption = "Process Window Name:"
    Command3.Enabled = False
    ExeName = 2
    End Select
    End Sub



    Declare também esse Código em Sua "Form"

    Private Sub Form_Unload(Cancel As Integer)
    Call Save("HProcess", "Box2", Text2.Text)
    Call Save("DllPath", "Box1", Text1.Text)
    End Sub



    Adicione mais 2 Label e de o Nome do Caption para : "Status da Injeção" e "Esperando..."

    Agora Adicione 3 Modules e renomeias para :

    Module1 = DllInjector
    Module2 = modGetHProcExe
    Module3 = SaveSets



    Adicione os seguintes Códigos no Module "DllInjector"

    'VB DLL injector
    'By RodrigoEviL

    'All the shit it takes to make VB to inject dlls...
    Private Declare Function GetProcAddress Lib "kernel32" (ByVal hModule As Long, ByVal lpProcName As String) As Long
    Private Declare Function GetModuleHandle Lib "kernel32" Alias "GetModuleHandleA" (ByVal lpModuleName As String) As Long
    Private Declare Function LoadLibrary Lib "kernel32" Alias "LoadLibraryA" (ByVal lpLibFileName As String) As Long
    Private Declare Function VirtualAllocEx Lib "kernel32" (ByVal hProcess As Long, lpAddress As Any, ByVal dwSize As Long, ByVal fAllocType As Long, FlProtect As Long) As Long
    Public Declare Function WriteProcessMemory Lib "kernel32" (ByVal hProcess As Long, ByVal lpBaseAddress As Any, lpBuffer As Any, ByVal nSize As Long, lpNumberOfBytesWritten As Long) As Long
    Private Declare Function CreateRemoteThread Lib "kernel32" (ByVal ProcessHandle As Long, lpThreadAttributes As Long, ByVal dwStackSize As Long, ByVal lpStartAddress As Any, ByVal lpParameter As Any, ByVal dwCreationFlags As Long, lpThreadID As Long) As Long
    Public ProsH As Long

    'The Injection Function
    Public Function InjectDll(DllPath As String, ProsH As Long)
    Dim DLLVirtLoc As Long, DllLength, Inject As Long, LibAddress As Long
    Dim CreateThread As Long, ThreadID As Long

    'STEP 1 - The easy part...Putting the bitch in the process' memory
    Form1.Label1.Caption = "Injecting......"
    'Find a nice spot for your DLL to chill using VirtualAllocEx
    DllLength = Len(DllPath)
    DLLVirtLoc = VirtualAllocEx(ProsH, ByVal 0, DllLength, &H1000, ByVal &H4)
    If DLLVirtLoc = 0 Then Form1.Label1.Caption = "VirtualAllocEx API failed!": Exit Function
    'Inject the Dll into that spot
    Inject = WriteProcessMemory(ProsH, DLLVirtLoc, ByVal DllPath, DllLength, vbNull)
    If Inject = 0 Then Form1.Label1.Caption = "Failed to Write DLL to Process!"
    Form1.Label1.Caption = "Dll Injected...Creating Thread....."


    'STEP 2 - Loading it in the process
    'This is where it gets a little interesting....
    'Just throwing our Dll into the process isnt going to do shit unless you
    'Load it into the precess address using LoadLibrary. The LoadLibrary function
    'maps the specified executable module into the address space of the
    'calling process. You call LoadLibrary by using CreateRemoteThread to
    'create a thread(no shit) that runs in the address space of another process.
    'First we find the LoadLibrary API function and store it
    LibAddress = GetProcAddress(GetModuleHandle("kernel32.dll"), "LoadLibraryA")
    If LibAddress = 0 Then Form1.Label1.Caption = "Can't find LoadLibrary API from kernel32.dll": Exit Function
    'Next, the part the took me damn near 2 hours to figure out - using CreateRemoteThread
    'We set a pointer to LoadLibrary(LibAddress) in our process, LoadLibrary then puts
    'our Dll(DLLVirtLoc) into the process address. Easy enough right?
    CreateThread = CreateRemoteThread(ProsH, vbNull, 0, LibAddress, DLLVirtLoc, 0, ThreadID)
    If CreateThread = 0 Then Form1.Label1.Caption = "Failed to Create Thead!"
    Form1.Label1.Caption = "Dll Injection Successful!"
    End Function



    No Module2 "modGetHProcExe" Adicione o Código:

    'I DID NOT CREATE THIS MODULE! Im in love with who ever did though
    Public Const PROCESS_ALL_ACCESS As Long = &H1F0FFF

    Option Explicit
    Public Declare Function OpenProcess Lib "kernel32" (ByVal dwDesiredAccess As Long, ByVal bInheritHandle As Long, ByVal dwProcessId As Long) As Long
    Public Declare Function FindWindow Lib "USER32" Alias "FindWindowA" (ByVal Classname As String, ByVal WindowName As String) As Long
    Public Declare Function GetWindowThreadProcessId Lib "USER32" (ByVal hwnd As Long, lpdwProcessId As Long) As Long
    Private Declare Function CreateToolhelpSnapshot Lib "kernel32" Alias "CreateToolhelp32Snapshot" (ByVal lFlags As Long, ByVal lProcessID As Long) As Long
    Private Declare Function Process32First Lib "kernel32" (ByVal hSnapShot As Long, uProcess As PROCESSENTRY32) As Long
    Private Declare Function Process32Next Lib "kernel32" (ByVal hSnapShot As Long, uProcess As PROCESSENTRY32) As Long
    Private Declare Sub CloseHandle Lib "kernel32" (ByVal hPass As Long)


    Private Type PROCESSENTRY32
    dwSize As Long
    cntUsage As Long
    th32ProcessID As Long
    th32DefaultHeapID As Long
    th32ModuleID As Long
    cntThreads As Long
    th32ParentProcessID As Long
    pcPriClassBase As Long
    dwFlags As Long
    szExeFile As String * 260
    End Type

    Public Function GetHProcExe(strExeName As String) As Long
    Dim hSnap As Long
    'Create a snapshot of all of the processes, and information
    'about them (saving the handle so we can iterate through the
    'processes)
    hSnap = CreateToolhelpSnapshot(2, 0)

    Dim peProcess As PROCESSENTRY32
    peProcess.dwSize = LenB(peProcess)

    Dim nProcess As Long
    nProcess = Process32First(hSnap, peProcess)

    'Loop through the processes until we find the one we want
    'and return its process handle
    Do While nProcess
    If StrComp(Trim$(peProcess.szExeFile), strExeName, vbTextCompare) _
    = 0 Then
    GetHProcExe = OpenProcess(PROCESS_ALL_ACCESS, False, peProcess.th32ProcessID)
    Exit Function
    End If
    peProcess.szExeFile = vbNullString
    nProcess = Process32Next(hSnap, peProcess)
    Loop
    CloseHandle hSnap
    End Function
    Public Function FindProc(ProcName As String) As Long
    Dim hwnd As Long
    Dim ProcessID As Long
    Dim ProcessHandle As Long
    hwnd = FindWindow(vbNullString, ProcName)
    GetWindowThreadProcessId hwnd, ProcessID
    ProcessHandle = OpenProcess(PROCESS_ALL_ACCESS, False, ProcessID)
    FindProc = ProcessHandle
    End Function



    No Module3 "SaveSets" Adicione :

    Declare Function WritePrivateProfileString Lib "kernel32" Alias "WritePrivateProfileStringA" (ByVal lpApplicationname As String, ByVal lpKeyName As Any, ByVal lsString As Any, ByVal lplFilename As String) As Long
    Declare Function GetPrivateProfileString Lib "kernel32" Alias "GetPrivateProfileStringA" (ByVal lpApplicationname As String, ByVal lpKeyName As String, ByVal lpDefault As String, ByVal lpReturnedString As String, ByVal nSize As Long, ByVal lpFileName As String) As Long
    Public Check As String

    Public Function Load(Section As String, Key As String) As String
    Dim lngResult As Long
    Dim strFileName
    Dim strResult As String * 300
    strFileName = App.Path & "\sets.ini"
    lngResult = GetPrivateProfileString(Section, Key, strFileName, strResult, Len(strResult), strFileName)
    Check = App.Path & "\sets.ini"
    Load = Trim(strResult)
    End Function

    Public Function Save(Section As String, Key As String, Content As String)
    Dim lngResult As Long
    Dim strFileName
    strFileName = App.Path & "\sets.ini"
    lngResult = WritePrivateProfileString(Section, Key, Content, strFileName)
    End Function



    Feito Tudo isso você terminou Seu Injetor de DLL's.
    GuitarPeu
    GuitarPeu
    Membro de Ouro
    Membro de Ouro


    Mensagens : 5
    Data de inscrição : 27/04/2011
    Idade : 30

    [VB]Injetor de Dll Empty Re: [VB]Injetor de Dll

    Mensagem por GuitarPeu Qua Abr 27, 2011 12:44 am

    Tópico ótimo continue assim

      Data/hora atual: Sex Nov 22, 2024 2:01 am