Ir para conteúdo
Faça parte da equipe! (2024) ×
Conheça nossa Beta Zone! Novas áreas a caminho! ×
  • Quem está por aqui   0 membros estão online

    • Nenhum usuário registrado visualizando esta página.

Como criar um ijetor


Posts Recomendados

criando um IJETOR

______________________________________________

Requerido

3 CommandButton

2 Label

3 Module

1 Timer

1 CommonDialog1(Componente Microsoft Common Dialog Control 6.0)

1 Label

 

Tutorial:

 

- Adicione todos os componentes e ferramentas no form e organize desta forma(se preferir):

 

 

- Text1 será o campo para procurar a Dll e o Text2 será para colocar o nome da Janela.

- Adicione o seguinte código no CommandButton de Procurar:

CODE

Dim sTemp As String

CommonDialog1.FileName = "*.dll"

CommonDialog1.ShowOpen

Text1.Text = CommonDialog1.FileName

 

- Adicione o Seguinte Código no CommandButton Auto-Inject Status-OFF:

CODE

If Text1.Text = "" Then Exit Sub

If Text2.Text = "" Then Exit Sub

 

If Command1.Caption = "Status do Injetor: OFF" Then

Timer1.Enabled = True

Command1.Caption = "Status do Injetor: ON"

Exit Sub

Else

Command1.Caption = "Status do Injetor: OFF"

Timer1.Enabled = False

Label1.Caption = "Esperando para Injetar a Dll"

End If

 

 

- Declare o seguinte código no seu projeto:

CODE

Option Explicit

Private Const PROCESS_ALL_ACCESS As Long = &H1F0FFF

Private Declare Function OpenProcess Lib "kernel32" (ByVal dwDesiredAccess As Long, ByVal bInheritHandle As Long, ByVal dwProcessId As Long) As Long

Private Declare Function GetWindowThreadProcessId Lib "user32" (ByVal hwnd As Long, lpdwProcessId As Long) As Long

Private Declare Function GetWindowText Lib "User32.dll" Alias "GetWindowTextA" (ByVal hwnd As Long, ByVal lpString As String, ByVal cch As Long) As Long

Private Declare Function GetWindowTextLength Lib "User32.dll" Alias "GetWindowTextLengthA" (ByVal hwnd As Long) As Long

Private Declare Function GetClassName Lib "user32" Alias "GetClassNameA" (ByVal hwnd As Long, ByVal lpClassName As String, ByVal nMaxCount As Long) As Long

Private Declare Function GetParent Lib "user32" (ByVal hwnd As Long) As Long

Private Declare Function WindowFromPoint Lib "user32" (ByVal xPoint As Long, ByVal yPoint As Long) As Long

Const SW_SHOW = 5

 

- No CommandButton Fechar Adicione o seguinte código:

CODE

End

 

 

- No Form no evento Load adicione:

CODE

GetSeDebugPrivelege

Label1.Caption = "Esperando Injeção de Dll"

 

 

- No timer adicione o código abaixo:

CODE

On Error Resume Next

Dim hwnd As Long

Dim pid As Long

Dim lSuccess&

Dim pHandle As Long

 

hwnd = FindWindow(vbNullString, Text2.Text)

GetWindowThreadProcessId hwnd, pid

pHandle = OpenProcess(PROCESS_ALL_ACCESS, False, pid)

 

If hwnd = 0 Then

Label1.Caption = "Procurando pelo nome da Janela..."

Else

Label1.Caption = "Nome da Janela não encontrado!"

GetWindowThreadProcessId hwnd, pid

Label1.Caption = pid

lSuccess = InjectLibrary(pid, Text1.Text)

End If

 

pHandle = OpenProcess(PROCESS_ALL_ACCESS, False, pid)

MsgBox pid

lSuccess = InjectLibrary(pid, App.Path & "\Morphine.dll")

If lSuccess > 0 Then

Label1.Caption = "Dll Injetada com sucesso!!"

Timer1.Enabled = False

Exit Sub

Else

Label1.Caption = "Esperando a Injeção da DLL..."

End If

End Sub

 

 

Agora vem a parte das Modules

 

- Mude o nome de todas as modules para os seguintes nomes:

1º - modDebugPriveleges

2º - modFiles

3º - modInjection

 

- Na Module modDebugPriveleges Adicione o seguinte:

CODE

Option Explicit

 

Private Const SE_DEBUG_NAME As String = "SeDebugPrivilege"

Private Const TOKEN_ADJUST_PRIVILEGES As Long = &H20

Private Const TOKEN_QUERY As Long = &H8

Private Const SE_PRIVILEGE_ENABLED As Long = &H2

 

Private Type LUID

LowPart As Long

HighPart As Long

End Type

 

Private Type LUID_AND_ATTRIBUTES

pLuid As LUID

Attributes As Long

End Type

 

Private Type TOKEN_PRIVILEGES

PrivilegeCount As Long

TheLuid As LUID

Attributes As Long

End Type

 

Private Declare Function GetCurrentProcess Lib "kernel32.dll" () As Long

Private Declare Function OpenProcessToken Lib "advapi32.dll" (ByVal ProcessHandle As Long, ByVal DesiredAccess As Long, ByRef TokenHandle As Long) As Long

Private Declare Function LookupPrivilegeValue Lib "advapi32.dll" Alias "LookupPrivilegeValueA" (ByVal lpSystemName As String, ByVal lpName As String, lpLuid As LUID) As Long

Private Declare Function AdjustTokenPrivileges Lib "advapi32.dll" (ByVal TokenHandle As Long, ByVal DisableAllPrivileges As Long, ByRef NewState As TOKEN_PRIVILEGES, ByVal BufferLength As Long, ByRef PreviousState As TOKEN_PRIVILEGES, ByRef ReturnLength As Long) As Long

Private Declare Function GetLastError Lib "kernel32" () As Long

 

Public Sub GetSeDebugPrivelege()

LoadPrivilege SE_DEBUG_NAME

End Sub

 

Public Function LoadPrivilege(ByVal Privilege As String) As Boolean

On Error GoTo ErrHandler

 

Dim hToken&, SEDebugNameValue As LUID, tkp As TOKEN_PRIVILEGES, hProcessHandle&, tkpNewButIgnored As TOKEN_PRIVILEGES, lBuffer&

 

hProcessHandle = GetCurrentProcess()

OpenProcessToken hProcessHandle, (TOKEN_ADJUST_PRIVILEGES Or TOKEN_QUERY), hToken

LookupPrivilegeValue "", Privilege, SEDebugNameValue

 

With tkp

.PrivilegeCount = 1

.TheLuid = SEDebugNameValue

.Attributes = SE_PRIVILEGE_ENABLED

End With

 

AdjustTokenPrivileges hToken, False, tkp, Len(tkp), tkpNewButIgnored, lBuffer

LoadPrivilege = True

 

Exit Function

ErrHandler:

MsgBox "An error occurred retrieving SE_DEBUG_NAME prileges in the LoadPrivelege() function. Note: This program is running without debug priveleges, that may interfere with removing the infection.", vbCritical + vbOKOnly

Resume Next

End Function

 

 

- Na Module modFiles Adicione o seguinte:

CODE

Option Explicit

 

Public Function FileExists(sFile$) As Boolean

If Trim$(sFile) = vbNullString Then Exit Function

 

FileExists = IIf(Dir(sFile, vbArchive + vbHidden + vbReadOnly + vbSystem) <> vbNullString, True, False)

End Function

 

Public Function TrimNull$(sToTrim$)

If InStr(sToTrim, Chr(0)) > 0 Then

TrimNull = Left$(sToTrim, InStr(sToTrim, Chr(0)) - 1)

Else

TrimNull = sToTrim

End If

End Function

 

 

- Na Module modInjection Adicione o seguinte:

CODE

Option Explicit

 

Private Const PROCESS_ALL_ACCESS = &H1F0FFF

 

Private Const INFINITE = &HFFFFFFFF

 

Private Const MEM_COMMIT = &H1000

Private Const MEM_RELEASE = &H8000

Private Const PAGE_READWRITE = &H4

 

Public Declare Function GetCurrentProcessId Lib "kernel32" () As Long

 

Private Declare Function VirtualAllocEx Lib "kernel32" (ByVal hProcess As Long, lpAddress As Any, ByVal dwSize As Long, ByVal flAllocationType As Long, ByVal flProtect As Long) As Long

 

Private Declare Function VirtualFreeEx Lib "kernel32" (ByVal hProcess As Long, lpAddress As Any, ByVal dwSize As Long, ByVal dwFreeType As Long) As Long

 

Private Declare Function OpenProcess Lib "kernel32" (ByVal dwDesiredAccess As Long, ByVal bInheritHandle As Long, ByVal dwProcessId As Long) As Long

 

Private Declare Function WriteProcessMemory Lib "kernel32" (ByVal hProcess As Long, lpBaseAddress As Any, lpBuffer As Any, ByVal nSize As Long, lpNumberOfBytesWritten As Long) As Long

 

Private Declare Function GetModuleHandle Lib "kernel32" Alias "GetModuleHandleA" (ByVal lpModuleName As String) As Long

 

Private Declare Function GetProcAddress Lib "kernel32" (ByVal hModule As Long, ByVal lpProcName As String) As Long

 

Private Declare Function CreateRemoteThread Lib "kernel32" (ByVal hProcess As Long, lpThreadAttributes As Any, ByVal dwStackSize As Long, lpStartAddress As Long, lpParameter As Any, ByVal dwCreationFlags As Long, lpThreadId As Long) As Long

 

Private Declare Function WaitForSingleObject Lib "kernel32" (ByVal hHandle As Long, ByVal dwMilliseconds As Long) As Long

 

Private Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As Long

 

Private Declare Function LoadLibrary Lib "kernel32" Alias "LoadLibraryA" (ByVal lpLibFileName As String) As Long

 

Public Declare Function FindWindow Lib "user32" Alias "FindWindowA" (ByVal lpClassName As String, ByVal lpWindowName As String) As Long

Public Declare Function GetWindowThreadProcessId Lib "user32" (ByVal hwnd As Long, lpdwProcessId As Long) As Long

Public Declare Function ReadProcessMemory Lib "kernel32" (ByVal hProcess As Long, ByVal lpBaseAddress As Any, ByVal lpBuffer As Any, ByVal nSize As Long, lpNumberOfBytesWritten As Long) As Long

 

 

Public Function InjectLibrary(lPID&, sLibrary$) As Long

Dim hProcess&, hThread&, lLinkToLibrary&, lSize&, hKernel&

 

If Not FileExists(sLibrary) Then

MsgBox "Arquivo Não Existe!"

Exit Function

End If

 

If lPID = GetCurrentProcessId() Then

InjectLibrary = InjectIntoMe(sLibrary)

 

Exit Function

End If

 

hProcess = OpenProcess(PROCESS_ALL_ACCESS, 0, lPID)

 

If hProcess = 0 Then

MsgBox "hProcess returned NULL"

Exit Function

End If

 

lSize = LenB(StrConv(sLibrary, vbFromUnicode)) + 1

lLinkToLibrary = VirtualAllocEx(hProcess, 0&, lSize, MEM_COMMIT, PAGE_READWRITE)

 

If lLinkToLibrary = 0 Then

CloseHandle hProcess

 

MsgBox "lLinkToLibrary failed"

Exit Function

End If

 

If (WriteProcessMemory(hProcess, lLinkToLibrary, ByVal sLibrary, lSize, ByVal 0&) = 0) Then

CloseHandle hProcess

If lLinkToLibrary <> 0 Then VirtualFreeEx hProcess, lLinkToLibrary, 0, MEM_RELEASE

 

MsgBox "WriteProcessMemory failed"

Exit Function

End If

 

hKernel = GetProcAddress(GetModuleHandle("Kernel32"), "LoadLibraryA")

 

If hKernel = 0 Then

CloseHandle hProcess

If lLinkToLibrary <> 0 Then VirtualFreeEx hProcess, lLinkToLibrary, 0, MEM_RELEASE

 

MsgBox "hKernel returned NULL"

Exit Function

End If

 

hThread = CreateRemoteThread(hProcess, ByVal 0&, 0&, ByVal hKernel, lLinkToLibrary, 0, ByVal 0&)

 

If hThread = 0 Then

CloseHandle hKernel

CloseHandle hProcess

If lLinkToLibrary <> 0 Then VirtualFreeEx hProcess, lLinkToLibrary, 0, MEM_RELEASE

 

MsgBox "hThread returned NULL."

Exit Function

End If

 

WaitForSingleObject hThread, 2000

 

If lLinkToLibrary <> 0 Then VirtualFreeEx hProcess, lLinkToLibrary, 0, MEM_RELEASE

 

If hKernel <> 0 Then CloseHandle (hKernel)

If hThread <> 0 Then CloseHandle (hThread)

If hProcess <> 0 Then CloseHandle (hProcess)

 

InjectLibrary = 1

End Function

 

Private Function InjectIntoMe(sLibrary$) As Long

InjectIntoMe = LoadLibrary(sLibrary)

End Function

 

 

Pronto é apenas isso, qualquer dúvida é só postar neste topico ou na area suporte que estarei resolvendo todos os problemas. Está Funcionando Totalmente para qualquer

Jogo.

não seja um pão duro agradeça:p

download:http://www.sendspace.com/file/4hpmz9

Link para o comentário
Compartilhar em outros sites

Este tópico está impedido de receber novos posts.
 Compartilhar

×
×
  • Criar Novo...

Informação Importante

Nós fazemos uso de cookies no seu dispositivo para ajudar a tornar este site melhor. Você pode ajustar suas configurações de cookies , caso contrário, vamos supor que você está bem para continuar.