13 Years of Service
95%
Testeado en XP e W732 , no ay probado en otros SO
dejo el Code e una Dll para probar el funcionamiento
MsgBox DLL ==>>
[lenguaje=autoit]Const $sProcess = "Anotador.exe"
Const $sDLLtoInject = @ScriptDir & "\MsgBox.dll"
Const $sKernel32 = DllOpen("Kernel32")
#cs========================================================#
Autor : M3
Proposito : Injetar una Dll en un processo
Flecha: 18/08/2012
Uso :sInjectMyDll(ProcessExists($sProcess), $sDLLtoInject)
#ce========================================================#
sInjectMyDll(ProcessExists($sProcess), $sDLLtoInject)
Func sInjectMyDll($sProcess, $sDLLtoInject)
Local $sHandle, $sRemote, $sGetModuleHandle, $sLoadLibrary, $sThread
$sHandle = OpenProcess(2035711, 0, $sProcess)
$sRemote = VirtualAllocEx($sHandle, 0, 4096, 4096, 4)
For $i = 0 To StringLen($sDLLtoInject)
$sReturn = DllCall($sKernel32, "none", "WriteProcessMemory", "int", $sHandle, "int", $sRemote + $i, "int*", _
Asc(StringMid($sDLLtoInject, $i + 1, 1)), "int", 1, "int", 0)
Next
$sGetModuleHandle = DllCall($sKernel32, "long", "GetModuleHandleA", "str", "Kernel32")
$sGetModuleHandle = $sGetModuleHandle[0]
$sLoadLibrary = DllCall($sKernel32, "long", "GetProcAddress", "long", $sGetModuleHandle, "str", "LoadLibraryA")
$sLoadLibrary = $sLoadLibrary[0]
$sThread = CreateRemoteThread ($sHandle, 0, 0, $sLoadLibrary, $sRemote, 0, 0)
If $sThread > 0 Then
$sThread = True
Else
MsgBox ("","Erro en la Injeccion","Processo a injetar no existe")
SetError(-1)
Return 1
EndIf
CloseHandle ($sThread)
CloseHandle ($sHandle)
Return 1
EndFunc
Func OpenProcess($iAccess, $bInherit, $iProcessID)
Local $bResult = DllCall("Kernel32", "int", "OpenProcess", "int", $iAccess, "int", $bInherit, "int", $iProcessID)
If @error Or Not IsArray($bResult) Then Return SetError(-1)
Return $bResult[0]
EndFunc
Func VirtualAllocEx($hProcess, $pAddress, $iSize, $iAllocation, $iProtect)
Local $bResult = DllCall("Kernel32", "ptr", "VirtualAllocEx", "int", $hProcess, "ptr", $pAddress, "int", $iSize, "int", $iAllocation, "int", $iProtect)
If @error Or Not IsArray($bResult) Then Return SetError(-1)
Return $bResult[0]
EndFunc
Func CloseHandle($hObject)
Local $bResult = DllCall("Kernel32", "int", "CloseHandle", "int", $hObject)
If @error Or Not IsArray($bResult) Then Return SetError(-1)
Return $bResult[0]
EndFunc
Func CreateRemoteThread($hProcess, $lpThreadAttributes, $dwStackSize, $lpStartAddress, $lpParameter, $dwCreationFlags, $lpThreadId)
Local $Return
$Return = DllCall("Kernel32", "int", "CreateRemoteThread", "int", $hProcess, "ptr", $lpThreadAttributes, "int", $dwStackSize, "int", $lpStartAddress, "ptr", $lpParameter, "int", $dwCreationFlags, "int", $lpThreadId)
Return $Return[0]
EndFunc[/lenguaje]
Autor: M3
dejo el Code e una Dll para probar el funcionamiento
MsgBox DLL ==>>
This link is hidden for visitors. Please Log in or register now.
[lenguaje=autoit]Const $sProcess = "Anotador.exe"
Const $sDLLtoInject = @ScriptDir & "\MsgBox.dll"
Const $sKernel32 = DllOpen("Kernel32")
#cs========================================================#
Autor : M3
Proposito : Injetar una Dll en un processo
Flecha: 18/08/2012
Uso :sInjectMyDll(ProcessExists($sProcess), $sDLLtoInject)
#ce========================================================#
sInjectMyDll(ProcessExists($sProcess), $sDLLtoInject)
Func sInjectMyDll($sProcess, $sDLLtoInject)
Local $sHandle, $sRemote, $sGetModuleHandle, $sLoadLibrary, $sThread
$sHandle = OpenProcess(2035711, 0, $sProcess)
$sRemote = VirtualAllocEx($sHandle, 0, 4096, 4096, 4)
For $i = 0 To StringLen($sDLLtoInject)
$sReturn = DllCall($sKernel32, "none", "WriteProcessMemory", "int", $sHandle, "int", $sRemote + $i, "int*", _
Asc(StringMid($sDLLtoInject, $i + 1, 1)), "int", 1, "int", 0)
Next
$sGetModuleHandle = DllCall($sKernel32, "long", "GetModuleHandleA", "str", "Kernel32")
$sGetModuleHandle = $sGetModuleHandle[0]
$sLoadLibrary = DllCall($sKernel32, "long", "GetProcAddress", "long", $sGetModuleHandle, "str", "LoadLibraryA")
$sLoadLibrary = $sLoadLibrary[0]
$sThread = CreateRemoteThread ($sHandle, 0, 0, $sLoadLibrary, $sRemote, 0, 0)
If $sThread > 0 Then
$sThread = True
Else
MsgBox ("","Erro en la Injeccion","Processo a injetar no existe")
SetError(-1)
Return 1
EndIf
CloseHandle ($sThread)
CloseHandle ($sHandle)
Return 1
EndFunc
Func OpenProcess($iAccess, $bInherit, $iProcessID)
Local $bResult = DllCall("Kernel32", "int", "OpenProcess", "int", $iAccess, "int", $bInherit, "int", $iProcessID)
If @error Or Not IsArray($bResult) Then Return SetError(-1)
Return $bResult[0]
EndFunc
Func VirtualAllocEx($hProcess, $pAddress, $iSize, $iAllocation, $iProtect)
Local $bResult = DllCall("Kernel32", "ptr", "VirtualAllocEx", "int", $hProcess, "ptr", $pAddress, "int", $iSize, "int", $iAllocation, "int", $iProtect)
If @error Or Not IsArray($bResult) Then Return SetError(-1)
Return $bResult[0]
EndFunc
Func CloseHandle($hObject)
Local $bResult = DllCall("Kernel32", "int", "CloseHandle", "int", $hObject)
If @error Or Not IsArray($bResult) Then Return SetError(-1)
Return $bResult[0]
EndFunc
Func CreateRemoteThread($hProcess, $lpThreadAttributes, $dwStackSize, $lpStartAddress, $lpParameter, $dwCreationFlags, $lpThreadId)
Local $Return
$Return = DllCall("Kernel32", "int", "CreateRemoteThread", "int", $hProcess, "ptr", $lpThreadAttributes, "int", $dwStackSize, "int", $lpStartAddress, "ptr", $lpParameter, "int", $dwCreationFlags, "int", $lpThreadId)
Return $Return[0]
EndFunc[/lenguaje]
Autor: M3
Last edited by a moderator: