Simple Injection. An in-depth look.
oh boy... to bad my english are not so good to understand much of those words... but i'd thanks very much for Chooka/Jason... my motivations up...
ROFL made a woeful mistake in there, closed a completely irrelevant handle. Glad noone spotted it 
ummmmmmmm what ? i dont under stand this at all >.<
Originally Posted by akp123
ummmmmmmm what ? i dont under stand this at all >.<
Edit:
I am a tool, Jason is better than me in everything including arts & crafts and the guitar. I have no friends.
I am a tool, Jason is better than me in everything including arts & crafts and the guitar. I have no friends.
Originally Posted by Void
Edit:
I am a tool, Jason is better than me in everything including arts & crafts and the guitar. I have no friends.
I am a tool, Jason is better than me in everything including arts & crafts and the guitar. I have no friends.
Jason can you say the steps like this:?
FindWindow()
OpenProcess()
...
WriteProcessMemory()
CloseHandle()
...
?
Im going to make it in C++
FindWindow()
OpenProcess()
...
WriteProcessMemory()
CloseHandle()
...
?
Im going to make it in C++
Originally Posted by -Away
Jason can you say the steps like this:?
FindWindow()
OpenProcess()
...
WriteProcessMemory()
CloseHandle()
...
?
Im going to make it in C++
FindWindow()
OpenProcess()
...
WriteProcessMemory()
CloseHandle()
...
?
Im going to make it in C++
Originally Posted by Cho Chang
Erm, can't you just read the steps yourself?
I tried to read but my english sucks too mutch to understand it right
Originally Posted by Cho Chang
Read the thread? This needs to be compiled as x86 application. It works on 64 bit computers then. My PC is a x64 and it injects fine as long as the project is compiled as x86.
I also had a read of the thread I really like how you actually explained everything in detail
I still get confused on stuff like:
"ByVal flProtect As Integer"
From
Code:
Private Declare Function VirtualAllocEx Lib "kernel32" (ByVal hProcess As Integer, ByVal lpAddress As Integer, ByVal dwSize As Integer, ByVal flAllocationType As Integer, ByVal flProtect As Integer) As Integer
What does "flProtect" actually do?
Reason why I ask about this is because if I had to code example a injector like this I wouldn't know wat that means yet to even put it in
Cheers Jazza (:
Originally Posted by -Away
Ah you're the minion here
@Jàzzà_ flProtect specifies the protection on the committed region of memory allocated by VirtualAllocEx. We need Read/Write access to the memory so we specify 0x04 (&H4)
For more info see the VirtualAllocEx MSDN page:
http://msdn.microsof*****m/en-us/libr...=vs.85%29.aspx
Temp stickied 'cos I'm a vain bastard.
In reading this, your putting a Byte array into the process to call LoadLibrary with.. Thats not gonna work
Originally Posted by topblast
In reading this, your putting a Byte array into the process to call LoadLibrary with.. Thats not gonna work
Originally Posted by topblast
In reading this, your putting a Byte array into the process to call LoadLibrary with.. Thats not gonna work
CreateRemoteThread calls a specified function and is capable of providing a single parameter to the called function, this works nicely with LoadLibrary seeing as LoadLibrary only accepts a single parameter anyway so we don't need to get messy working with stubs and shit. The parameter is a string, you point the CreateRemoteThread param to wherever you wrote your string to memory and LoadLibrary will re-interpret the bytes as a string. To understand this you've got to understand how variables work. They are stored in memory.
All this is doing it writing you DLL location to the processes memory, then calling LoadLibrary and telling it what file to be loading (by pointing it where you just wrote your DLL's location)
If you don't understand that, I dunno how else to explain it.
Similar Threads
- 20Last post
- 74Last post
- 6Last post
- 6Last post
- 7Last post