Unconfigured Ad Widget

Collapse

Anúncio

Collapse
No announcement yet.

Ajuda com injetor de dll

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Tempo
  • Show
Clear All
new posts
Anterior template Avançar
  • Font Size
    #1

    Ajuda com injetor de dll

    Código PHP:
        Private Sub Inject()
                On Error GoTo ' If error occurs, app will close without any error messages 
            Timer1.Stop()
            Dim TargetProcess As Process() = Process.GetProcessesByName(TextBox1.Text)
            TargetProcessHandle = OpenProcess(PROCESS_CREATE_THREAD Or PROCESS_VM_OPERATION Or PROCESS_VM_WRITE, False, TargetProcess(0).Id)
            pszLibFileRemote = OpenFileDialog1.FileName
            pfnStartAddr = GetProcAddress(GetModuleHandle("Kernel32"), "LoadLibraryA")
            TargetBufferSize = 1 + Len(pszLibFileRemote)
            Dim Rtn As Integer
            Dim LoadLibParamAdr As Integer
            LoadLibParamAdr = VirtualAllocEx(TargetProcessHandle, 0, TargetBufferSize, MEM_COMMIT, PAGE_READWRITE)
            Rtn = WriteProcessMemory(TargetProcessHandle, LoadLibParamAdr, pszLibFileRemote, TargetBufferSize, 0)
            CreateRemoteThread(TargetProcessHandle, 0, 0, pfnStartAddr, LoadLibParamAdr, 0, 0)
            CloseHandle(TargetProcessHandle)
    1:      Me.Show()
        End Sub 
    TextBox1.Text = Nome Do Processo
    OpenFileDialog1.FileName = Caminho da dll

    como eu posso definir o processo e a dll diretamente nesse script ?
    Tags: Nenhum(a)
    • Top
  • Font Size
    #2
    Qual Visual Basic vc esta usando??
    • Top

    Comment

    • Font Size
      #3
      Coloca isso na Form:

      Código:
      Public Declare Function GetAsyncKeyState Lib "user32.dll" (ByVal Key As System.Windows.Forms.Keys) As Short
    Public Declare Function VirtualAllocEx Lib "kernel32" ( _
    ByVal hProcess As Integer, _
    ByVal Address As Integer, _
    ByVal dwSize As Integer, _
    ByVal flAllocationType As Integer, _
    ByVal flProtect As Integer) As Integer

    Public Declare Function WriteProcessMemory Lib "kernel32" ( _
    ByVal hProcess As Integer, _
    ByVal BaseAddress As Integer, _
    ByVal Buffer As String, _
    ByVal nSize As Integer, _
    ByRef BytesWritten As Integer) As Integer

    Public Declare Function GetProcAddress Lib "kernel32" ( _
    ByVal hModule As Integer, ByVal lpProcName As String) As Integer

    Private Declare Function GetModuleHandle Lib "Kernel32" Alias "GetModuleHandleA" ( _
    ByVal ModuleName As String) As Integer

    Public Declare Function CreateRemoteThread Lib "kernel32" ( _
    ByVal hProcess As Integer, _
    ByVal ThreadAttributes As Integer, _
    ByVal dwStackSize As Integer, _
    ByVal StartAddress As Integer, _
    ByVal Parameter As Integer, _
    ByVal dwCreationFlags As Integer, _
    ByRef ThreadId As Integer) As Integer

    Public Declare Function OpenProcess Lib "kernel32" ( _
    ByVal dwDesiredAccess As Integer, _
    ByVal bInheritHandle As Integer, _
    ByVal dwProcessId As Integer) As Integer

    Private Declare Function CloseHandle Lib "kernel32" Alias "CloseHandle" ( _
    ByVal hObject As Integer) As Integer

    Public Enum ThreadAcess
        PROCESS_VM_READ = &H10
        MEM_COMMIT = 4096
        PAGE_READWRITE = 4
        PROCESS_CREATE_THREAD = &H2
        PROCESS_VM_OPERATION = &H8
        PROCESS_VM_WRITE = &H20

    End Enum

    Private Sub InjetarDLL()
        Dim Proc As Process() = Process.GetProcessesByName("processo")
        Dim hProcessHandle As IntPtr = OpenProcess(ThreadAcess.PROCESS_CREATE_THREAD Or ThreadAcess.PROCESS_VM_OPERATION Or ThreadAcess.PROCESS_VM_WRITE, False, Proc(0).Id)
        Dim DLL As String = Environment.CurrentDirectory + " Diretorio da sua DLL aqui "
        Dim StartAddr As Integer = GetProcAddress(GetModuleHandle("Kernel32"), "LoadLibraryA")
        Dim TargetBufferSize As Integer = 1 + Len(DLL)
        Dim LoadLibParamAdr As Integer = VirtualAllocEx(hProcessHandle, 0, TargetBufferSize, ThreadAcess.MEM_COMMIT, ThreadAcess.PAGE_READWRITE)
        Dim Rtn As Integer = WriteProcessMemory(hProcessHandle, LoadLibParamAdr, DLL, TargetBufferSize, 0)
        CreateRemoteThread(hProcessHandle, 0, 0, StartAddr, LoadLibParamAdr, 0, 0)
        CloseHandle(hProcessHandle)
    End Sub
    Declare Function SuspendThread Lib "kernel32.dll" (ByVal hThread As IntPtr) As UInteger
    Declare Function ResumeThread Lib "kernel32.dll" (ByVal hThread As IntPtr) As UInteger
    Public Declare Function OpenThread Lib "kernel32.dll" (ByVal dwDesiredAccess As ThreadAccess, ByVal bInheritHandle As Boolean, ByVal dwThreadId As UInteger) As IntPtr
    Public Declare Function CloseHandle Lib "kernel32.dll" (ByVal hHandle As IntPtr) As Boolean

    Public Enum ThreadAccess As Integer
        TERMINATE = 1
        SUSPEND_RESUME = 2
        GET_CONTEXT = 8
        SET_CONTEXT = 16
        SET_INFORMATION = 32
        QUERY_INFORMATION = 64
        SET_THREAD_TOKEN = 128
        IMPERSONATE = 256
        DIRECT_IMPERSONATION = 512
    End Enum

    Private Sub ResumeProcess(ByVal process As System.Diagnostics.Process)
        For Each t As ProcessThread In process.Threads
            Dim th As IntPtr
            th = OpenThread(ThreadAccess.SUSPEND_RESUME, False, t.Id)
            If th <> IntPtr.Zero Then
                ResumeThread(th)
                CloseHandle(th)
            End If
        Next
    End Sub

    Private Sub SuspendProcess(ByVal process As System.Diagnostics.Process)
        For Each t As ProcessThread In process.Threads
            Dim th As IntPtr
            th = OpenThread(ThreadAccess.SUSPEND_RESUME, False, t.Id)
            If th <> IntPtr.Zero Then
                SuspendThread(th)
                CloseHandle(th)
      onde está escrito "Diretorio da Sua DLL aqui" coloca o diretório da DLL e onde está "Process.GetProcessesByName("processo")" mude para o nome do seu processo. Depois é só adicionar um botão e colocar:

      Código:
      InjetarDLL()

      My Fan? Use:


      • Top

      Comment

      • Font Size
        #4
        Postado Originalmente por kleber987 Ver Post
        Código PHP:
            Private Sub Inject()
                        On Error GoTo ' If error occurs, app will close without any error messages 
                Timer1.Stop()
                Dim TargetProcess As Process() = Process.GetProcessesByName(TextBox1.Text)
                TargetProcessHandle = OpenProcess(PROCESS_CREATE_THREAD Or PROCESS_VM_OPERATION Or PROCESS_VM_WRITE, False, TargetProcess(0).Id)
                pszLibFileRemote = OpenFileDialog1.FileName
                pfnStartAddr = GetProcAddress(GetModuleHandle("Kernel32"), "LoadLibraryA")
                TargetBufferSize = 1 + Len(pszLibFileRemote)
                Dim Rtn As Integer
                Dim LoadLibParamAdr As Integer
                LoadLibParamAdr = VirtualAllocEx(TargetProcessHandle, 0, TargetBufferSize, MEM_COMMIT, PAGE_READWRITE)
                Rtn = WriteProcessMemory(TargetProcessHandle, LoadLibParamAdr, pszLibFileRemote, TargetBufferSize, 0)
                CreateRemoteThread(TargetProcessHandle, 0, 0, pfnStartAddr, LoadLibParamAdr, 0, 0)
                CloseHandle(TargetProcessHandle)
        1:      Me.Show()
            End Sub 
        TextBox1.Text = Nome Do Processo
        OpenFileDialog1.FileName = Caminho da dll

        como eu posso definir o processo e a dll diretamente nesse script ?

        Cara faz isto aqui...

        Private Sub Inject()
        On Error GoTo 1 ' If error occurs, app will close without any error messages
        Timer1.Stop()
        Dim TargetProcess As Process() = Process.GetProcessesByName("proces aqui sem .exe")
        TargetProcessHandle = OpenProcess(PROCESS_CREATE_THREAD Or PROCESS_VM_OPERATION Or PROCESS_VM_WRITE, False, TargetProcess(0).Id)
        pszLibFileRemote = "C:\diretorio da dll por exemplo a linha a baixo"
        'pszLibFileRemote = "C:\Desktop\Minha.dll"
        pfnStartAddr = GetProcAddress(GetModuleHandle("Kernel32"), "LoadLibraryA")
        TargetBufferSize = 1 + Len(pszLibFileRemote)
        Dim Rtn As Integer
        Dim LoadLibParamAdr As Integer
        LoadLibParamAdr = VirtualAllocEx(TargetProcessHandle, 0, TargetBufferSize, MEM_COMMIT, PAGE_READWRITE)
        Rtn = WriteProcessMemory(TargetProcessHandle, LoadLibParamAdr, pszLibFileRemote, TargetBufferSize, 0)
        CreateRemoteThread(TargetProcessHandle, 0, 0, pfnStartAddr, LoadLibParamAdr, 0, 0)
        CloseHandle(TargetProcessHandle)
        1: Me.Show()
        End Sub


        Duvida esclarecida?
        • Top

        Comment

        Anterior template Avançar
        X
        Working...
        X