Okay so I made a DLL injector in VB.net a while ago. It works fine with any DLL except for mine. So I know the problem is with the DLL. Here is the injector's code:
好的,所以我在不久前在VB.net中制作了一个DLL注入器。除了我的DLL之外,它适用于任何DLL。所以我知道问题在于DLL。这是注射器的代码:
Private Function Inject(ByVal pID As Integer, ByVal dllLocation As String) As Boolean
Dim hProcess As Integer = OpenProcess(&H1F0FFF, 1, pID)
If hProcess = 0 Then
Return False
MessageBox.Show("Could not open process!")
End If
Dim dllBytes As Byte() = System.Text.Encoding.ASCII.GetBytes(dllLocation)
Dim allocAddress As Integer = VirtualAllocEx(hProcess, 0, dllBytes.Length, &H1000, &H4)
If allocAddress = Nothing Then
Return False
MessageBox.Show("Could not allocate the address!")
End If
Dim kernelMod As Integer = GetModuleHandle("kernel32.dll")
Dim loadLibAddr = GetProcAddress(kernelMod, "LoadLibraryA")
If (kernelMod = 0) Then
MessageBox.Show("Could not get the Module")
Return False
End If
If (loadLibAddr = 0) Then
MessageBox.Show("get the Process address!")
Return False
End If
WriteProcessMemory(hProcess, allocAddress, dllBytes, dllBytes.Length, 0)
Dim libThread As Integer = CreateRemoteThread(hProcess, 0, 0, loadLibAddr, allocAddress, 0, 0)
If libThread = 0 Then
Return False
MessageBox.Show("Error Creating thread!")
Else
WaitForSingleObject(libThread, 5000)
CloseHandle(libThread)
End If
CloseHandle(hProcess)
Threading.Thread.Sleep(1000)
Return True
End Function
This writes the process memory and creates a remote thread.
这会写入进程内存并创建远程线程。
Now my project has two files: the header and the CPP File.
现在我的项目有两个文件:标题和CPP文件。
Header:
标题:
#ifdef MAINLIB_EXPORTS
#define MAINLIB_API __declspec(dllexport)
#else
#define MAINLIB_API __declspec(dllexport)
#endif
extern "C" MAINLIB_API DWORD TestFunction();
And the CPP:
和CPP:
#define WIN32_LEAN_AND_MEAN
#include <windows.h>
#include <stdio.h>
#include "dll.h"
#include "Urlmon.h"
BOOL APIENTRY DllMain( HANDLE hModule, DWORD ul_reason_for_call, LPVOID lpReserved)
{
hModule;
lpReserved;
switch (ul_reason_for_call)
{
case DLL_PROCESS_ATTACH:
case DLL_THREAD_ATTACH:
case DLL_THREAD_DETACH:
case DLL_PROCESS_DETACH:
break;
}
return TRUE;
}
DWORD TestFunction()
{
MessageBox(0, TEXT("LOL"), TEXT("LMAO"), MB_OK);
return 1;
}
From what I understand is that this should run TestFunction on injection. But it doesn't. Any solutions/helpful pages I could use?
据我所知,这应该在注入时运行TestFunction。但事实并非如此。我可以使用任何解决方案/帮助页面?
1 个解决方案
#1
3
There is nothing in your code that specifies TestFunction needs to be called. Once the DLL is attached to the process only DllMain and global objects needing initialization are called. You need to call TestFunction when processing DLL_PROCESS_ATTACH.
您的代码中没有任何内容指定需要调用TestFunction。一旦DLL附加到进程,只调用DllMain和需要初始化的全局对象。处理DLL_PROCESS_ATTACH时需要调用TestFunction。
DWORD TestFunction();
BOOL APIENTRY DllMain( HANDLE hModule, DWORD ul_reason_for_call, LPVOID lpReserved)
{
hModule;
lpReserved;
switch (ul_reason_for_call)
{
case DLL_PROCESS_ATTACH:
TestFunction(); // < call TestFunction ONCE when dll is loaded
break;
case DLL_THREAD_ATTACH:
case DLL_THREAD_DETACH:
case DLL_PROCESS_DETACH:
break;
}
return TRUE;
}
DWORD TestFunction()
{
MessageBox(0, TEXT("LOL"), TEXT("LMAO"), MB_OK);
return 1;
}
#1
3
There is nothing in your code that specifies TestFunction needs to be called. Once the DLL is attached to the process only DllMain and global objects needing initialization are called. You need to call TestFunction when processing DLL_PROCESS_ATTACH.
您的代码中没有任何内容指定需要调用TestFunction。一旦DLL附加到进程,只调用DllMain和需要初始化的全局对象。处理DLL_PROCESS_ATTACH时需要调用TestFunction。
DWORD TestFunction();
BOOL APIENTRY DllMain( HANDLE hModule, DWORD ul_reason_for_call, LPVOID lpReserved)
{
hModule;
lpReserved;
switch (ul_reason_for_call)
{
case DLL_PROCESS_ATTACH:
TestFunction(); // < call TestFunction ONCE when dll is loaded
break;
case DLL_THREAD_ATTACH:
case DLL_THREAD_DETACH:
case DLL_PROCESS_DETACH:
break;
}
return TRUE;
}
DWORD TestFunction()
{
MessageBox(0, TEXT("LOL"), TEXT("LMAO"), MB_OK);
return 1;
}