int main(int argc, char * argv[]) { //Pruefen ob Minesweeper schon offen ist, ansonsten oeffnen: DWORD pID = GetTargetThreadIDFromProcName("winmine.exe"); if(pID == 0) { //Minesweeper oeffnen ShellExecute(NULL, "open", "winmine.exe", NULL, NULL, SW_SHOW); Sleep(1000); // Retrieve process ID pID = GetTargetThreadIDFromProcName("winmine.exe"); } // Get the dll's full path name char buf[MAX_PATH] = {0}; GetFullPathName("CallFeldFunction.dll", MAX_PATH, buf, NULL); printf(buf); printf("\n"); // Inject our main dll if(!Inject(pID, buf)) { printf("DLL konnte nicht injected werden.!"); _getch(); }else{ printf("DLL erfolgreich injected!"); } return 0; }
bool Injector::Inject(char* procName,char* dllName) { DWORD pID = GetTargetThreadIDFromProcName(procName); char DLL_NAME[MAX_PATH] = {0}; GetFullPathName(dllName, MAX_PATH,DLL_NAME, NULL); printf(DLL_NAME); printf("\n"); HANDLE Proc = 0; HMODULE hLib = 0; char buf[50] = {0}; LPVOID RemoteString, LoadLibAddy; if(!pID) return false; Proc = OpenProcess(PROCESS_ALL_ACCESS, FALSE, pID); if(!Proc) { sprintf(buf, "OpenProcess() failed: %d", GetLastError()); //MessageBox(NULL, buf, "Loader", MB_OK); printf(buf); return false; } LoadLibAddy = (LPVOID)GetProcAddress(GetModuleHandle("kernel32.dll"), "LoadLibraryA"); // Allocate space in the process for our <strong class="highlight">DLL</strong> RemoteString = (LPVOID)VirtualAllocEx(Proc, NULL, strlen(DLL_NAME), MEM_RESERVE | MEM_COMMIT, PAGE_READWRITE); // Write the string name of our <strong class="highlight">DLL</strong> in the memory allocated WriteProcessMemory(Proc, (LPVOID)RemoteString, DLL_NAME, strlen(DLL_NAME), NULL); // Load our <strong class="highlight">DLL</strong> CreateRemoteThread(Proc, NULL, NULL, (LPTHREAD_START_ROUTINE)LoadLibAddy, (LPVOID)RemoteString, NULL, NULL); CloseHandle(Proc); return true; }