Code updated for 5.20+Injects Procedure(RemoteThread()) into another process(notepad.exe)...
alot of the code is now coded by DarkDragon so I hope he is fine with me putting it here
createremotethread not supported within windows 9x
uses latest droopylib
Method without create process as suspended
Code:
;thanks for everyone who have helped with this
DisableDebugger ;DISABLES DEBUGGER! This is needed.
Procedure RemoteThread()
MessageRequester("Success","Injection worked.")
EndProcedure
Procedure InjectCode(Process.s, *lpCodeToInject)
RunProgram(Process)
dwPID = GetPidProcess(GetFilePart(Process))
hProcess = OpenProcess_(#PROCESS_ALL_ACCESS, #False, dwPID)
dwWritten.l = #Null
pbModule.l = GetModuleHandle_(#Null)
DwSize.l=PeekL(pbmodule+PeekW(pbmodule+$3c)+$50)
VirtualFreeEx_(hProcess, pbModule, 0, #MEM_RELEASE)
lpBuffer.l = VirtualAllocEx_(hProcess, pbModule, dwSize, #MEM_COMMIT | #MEM_RESERVE, #PAGE_EXECUTE_READWRITE)
If lpBuffer = #Null : ProcedureReturn #False : EndIf
If WriteProcessMemory_(hProcess, pbModule, pbModule, dwSize, dwWritten) = 0
ProcedureReturn #False
EndIf
hThread.l = CreateRemoteThread_(hProcess, #Null, 0, *lpCodeToInject, pbModule, #Null, #Null)
If hThread=#Null : ProcedureReturn #False : EndIf
CloseHandle_(hThread) : CloseHandle_(hProcess) : ProcedureReturn #True
EndProcedure
If InjectCode("notepad.exe", @RemoteThread()) = #False
MessageRequester("Error!", "Injection failed!")
EndIf
End
alternative method:
Code:
;whole idea to use create process as suspended is by DarkDragon
;thanks for everyone who have helped with this
DisableDebugger ;DISABLES DEBUGGER! This is needed.
Procedure RemoteThread()
MessageRequester("Success", "Injection successed!")
EndProcedure
Procedure InjectCode(Process.s, *lpCodeToInject)
CreateProcess_(0,Process.s,0,0,0,#CREATE_SUSPENDED,0,0,@sinfo.STARTUPINFO,@pinfo.PROCESS_INFORMATION)
dwPID = pinfo\dwProcessId
hProcess = pinfo\hProcess
dwWritten = #Null : pbModule = GetModuleHandle_(0) : DwSize = PeekL(pbmodule+PeekW(pbmodule+$3c)+$50)
VirtualFreeEx_(hProcess, pbModule, 0, #MEM_RELEASE)
lpBuffer = VirtualAllocEx_(hProcess, pbModule, dwSize, #MEM_COMMIT | #MEM_RESERVE, #PAGE_EXECUTE_READWRITE)
If lpBuffer = #Null : While ResumeThread_(pinfo\hThread)>1 : Wend : CloseHandle_(hProcess) : ProcedureReturn #False : EndIf
If WriteProcessMemory_(hProcess, lpBuffer, pbModule, dwSize, dwWritten) = 0
While ResumeThread_(pinfo\hThread)>1 : Wend : CloseHandle_(hProcess)
ProcedureReturn #False
EndIf
hThread = CreateRemoteThread_(hProcess, #Null, 0, *lpCodeToInject, pbModule, #Null, #Null)
If hThread=#Null : CloseHandle_(hProcess) : ProcedureReturn #False : EndIf
While ResumeThread_(pinfo\hThread)>1 : Wend
CloseHandle_(hThread)
ProcedureReturn #True
EndProcedure
If InjectCode("notepad.exe", @RemoteThread()) = #False
MessageRequester("Error!", "Injection failed!")
EndIf
End
FAQ
Search
Register
Login
