通用 C# DLL 注入器injector(注入dll不限)
生活随笔
收集整理的這篇文章主要介紹了
通用 C# DLL 注入器injector(注入dll不限)
小編覺得挺不錯的,現在分享給大家,幫大家做個參考.
為了方便那些不懂或者不想用C++的同志,我把C++的dll注入器源碼轉換成了C#的,這是一個很簡單實用的注入器,用到了CreateRemoteThread,WriteProcessMemory ,VirtualAllocEx這幾個Api
1 using System;
2 using System.Diagnostics;
3 using System.IO;
4 using System.Runtime.InteropServices;
5 using System.Text;
6
7 namespace GijSoft.DllInjection
8 {
9 public enum DllInjectionResult
10 {
11 DllNotFound,
12 GameProcessNotFound,
13 InjectionFailed,
14 Success
15 }
16
17 public sealed class DllInjector
18 {
19 static readonly IntPtr INTPTR_ZERO = (IntPtr)0;
20
21 [DllImport("kernel32.dll", SetLastError = true)]
22 static extern IntPtr OpenProcess(uint dwDesiredAccess, int bInheritHandle, uint dwProcessId);
23
24 [DllImport("kernel32.dll", SetLastError = true)]
25 static extern int CloseHandle(IntPtr hObject);
26
27 [DllImport("kernel32.dll", SetLastError = true)]
28 static extern IntPtr GetProcAddress(IntPtr hModule, string lpProcName);
29
30 [DllImport("kernel32.dll", SetLastError = true)]
31 static extern IntPtr GetModuleHandle(string lpModuleName);
32
33 [DllImport("kernel32.dll", SetLastError = true)]
34 static extern IntPtr VirtualAllocEx(IntPtr hProcess, IntPtr lpAddress, IntPtr dwSize, uint flAllocationType, uint flProtect);
35
36 [DllImport("kernel32.dll", SetLastError = true)]
37 static extern int WriteProcessMemory(IntPtr hProcess, IntPtr lpBaseAddress, byte[] buffer, uint size, int lpNumberOfBytesWritten);
38
39 [DllImport("kernel32.dll", SetLastError = true)]
40 static extern IntPtr CreateRemoteThread(IntPtr hProcess, IntPtr lpThreadAttribute, IntPtr dwStackSize, IntPtr lpStartAddress,
41 IntPtr lpParameter, uint dwCreationFlags, IntPtr lpThreadId);
42
43 static DllInjector _instance;
44
45 public static DllInjector GetInstance
46 {
47 get
48 {
49 if (_instance == null)
50 {
51 _instance = new DllInjector();
52 }
53 return _instance;
54 }
55 }
56
57 DllInjector() { }
58
59 public DllInjectionResult Inject(string sProcName, string sDllPath)
60 {
61 if (!File.Exists(sDllPath))
62 {
63 return DllInjectionResult.DllNotFound;
64 }
65
66 uint _procId = 0;
67
68 Process[] _procs = Process.GetProcesses();
69 for (int i = 0; i < _procs.Length; i++)
70 {
71 if (_procs[i].ProcessName == sProcName)
72 {
73 _procId = (uint)_procs[i].Id;
74 break;
75 }
76 }
77
78 if (_procId == 0)
79 {
80 return DllInjectionResult.GameProcessNotFound;
81 }
82
83 if (!bInject(_procId, sDllPath))
84 {
85 return DllInjectionResult.InjectionFailed;
86 }
87
88 return DllInjectionResult.Success;
89 }
90
91 bool bInject(uint pToBeInjected, string sDllPath)
92 {
93 IntPtr hndProc = OpenProcess((0x2 | 0x8 | 0x10 | 0x20 | 0x400), 1, pToBeInjected);
94
95 if (hndProc == INTPTR_ZERO)
96 {
97 return false;
98 }
99
100 IntPtr lpLLAddress = GetProcAddress(GetModuleHandle("kernel32.dll"), "LoadLibraryA");
101
102 if (lpLLAddress == INTPTR_ZERO)
103 {
104 return false;
105 }
106
107 IntPtr lpAddress = VirtualAllocEx(hndProc, (IntPtr)null, (IntPtr)sDllPath.Length, (0x1000 | 0x2000), 0X40);
108
109 if (lpAddress == INTPTR_ZERO)
110 {
111 return false;
112 }
113
114 byte[] bytes = Encoding.ASCII.GetBytes(sDllPath);
115
116 if (WriteProcessMemory(hndProc, lpAddress, bytes, (uint)bytes.Length, 0) == 0)
117 {
118 return false;
119 }
120
121 if (CreateRemoteThread(hndProc, (IntPtr)null, INTPTR_ZERO, lpLLAddress, lpAddress, 0, (IntPtr)null) == INTPTR_ZERO)
122 {
123 return false;
124 }
125
126 CloseHandle(hndProc);
127
128 return true;
129 }
130 }
131 }
注意:使用時必須安裝.netFramework
不滿足現狀,用于挑戰高峰!
總結
以上是生活随笔為你收集整理的通用 C# DLL 注入器injector(注入dll不限)的全部內容,希望文章能夠幫你解決所遇到的問題。
- 上一篇: 移动端常见的一些兼容性问题
- 下一篇: 深入理解【缺页中断】及FIFO、LRU、