To facilitate those comrades who do not understand or do not want to use C ++, I converted the source code of the C ++ DLL injector into C #. This is a very simple and practical injector that uses createremotethread, writeprocessmemory, virtualallocex APIs
1 using System; 2 using System.Diagnostics; 3 using System.IO; 4 using System.Runtime.InteropServices; 5 using System.Text; 6 7 namespace GijSoft.DllInjection 8 { 9 public enum DllInjectionResult 10 { 11 DllNotFound, 12 GameProcessNotFound, 13 InjectionFailed, 14 Success 15 } 16 17 public sealed class DllInjector 18 { 19 static readonly IntPtr INTPTR_ZERO = (IntPtr)0; 20 21 [DllImport("kernel32.dll", SetLastError = true)] 22 static extern IntPtr OpenProcess(uint dwDesiredAccess, int bInheritHandle, uint dwProcessId); 23 24 [DllImport("kernel32.dll", SetLastError = true)] 25 static extern int CloseHandle(IntPtr hObject); 26 27 [DllImport("kernel32.dll", SetLastError = true)] 28 static extern IntPtr GetProcAddress(IntPtr hModule, string lpProcName); 29 30 [DllImport("kernel32.dll", SetLastError = true)] 31 static extern IntPtr GetModuleHandle(string lpModuleName); 32 33 [DllImport("kernel32.dll", SetLastError = true)] 34 static extern IntPtr VirtualAllocEx(IntPtr hProcess, IntPtr lpAddress, IntPtr dwSize, uint flAllocationType, uint flProtect); 35 36 [DllImport("kernel32.dll", SetLastError = true)] 37 static extern int WriteProcessMemory(IntPtr hProcess, IntPtr lpBaseAddress, byte[] buffer, uint size, int lpNumberOfBytesWritten); 38 39 [DllImport("kernel32.dll", SetLastError = true)] 40 static extern IntPtr CreateRemoteThread(IntPtr hProcess, IntPtr lpThreadAttribute, IntPtr dwStackSize, IntPtr lpStartAddress, 41 IntPtr lpParameter, uint dwCreationFlags, IntPtr lpThreadId); 42 43 static DllInjector _instance; 44 45 public static DllInjector GetInstance 46 { 47 get 48 { 49 if (_instance == null) 50 { 51 _instance = new DllInjector(); 52 } 53 return _instance; 54 } 55 } 56 57 DllInjector() { } 58 59 public DllInjectionResult Inject(string sProcName, string sDllPath) 60 { 61 if (!File.Exists(sDllPath)) 62 { 63 return DllInjectionResult.DllNotFound; 64 } 65 66 uint _procId = 0; 67 68 Process[] _procs = Process.GetProcesses(); 69 for (int i = 0; i < _procs.Length; i++) 70 { 71 if (_procs[i].ProcessName == sProcName) 72 { 73 _procId = (uint)_procs[i].Id; 74 break; 75 } 76 } 77 78 if (_procId == 0) 79 { 80 return DllInjectionResult.GameProcessNotFound; 81 } 82 83 if (!bInject(_procId, sDllPath)) 84 { 85 return DllInjectionResult.InjectionFailed; 86 } 87 88 return DllInjectionResult.Success; 89 } 90 91 bool bInject(uint pToBeInjected, string sDllPath) 92 { 93 IntPtr hndProc = OpenProcess((0x2 | 0x8 | 0x10 | 0x20 | 0x400), 1, pToBeInjected); 94 95 if (hndProc == INTPTR_ZERO) 96 { 97 return false; 98 } 99 100 IntPtr lpLLAddress = GetProcAddress(GetModuleHandle("kernel32.dll"), "LoadLibraryA");101 102 if (lpLLAddress == INTPTR_ZERO)103 {104 return false;105 }106 107 IntPtr lpAddress = VirtualAllocEx(hndProc, (IntPtr)null, (IntPtr)sDllPath.Length, (0x1000 | 0x2000), 0X40);108 109 if (lpAddress == INTPTR_ZERO)110 {111 return false;112 }113 114 byte[] bytes = Encoding.ASCII.GetBytes(sDllPath);115 116 if (WriteProcessMemory(hndProc, lpAddress, bytes, (uint)bytes.Length, 0) == 0)117 {118 return false;119 }120 121 if (CreateRemoteThread(hndProc, (IntPtr)null, INTPTR_ZERO, lpLLAddress, lpAddress, 0, (IntPtr)null) == INTPTR_ZERO)122 {123 return false;124 }125 126 CloseHandle(hndProc);127 128 return true;129 }130 }131 }
Note: You must install. netframework when using it.
General C # DLL injector (not limited to DLL injection)
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
