将C ++ DLL，Injection（C＃）转换为一个进程 [英] C++ DLL, Injection (C#) into a process

问题描述

大家好。



我在编写工具时遇到了很大的问题。

我尝试注入一个C ++ DLL （32位）进入32位进程但DLL没有正确注入。



DLL 100％正常工作。用C ++ Injector测试它。



这是我的注射码：

Hello all.

I''ve encountered a huge problem while programming a tool.
I try to inject a C++ DLL (32bit) into a 32bit process but the DLL does not get injected properly.

The DLL is 100% working. Tested it with a C++ Injector.

This is my injection code:

<code>protected void adjustDebugPriv(int pid)
       {

           IntPtr hProcess = OpenProcess(ProcessAccess.AllAccess, false, pid);

           if (IntPtr.Zero == hProcess)
           {
               throw new Exception("Cann't open process.");
           }

           TOKEN_PRIVILEGES tp = new TOKEN_PRIVILEGES();
           tp.PrivilegeCount = 1;
           tp.Attributes = SE_NAMES.SE_PRIVILEGE_ENABLED;

           if (!API.LookupPrivilegeValue(null, SE_NAMES.SE_DEBUG_NAME, out tp.Luid))
           {
               API.CloseHandle(hProcess);
               throw new Exception("Cann't lookup value");
           }

           IntPtr hToken;
           if (!API.OpenProcessToken(hProcess, TOKEN_ACCESS.TOKEN_ADJUST_PRIVILEGES, out hToken))
           {
               API.CloseHandle(hProcess);
               throw new Exception("Cann't open process token value");
           }

           if (!API.AdjustTokenPrivileges(hToken, false, ref tp, 0, IntPtr.Zero, IntPtr.Zero))
           {
               API.CloseHandle(hProcess);
               API.CloseHandle(hToken);
               throw new Exception("Cann't AdjustTokenPrivileges");
           }

           API.CloseHandle(hProcess);
           API.CloseHandle(hToken);
       }
public bool Inject()
       {
           UIntPtr bytesout;
            IntPtr bytesout2;
            Int32 LenWrite = dllFilePath.Length + 1;
            ASCIIEncoding enc = new ASCIIEncoding();

            adjustDebugPriv(procID);

            IntPtr hProcess = OpenProcess(ProcessAccess.AllAccess, false, procID);

            if (hProcess == null)
                return false;

            IntPtr AllocMem = (IntPtr)VirtualAllocEx(hProcess, (IntPtr)null, (uint)LenWrite, 0x1000, 0x40);

            if (AllocMem == null)
                return false;

            bool wpm = WriteProcessMemory(hProcess, AllocMem, enc.GetBytes(dllFilePath), (uint)LenWrite, out bytesout);

            if (!wpm)
                return false;

            UIntPtr Injector = (UIntPtr)GetProcAddress(API.GetModuleHandle("kernel32.dll"), "LoadLibraryA");

            if (Injector == null)
                return false;

            IntPtr hThread = (IntPtr)CreateRemoteThread(hProcess, (IntPtr)null, 0, Injector, AllocMem, 0, out bytesout2);

            if (hThread == null)
                return false;

            uint Result = API.WaitForSingleObject(hThread,10 * 10000);

            if (Result == 0x00000080L || Result == 0x00000102L || Result == 0xFFFFFFFF)
            {
                if (hThread != null)
                    API.CloseHandle(hThread);

                return false;
            }

            Thread.Sleep(1000);
            API.VirtualFreeEx(hProcess, AllocMem, 0, FreeType.Release);

            if (hThread != null)
                API.CloseHandle(hThread);

            return true;
       }</code>

我希望你能帮助我。



问候。

I hope you can help me.

Greetings.

推荐答案

告诉我钩子为什么不被执行。 DLL加载正常。



编辑：搞定了。 VS11被窃听。代码在VS10中正常运行。

Telling me why the hook does not get executed. DLL is loaded fine.

Got it working. VS11 is bugged. Code is running fine in VS10.

这篇关于将C ++ DLL，Injection（C＃）转换为一个进程的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！