-
Notifications
You must be signed in to change notification settings - Fork 0
/
dll_inject.c
executable file
·30 lines (27 loc) · 1.13 KB
/
dll_inject.c
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
#include "dll_inject.h"
void inject(int pid, char* dll_path){
HANDLE process = OpenProcess(PROCESS_ALL_ACCESS, TRUE, pid);
if(!process) {
printf("Could not open process with pid: %d \n", pid);
return;
}
HMODULE kernel32_module = GetModuleHandle(L"kernel32.dll");
if(!kernel32_module) {
printf("Could not find kernel32.dll in process memory.");
return;
}
DWORD LoadLibraryA_addr = GetProcAddress(kernel32_module, "LoadLibraryA");
if(!LoadLibraryA_addr) {
printf("Could not get LoadLibraryA address. \n");
return;
}
LPVOID dllpath_addr = VirtualAllocEx(process, NULL, sizeof(dll_path), MEM_RESERVE | MEM_COMMIT, PAGE_EXECUTE_READWRITE);
WriteProcessMemory(process, dllpath_addr, dll_path, sizeof(dll_path), 0);
HANDLE remoteThread = CreateRemoteThread(process, NULL, NULL, (LPTHREAD_START_ROUTINE) LoadLibraryA_addr, dllpath_addr, NULL, NULL);
if(!remoteThread) {
printf("Creating remote thread failed \n" );
return;
}
WaitForSingleObject(remoteThread, INT_MAX);
VirtualFreeEx(process, dllpath_addr, sizeof(dll_path), MEM_FREE);
}