FoemaPc 0 Postado 10 de Março 2011 Compartilhar Postado 10 de Março 2011 Aii vaii custei pra fazer mais ta aii:: Lembrando que é em Visual Basic 6 Vamos precisar de : 3 CommandButton 4 Label 1 Timer 2 TextBox 1 Microsoft Common Dialog Control 6.0 3 Module 2 Option Vamos começar: No Form Load declare o Seguinte código : Option1(0).Value = True Text2.Text = Load("HProcess", "Box2") If Text2.Text = Check Then Text2.Text = "" Text1.Text = Load("DllPath", "Box1") If Text1.Text = Check Then Text1.Text = "" Feito isso vamos proceguir. 2° Adicione os CommandButton e dê o nome De : Command1 = cmdInjetar Command2 = cmdprocurar Command3 = cmdprocurar2 Agora Adicione o Seguinte Código no "cmdInjetar" If ExeName = 1 Then ProsH = GetHProcExe(Text2.Text) If ProsH = 0 Then Label1.Caption = "Cant find process!": Exit Sub DllPath = Text1.Text InjectDll DllPath, ProsH Else ProsH = FindProc(Text2.Text) If ProsH = 0 Then Label1.Caption = "Cant find process!": Exit Sub DllPath = Text1.Text InjectDll DllPath, ProsH End If Agora Adicione os Seguintes Códigos no "cmdprocurar" CommonDialog1.Filter = "Application|*.EXE" CommonDialog1.ShowOpen Text2.Text = CommonDialog1.FileTitle Text2.SetFocus Agora os Códigos no "cmdprocurar2" CommonDialog1.Filter = "Library|*.DLL" CommonDialog1.ShowOpen Text1.Text = CommonDialog1.FileName Text1.SetFocus Agora Adicione o Componente Microsoft Common Dialog Control 6.0 pressionando CTRL+T, e Declare o Segunte Código : Private Declare Function GetAsyncKeyState Lib "USER32" (ByVal vKey As Long) As Integer Dim Content As String Dim DllPath As String Agora feito isso Adicione um Timer e ponhe o seguinte código : keyresult = GetAsyncKeyState(96) If keyresult = -32767 Then If ExeName = 1 Then ProsH = GetHProcExe(Text2.Text) If ProsH = 0 Then Label1.Caption = "Cant find process!": Exit Sub DllPath = Text1.Text InjectDll DllPath, ProsH Else ProsH = FindProc(Text2.Text) If ProsH = 0 Then Label1.Caption = "Cant find process!": Exit Sub DllPath = Text1.Text InjectDll DllPath, ProsH End If End If Agora Adicione as Label e dê o nome no Caption de "Processo.EXE" e "DLL Patch" Adicione os 2 "Option" e para o "Option0" Mude o Nome do Caption para "Nome EXE" e ponhe o seguinte código: Private Sub Option0_Click(Index As Integer) Select Case Index Case 0 Label4.Caption = "Process EXE name:" Command3.Enabled = True ExeName = 1 Case 1 Label4.Caption = "Process Window Name:" Command3.Enabled = False ExeName = 2 End Select End Sub No "Option1" de o nome do Caption para "Nome da Janela" e adicione o código abaixo: Private Sub Option1_Click(Index As Integer) Select Case Index Case 0 Label4.Caption = "Process EXE name:" Command3.Enabled = True ExeName = 1 Case 1 Label4.Caption = "Process Window Name:" Command3.Enabled = False ExeName = 2 End Select End Sub Declare também esse Código em Sua "Form" Private Sub Form_Unload(Cancel As Integer) Call Save("HProcess", "Box2", Text2.Text) Call Save("DllPath", "Box1", Text1.Text) End Sub Adicione mais 2 Label e de o Nome do Caption para : "Status da Injeção" e "Esperando..." Agora Adicione 3 Modules e renomeias para : Module1 = DllInjector Module2 = modGetHProcExe Module3 = SaveSets Adicione os seguintes Códigos no Module "DllInjector" 'VB DLL injector 'By RodrigoEviL 'All the shit it takes to make VB to inject dlls... Private Declare Function GetProcAddress Lib "kernel32" (ByVal hModule As Long, ByVal lpProcName As String) As Long Private Declare Function GetModuleHandle Lib "kernel32" Alias "GetModuleHandleA" (ByVal lpModuleName As String) As Long Private Declare Function LoadLibrary Lib "kernel32" Alias "LoadLibraryA" (ByVal lpLibFileName As String) As Long Private Declare Function VirtualAllocEx Lib "kernel32" (ByVal hProcess As Long, lpAddress As Any, ByVal dwSize As Long, ByVal fAllocType As Long, FlProtect As Long) As Long Public Declare Function WriteProcessMemory Lib "kernel32" (ByVal hProcess As Long, ByVal lpBaseAddress As Any, lpBuffer As Any, ByVal nSize As Long, lpNumberOfBytesWritten As Long) As Long Private Declare Function CreateRemoteThread Lib "kernel32" (ByVal ProcessHandle As Long, lpThreadAttributes As Long, ByVal dwStackSize As Long, ByVal lpStartAddress As Any, ByVal lpParameter As Any, ByVal dwCreationFlags As Long, lpThreadID As Long) As Long Public ProsH As Long 'The Injection Function Public Function InjectDll(DllPath As String, ProsH As Long) Dim DLLVirtLoc As Long, DllLength, Inject As Long, LibAddress As Long Dim CreateThread As Long, ThreadID As Long 'STEP 1 - The easy part...Putting the bitch in the process' memory Form1.Label1.Caption = "Injecting......" 'Find a nice spot for your DLL to chill using VirtualAllocEx DllLength = Len(DllPath) DLLVirtLoc = VirtualAllocEx(ProsH, ByVal 0, DllLength, &H1000, ByVal &H4) If DLLVirtLoc = 0 Then Form1.Label1.Caption = "VirtualAllocEx API failed!": Exit Function 'Inject the Dll into that spot Inject = WriteProcessMemory(ProsH, DLLVirtLoc, ByVal DllPath, DllLength, vbNull) If Inject = 0 Then Form1.Label1.Caption = "Failed to Write DLL to Process!" Form1.Label1.Caption = "Dll Injected...Creating Thread....." 'STEP 2 - Loading it in the process 'This is where it gets a little interesting.... 'Just throwing our Dll into the process isnt going to do shit unless you 'Load it into the precess address using LoadLibrary. The LoadLibrary function 'maps the specified executable module into the address space of the 'calling process. You call LoadLibrary by using CreateRemoteThread to 'create a thread(no shit) that runs in the address space of another process. 'First we find the LoadLibrary API function and store it LibAddress = GetProcAddress(GetModuleHandle("kernel32.dll"), "LoadLibraryA") If LibAddress = 0 Then Form1.Label1.Caption = "Can't find LoadLibrary API from kernel32.dll": Exit Function 'Next, the part the took me damn near 2 hours to figure out - using CreateRemoteThread 'We set a pointer to LoadLibrary(LibAddress) in our process, LoadLibrary then puts 'our Dll(DLLVirtLoc) into the process address. Easy enough right? CreateThread = CreateRemoteThread(ProsH, vbNull, 0, LibAddress, DLLVirtLoc, 0, ThreadID) If CreateThread = 0 Then Form1.Label1.Caption = "Failed to Create Thead!" Form1.Label1.Caption = "Dll Injection Successful!" End Function No Module2 "modGetHProcExe" Adicione o Código: 'I DID NOT CREATE THIS MODULE! Im in love with who ever did though Public Const PROCESS_ALL_ACCESS As Long = &H1F0FFF Option Explicit Public Declare Function OpenProcess Lib "kernel32" (ByVal dwDesiredAccess As Long, ByVal bInheritHandle As Long, ByVal dwProcessId As Long) As Long Public Declare Function FindWindow Lib "USER32" Alias "FindWindowA" (ByVal Classname As String, ByVal WindowName As String) As Long Public Declare Function GetWindowThreadProcessId Lib "USER32" (ByVal hwnd As Long, lpdwProcessId As Long) As Long Private Declare Function CreateToolhelpSnapshot Lib "kernel32" Alias "CreateToolhelp32Snapshot" (ByVal lFlags As Long, ByVal lProcessID As Long) As Long Private Declare Function Process32First Lib "kernel32" (ByVal hSnapShot As Long, uProcess As PROCESSENTRY32) As Long Private Declare Function Process32Next Lib "kernel32" (ByVal hSnapShot As Long, uProcess As PROCESSENTRY32) As Long Private Declare Sub CloseHandle Lib "kernel32" (ByVal hPass As Long) Private Type PROCESSENTRY32 dwSize As Long cntUsage As Long th32ProcessID As Long th32DefaultHeapID As Long th32ModuleID As Long cntThreads As Long th32ParentProcessID As Long pcPriClassBase As Long dwFlags As Long szExeFile As String * 260 End Type Public Function GetHProcExe(strExeName As String) As Long Dim hSnap As Long 'Create a snapshot of all of the processes, and information 'about them (saving the handle so we can iterate through the 'processes) hSnap = CreateToolhelpSnapshot(2, 0) Dim peProcess As PROCESSENTRY32 peProcess.dwSize = LenB(peProcess) Dim nProcess As Long nProcess = Process32First(hSnap, peProcess) 'Loop through the processes until we find the one we want 'and return its process handle Do While nProcess If StrComp(Trim$(peProcess.szExeFile), strExeName, vbTextCompare) _ = 0 Then GetHProcExe = OpenProcess(PROCESS_ALL_ACCESS, False, peProcess.th32ProcessID) Exit Function End If peProcess.szExeFile = vbNullString nProcess = Process32Next(hSnap, peProcess) Loop CloseHandle hSnap End Function Public Function FindProc(ProcName As String) As Long Dim hwnd As Long Dim ProcessID As Long Dim ProcessHandle As Long hwnd = FindWindow(vbNullString, ProcName) GetWindowThreadProcessId hwnd, ProcessID ProcessHandle = OpenProcess(PROCESS_ALL_ACCESS, False, ProcessID) FindProc = ProcessHandle End Function No Module3 "SaveSets" Adicione : Declare Function WritePrivateProfileString Lib "kernel32" Alias "WritePrivateProfileStringA" (ByVal lpApplicationname As String, ByVal lpKeyName As Any, ByVal lsString As Any, ByVal lplFilename As String) As Long Declare Function GetPrivateProfileString Lib "kernel32" Alias "GetPrivateProfileStringA" (ByVal lpApplicationname As String, ByVal lpKeyName As String, ByVal lpDefault As String, ByVal lpReturnedString As String, ByVal nSize As Long, ByVal lpFileName As String) As Long Public Check As String Public Function Load(Section As String, Key As String) As String Dim lngResult As Long Dim strFileName Dim strResult As String * 300 strFileName = App.Path & "\sets.ini" lngResult = GetPrivateProfileString(Section, Key, strFileName, strResult, Len(strResult), strFileName) Check = App.Path & "\sets.ini" Load = Trim(strResult) End Function Public Function Save(Section As String, Key As String, Content As String) Dim lngResult As Long Dim strFileName strFileName = App.Path & "\sets.ini" lngResult = WritePrivateProfileString(Section, Key, Content, strFileName) End Function Feito Tudo isso você terminou Seu Injetor de DLL's Créditos : FoemaPc [/i] ᅠᅠMural de Coleçõesᅠᅠ Clique aqui e adquira suas medalhas Link para o comentário Compartilhar em outros sites Mais opções de compartilhamento...
Infernnal 0 Postado 10 de Março 2011 Compartilhar Postado 10 de Março 2011 Bom tópico, organizado, e com cores. Só ficou faltando umas SS pra ajudar a entender melhor Abs' ᅠᅠMural de Coleçõesᅠᅠ Clique aqui e adquira suas medalhas Link para o comentário Compartilhar em outros sites Mais opções de compartilhamento...
LeoGalvezRod 2.638 Postado 10 de Março 2011 Compartilhar Postado 10 de Março 2011 Ótimo tutorial !!! Só faltou a SS mesmo !!! Vou fazer meu Injetor !!! MUAHAHAHA ᅠᅠMural de Coleçõesᅠᅠ Clique aqui e adquira suas medalhas Link para o comentário Compartilhar em outros sites Mais opções de compartilhamento...
supergha12 0 Postado 14 de Março 2011 Compartilhar Postado 14 de Março 2011 esquece isso que eu fali o tópico ta bom só acho que precisava de imagens ᅠᅠMural de Coleçõesᅠᅠ Clique aqui e adquira suas medalhas Link para o comentário Compartilhar em outros sites Mais opções de compartilhamento...
felipesjc17 0 Postado 14 de Março 2011 Compartilhar Postado 14 de Março 2011 :aplauso::calma: :mad::) ᅠᅠMural de Coleçõesᅠᅠ Clique aqui e adquira suas medalhas Link para o comentário Compartilhar em outros sites Mais opções de compartilhamento...
supergha12 0 Postado 14 de Março 2011 Compartilhar Postado 14 de Março 2011 eu não stou encontrando o microsof common control ----- -ajuda aew aff nem ta funcionando isso ᅠᅠMural de Coleçõesᅠᅠ Clique aqui e adquira suas medalhas Link para o comentário Compartilhar em outros sites Mais opções de compartilhamento...
Leoaffonseca 0 Postado 18 de Março 2011 Compartilhar Postado 18 de Março 2011 Ai man, ta muito bom o topico, parabens.. Apenas coloca umas SS ! Pra Ensinar mior ! ᅠᅠMural de Coleçõesᅠᅠ Clique aqui e adquira suas medalhas Link para o comentário Compartilhar em outros sites Mais opções de compartilhamento...
.png.dc25f11ba247b4d002e895718e4ff002.png.aa07e248d51d1265c52c464f522e0569.png)
Posts Recomendados