 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
Krähne
Expert Cheater
 Reputation: 0
Joined: 06 Jun 2010
Posts: 108
Location: Inside of my Kernel
|
 Posted: Tue Mar 15, 2011 5:16 pm Post subject: C# Code Cave Injection, Or... Trampoline? |
 |
|
Is that possible in C#?... i want make a .dll injector, but... not using the typical API: CreateRemoteThread; I want make this harder  , indetectable... etc.
So... exists anyway for do this?... Is posible or the .NET plataform doesn't support that?.
PD: I don't want you to give me the job done, just want to know if possible.
|
|
| Back to top |
|
 |
AhMunRa
Grandmaster Cheater Supreme
![]() Reputation: 27
Joined: 06 Aug 2010
Posts: 1117
|
| Posted: Tue Mar 15, 2011 5:49 pm Post subject: |
|
|
I'm getting ready to try the same thing. If I succeed I'll let you know.
_________________
<Wiccaan> Bah that was supposed to say 'not saying its dead' lol. Fixing >.> |
|
| Back to top |
|
|
Krähne
Expert Cheater
Reputation: 0
Joined: 06 Jun 2010
Posts: 108
Location: Inside of my Kernel
|
| Posted: Tue Mar 15, 2011 6:40 pm Post subject: |
|
|
| AhMunRa wrote: | | I'm getting ready to try the same thing. If I succeed I'll let you know. |
Ok dude, thx, maybe can we work together in a future  ...
PD: i'm already started, and... actually i'm making this real... perhaps i will post my progress.
|
|
| Back to top |
|
|
atom0s
Moderator
 Reputation: 205
Joined: 25 Jan 2006
Posts: 8586
Location: 127.0.0.1
|
| Posted: Tue Mar 15, 2011 7:16 pm Post subject: |
 |
|
Yes it's possible. Just import the API and you can call it as normal. Here's an example, I wrote this injector class for an old project a few weeks back:
| Code: | // ManagedInjection.cs
// (c) atom0s 2011
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Runtime.InteropServices;
using System.IO;
using System.Diagnostics;
/// <summary>
/// Injection v2.
///
/// This is version 2 of the injector class.
/// </summary>
namespace ManagedInjection
{
public static class ManagedInjector
{
/// <summary>
/// Create the given process in a suspended state.
/// </summary>
/// <param name="strFileExec"></param>
/// <param name="strArguments"></param>
/// <returns></returns>
public static int CreateSuspended(string strFileExec, string strArguments = "")
{
NativeAPI.PROCESS_INFORMATION pi = new NativeAPI.PROCESS_INFORMATION();
NativeAPI.STARTUPINFO si = new NativeAPI.STARTUPINFO();
try
{
if (strFileExec.Length == 0 || !File.Exists(strFileExec))
return 0;
bool bCreated = NativeAPI.CreateProcess(
strFileExec, strArguments,
IntPtr.Zero, IntPtr.Zero,
false,
NativeAPI.NORMAL_PRIORITY_CLASS | NativeAPI.CREATE_SUSPENDED,
IntPtr.Zero,
Path.GetDirectoryName(strFileExec),
ref si, out pi
);
return pi.dwProcessId;
}
catch (Exception ex)
{
return 0;
}
finally
{
if (pi.hProcess != IntPtr.Zero)
NativeAPI.CloseHandle(pi.hProcess);
if (pi.hThread != IntPtr.Zero)
NativeAPI.CloseHandle(pi.hThread);
}
}
/// <summary>
/// Injects the given module into the specified process.
/// </summary>
/// <param name="dwProcessId"></param>
/// <param name="strModulePath"></param>
/// <param name="bSuspendProcess"></param>
/// <returns></returns>
public static bool InjectModule(int dwProcessId, string strModulePath, bool bSuspendProcess = true)
{
if (!IsRunning(dwProcessId))
return false;
if (strModulePath.Length == 0 || !File.Exists(strModulePath))
return false;
IntPtr lpKernel32 = IntPtr.Zero; // Kernel32.dll module address.
IntPtr lpLoadLibA = IntPtr.Zero; // LoadLibraryA procedure address.
IntPtr lpAllocPtr = IntPtr.Zero; // Allocated memory pointer.
IntPtr lpRmThread = IntPtr.Zero; // Remote thread handle.
Process proc = null; // Process instance.
try
{
if (bSuspendProcess)
SuspendProcess(dwProcessId);
// Obtain kernel32.dll module address.
lpKernel32 = NativeAPI.GetModuleHandle("kernel32.dll");
if (lpKernel32 == IntPtr.Zero)
throw new Exception("[InjectModule] Error: Failed to obtain kernel32.dll module address.");
// Obtain procedure address for LoadLibraryA.
lpLoadLibA = NativeAPI.GetProcAddress(lpKernel32, "LoadLibraryA");
if (lpLoadLibA == IntPtr.Zero)
throw new Exception("[InjectModule] Error: Failed to obtain procedure address for LoadLibraryA.");
// Obtain process instance.
proc = Process.GetProcessById(dwProcessId);
if (proc == null)
throw new Exception("Process specified is not running.");
// Allocate memory in remote process.
lpAllocPtr = NativeAPI.VirtualAllocEx(proc.Handle, IntPtr.Zero, (uint)strModulePath.Length, NativeAPI.AllocationType.Commit, NativeAPI.MemoryProtection.ExecuteReadWrite);
if (lpAllocPtr == IntPtr.Zero)
throw new Exception("[InjectModule] Error: Failed to allocate memory in remote process.");
// Attempt to write module path to allocated memory.
int nNumBytesWritten = 0;
byte[] btModulePath = Encoding.ASCII.GetBytes(strModulePath);
bool bWasWritten = NativeAPI.WriteProcessMemory(proc.Handle, lpAllocPtr, btModulePath, (uint)btModulePath.Length, out nNumBytesWritten);
if (!bWasWritten || nNumBytesWritten == 0 || (nNumBytesWritten < btModulePath.Length))
throw new Exception("[InjectModule] Error: Failed to write module path to remote memory.");
// Create remote thread calling LoadLibraryA.
lpRmThread = NativeAPI.CreateRemoteThread(proc.Handle, IntPtr.Zero, 0, lpLoadLibA, lpAllocPtr, 0, IntPtr.Zero);
if (lpRmThread == IntPtr.Zero)
throw new Exception("[InjectModule] Error: Failed to create remote thread.");
// Obtain thread exit code.
uint nExitCode = 0;
NativeAPI.WaitForSingleObject(lpRmThread, NativeAPI.INFINITE);
NativeAPI.GetExitCodeThread(lpRmThread, out nExitCode);
if (nExitCode == 0)
throw new Exception("[InjectModule] Error: Thread did not return valid address for loaded module.");
return true;
}
catch (Exception ex)
{
return false;
}
finally
{
if (lpRmThread != IntPtr.Zero)
NativeAPI.CloseHandle(lpRmThread);
if (lpAllocPtr != IntPtr.Zero && proc != null)
NativeAPI.VirtualFreeEx(proc.Handle, lpAllocPtr, (uint)strModulePath.Length, NativeAPI.AllocationType.Decommit);
if (bSuspendProcess)
ResumeProcess(dwProcessId);
}
}
/// <summary>
/// Remotely call an exported function of a module in the
/// specified process.
/// </summary>
/// <param name="dwProcessId"></param>
/// <param name="strModuleName"></param>
/// <param name="strExportName"></param>
/// <returns></returns>
public static bool CallExport(int dwProcessId, string strModuleName, string strExportName)
{
return CallExport(dwProcessId, strModuleName, strExportName);
}
/// <summary>
/// Remotely call an exported function of a module in the
/// specified process.
/// </summary>
/// <param name="dwProcessId"></param>
/// <param name="strModuleName"></param>
/// <param name="strExportName"></param>
/// <param name="nExpectedReturn"></param>
/// <param name="bIgnoreReturn"></param>
/// <param name="btArgument"></param>
/// <returns></returns>
public static bool CallExport(int dwProcessId, string strModuleName, string strExportName, uint nExpectedReturn, bool bIgnoreReturn, byte[] btArgument = null)
{
if (!IsRunning(dwProcessId))
return false;
if (strModuleName.Length == 0 || !File.Exists(strModuleName))
return false;
ProcessModule module = null;
if (!HasModule(dwProcessId, strModuleName, out module))
return false;
IntPtr lpBaseAddr = IntPtr.Zero; // Module base address.
IntPtr lpProcAddr = IntPtr.Zero; // Export procedure address.
IntPtr lpAllocPtr = IntPtr.Zero; // Allocated memory pointer.
IntPtr lpRmThread = IntPtr.Zero; // Remote thread handle.
Process proc = null; // Process instance.
try
{
// Load module into current process.
lpBaseAddr = NativeAPI.LoadLibrary(strModuleName);
if (lpBaseAddr == IntPtr.Zero)
throw new Exception("[CallExport] Error: Failed to load library into current process.");
// Obtain procedure address for export.
lpProcAddr = NativeAPI.GetProcAddress(lpBaseAddr, strExportName);
if (lpProcAddr == IntPtr.Zero)
throw new Exception("[CallExport] Error: Failed to obtain exported procedure address.");
// Calculate offset to export.
IntPtr lpCalcOffset = new IntPtr(lpProcAddr.ToInt32() - lpBaseAddr.ToInt32());
if (lpCalcOffset == IntPtr.Zero)
throw new Exception("[CallExport] Error: Failed to calculate offset to expot function.");
// Obtain process instance.
proc = Process.GetProcessById(dwProcessId);
if (proc == null)
throw new Exception("Process specified is not running.");
// Handle argument param if passed.
if (btArgument != null && btArgument.Length > 0)
{
lpAllocPtr = NativeAPI.VirtualAllocEx(proc.Handle, IntPtr.Zero, (uint)btArgument.Length, NativeAPI.AllocationType.Commit, NativeAPI.MemoryProtection.ExecuteReadWrite);
if (lpAllocPtr == IntPtr.Zero)
throw new Exception("[CallExport] Error: Failed to allocate memory in remote process.");
int nNumBytesWritten = 0;
bool bWasWritten = NativeAPI.WriteProcessMemory(proc.Handle, lpAllocPtr, btArgument, (uint)btArgument.Length, out nNumBytesWritten);
if (!bWasWritten || nNumBytesWritten == 0 || (nNumBytesWritten < btArgument.Length))
throw new Exception("[CallExport] Error: Failed to write argument data to remote process.");
}
// Create remote thread calling export.
lpRmThread = NativeAPI.CreateRemoteThread(proc.Handle, IntPtr.Zero, 0, lpProcAddr,
(lpAllocPtr != IntPtr.Zero) ? lpAllocPtr : IntPtr.Zero,
0, IntPtr.Zero
);
if (lpRmThread == IntPtr.Zero)
throw new Exception("[CallExport] Error: Failed to create remote thread.");
// Obtain thread exit code.
uint nExitCode = 0;
NativeAPI.WaitForSingleObject(lpRmThread, NativeAPI.INFINITE);
NativeAPI.GetExitCodeThread(lpRmThread, out nExitCode);
if (bIgnoreReturn == false)
{
if (nExitCode != nExpectedReturn)
throw new Exception("[CallExport] Error: Remote thread did not return expected value.");
}
return true;
}
catch (Exception ex)
{
return false;
}
finally
{
if (lpRmThread != IntPtr.Zero)
NativeAPI.CloseHandle(lpRmThread);
if (lpAllocPtr != IntPtr.Zero && proc != null)
NativeAPI.VirtualFreeEx(proc.Handle, lpAllocPtr, (uint)btArgument.Length, NativeAPI.AllocationType.Decommit);
}
}
/// <summary>
/// Resumes a process from its suspended state.
/// </summary>
/// <param name="dwProcessId"></param>
/// <param name="bForceResume"></param>
/// <returns></returns>
public static bool ResumeProcess(int dwProcessId, bool bForceResume = false)
{
try
{
// Obtain process instance.
Process proc = Process.GetProcessById(dwProcessId);
if (proc == null)
return false;
// Obtain thread handle.
ProcessThread thread = proc.Threads[0];
IntPtr lpThreadHandle = NativeAPI.OpenThread(NativeAPI.ThreadAccess.SUSPEND_RESUME, false, (uint)thread.Id);
if (lpThreadHandle == IntPtr.Zero)
return false;
if (bForceResume == true)
while (NativeAPI.ResumeThread(lpThreadHandle) != 0) ;
else
NativeAPI.ResumeThread(lpThreadHandle);
NativeAPI.CloseHandle(lpThreadHandle);
return true;
}
catch { return false; }
}
/// <summary>
/// Suspends the process.
/// </summary>
/// <param name="dwProcessId"></param>
/// <returns></returns>
public static bool SuspendProcess(int dwProcessId)
{
try
{
// Obtain process instance.
Process proc = Process.GetProcessById(dwProcessId);
if (proc == null)
return false;
// Obtain thread handle.
ProcessThread thread = proc.Threads[0];
IntPtr lpThreadHandle = NativeAPI.OpenThread(NativeAPI.ThreadAccess.SUSPEND_RESUME, false, (uint)thread.Id);
if (lpThreadHandle == IntPtr.Zero)
return false;
NativeAPI.SuspendThread(lpThreadHandle);
NativeAPI.CloseHandle(lpThreadHandle);
return true;
}
catch { return false; }
}
/// <summary>
/// Kills the process.
/// </summary>
/// <param name="dwProcessId"></param>
/// <returns></returns>
public static bool KillProcess(int dwProcessId)
{
try
{
Process proc = Process.GetProcessById(dwProcessId);
if (proc == null)
return false;
proc.Kill();
return true;
}
catch { return false; }
}
/// <summary>
/// Determines if the process has the specified module
/// loaded into its memory.
/// </summary>
/// <param name="dwProcessId"></param>
/// <param name="strModuleName"></param>
/// <param name="module"></param>
/// <returns></returns>
public static bool HasModule(int dwProcessId, string strModuleName, out ProcessModule module)
{
try
{
// Obtain process instance.
Process proc = Process.GetProcessById(dwProcessId);
if (proc == null)
{
module = null;
return false;
}
// Locate the module.
foreach (ProcessModule mod in proc.Modules)
{
if (mod.ModuleName.ToLower() == strModuleName.ToLower())
{
module = mod;
return true;
}
}
module = null;
return false;
}
catch { module = null; return false; }
}
/// <summary>
/// Determine if the process is running.
/// </summary>
/// <param name="dwProcessId"></param>
/// <returns></returns>
public static bool IsRunning(int dwProcessId)
{
try
{
Process proc = Process.GetProcessById(dwProcessId);
if( proc == null || proc.HasExited == true)
return false;
return true;
}
catch { return false; }
}
/// <summary>
/// Determine if a process is suspended.
/// </summary>
/// <param name="dwProcessId"></param>
/// <returns></returns>
public static bool IsSuspended(int dwProcessId)
{
try
{
// Obtain process instance.
Process proc = Process.GetProcessById(dwProcessId);
if (proc == null)
return false;
return (proc.Threads[0].ThreadState == ThreadState.Wait && proc.Threads[0].WaitReason == ThreadWaitReason.Suspended);
}
catch { return false; }
}
}
#region "Native Win32 API Definitions"
/// <summary>
/// Native Win32 API Definitions
///
/// API needed in order to do the required tasks of
/// loading, injection, and remote export calling.
/// </summary>
internal class NativeAPI
{
/// <summary>
/// kernel32.CloseHandle
/// </summary>
/// <param name="hObject"></param>
/// <returns></returns>
[DllImport("kernel32.dll", SetLastError = true)]
[return: MarshalAs(UnmanagedType.Bool)]
public static extern bool CloseHandle(
IntPtr hObject
);
/// <summary>
/// kernel32.CreateProcess
/// </summary>
/// <param name="lpApplicationName"></param>
/// <param name="lpCommandLine"></param>
/// <param name="lpProcessAttributes"></param>
/// <param name="lpThreadAttributes"></param>
/// <param name="bInheritHandles"></param>
/// <param name="dwCreationFlags"></param>
/// <param name="lpEnvironment"></param>
/// <param name="lpCurrentDirectory"></param>
/// <param name="lpStartupInfo"></param>
/// <param name="lpProcessInformation"></param>
/// <returns></returns>
[DllImport("kernel32.dll")]
public static extern bool CreateProcess(string lpApplicationName,
string lpCommandLine,
[In] IntPtr lpProcessAttributes,
[In] IntPtr lpThreadAttributes,
bool bInheritHandles,
uint dwCreationFlags,
IntPtr lpEnvironment,
string lpCurrentDirectory,
[In] ref STARTUPINFO lpStartupInfo,
out PROCESS_INFORMATION lpProcessInformation
);
/// <summary>
/// kernel32.CreateRemoteThread
/// </summary>
/// <param name="hProcess"></param>
/// <param name="lpThreadAttributes"></param>
/// <param name="dwStackSize"></param>
/// <param name="lpStartAddress"></param>
/// <param name="lpParameter"></param>
/// <param name="dwCreationFlags"></param>
/// <param name="lpThreadId"></param>
/// <returns></returns>
[DllImport("kernel32.dll")]
public static extern IntPtr CreateRemoteThread(
IntPtr hProcess,
IntPtr lpThreadAttributes,
uint dwStackSize,
IntPtr lpStartAddress,
IntPtr lpParameter,
uint dwCreationFlags,
IntPtr lpThreadId
);
/// <summary>
/// kernel32.GetExitCodeThread
/// </summary>
/// <param name="hThread"></param>
/// <param name="lpExitCode"></param>
/// <returns></returns>
[DllImport("kernel32.dll")]
public static extern bool GetExitCodeThread(
IntPtr hThread,
out uint lpExitCode
);
/// <summary>
/// kernel32.GetModuleHandle
/// </summary>
/// <param name="lpModuleName"></param>
/// <returns></returns>
[DllImport("kernel32.dll", CharSet = CharSet.Auto)]
public static extern IntPtr GetModuleHandle(
string lpModuleName
);
/// <summary>
/// kernel32.GetProcAddress
/// </summary>
/// <param name="hModule"></param>
/// <param name="procName"></param>
/// <returns></returns>
[DllImport("kernel32.dll", CharSet = CharSet.Ansi, ExactSpelling = true, SetLastError = true)]
public static extern IntPtr GetProcAddress(
IntPtr hModule,
string procName
);
/// <summary>
/// kernel32.LoadLibraryA
/// </summary>
/// <param name="lpFileName"></param>
/// <returns></returns>
[DllImport("kernel32.dll", CharSet = CharSet.Ansi, EntryPoint = "LoadLibraryA", SetLastError = true)]
public static extern IntPtr LoadLibrary(
string lpFileName
);
/// <summary>
/// kernel32.OpenThread
/// </summary>
/// <param name="dwDesiredAccess"></param>
/// <param name="bInheritHandle"></param>
/// <param name="dwThreadId"></param>
/// <returns></returns>
[DllImport("kernel32.dll")]
public static extern IntPtr OpenThread(
ThreadAccess dwDesiredAccess,
bool bInheritHandle,
uint dwThreadId
);
/// <summary>
/// kernel32.ResumeThread
/// </summary>
/// <param name="hThread"></param>
/// <returns></returns>
[DllImport("kernel32.dll")]
public static extern uint ResumeThread(
IntPtr hThread
);
/// <summary>
/// kernel32.SuspendThread
/// </summary>
/// <param name="hThread"></param>
/// <returns></returns>
[DllImport("kernel32.dll")]
public static extern uint SuspendThread(
IntPtr hThread
);
/// <summary>
/// kernel32.TerminateThread
/// </summary>
/// <param name="hThread"></param>
/// <param name="dwExitCode"></param>
/// <returns></returns>
[DllImport("kernel32.dll")]
public static extern bool TerminateThread(
IntPtr hThread,
uint dwExitCode
);
/// <summary>
/// kernel32.VirtualAllocEx
/// </summary>
/// <param name="hProcess"></param>
/// <param name="lpAddress"></param>
/// <param name="dwSize"></param>
/// <param name="flAllocationType"></param>
/// <param name="flProtect"></param>
/// <returns></returns>
[DllImport("kernel32.dll", SetLastError = true, ExactSpelling = true)]
public static extern IntPtr VirtualAllocEx(
IntPtr hProcess,
IntPtr lpAddress,
uint dwSize,
AllocationType flAllocationType,
MemoryProtection flProtect
);
/// <summary>
/// kernel32.VirtualFreeEx
/// </summary>
/// <param name="hProcess"></param>
/// <param name="lpAddress"></param>
/// <param name="dwSize"></param>
/// <param name="flFreeType"></param>
/// <returns></returns>
[DllImport("kernel32.dll", SetLastError = true, ExactSpelling = true)]
public static extern bool VirtualFreeEx(
IntPtr hProcess,
IntPtr lpAddress,
uint dwSize,
AllocationType flFreeType
);
/// <summary>
/// kernel32.WaitForSingleObject
/// </summary>
/// <param name="hHandle"></param>
/// <param name="dwMilliseconds"></param>
/// <returns></returns>
[DllImport("kernel32.dll", SetLastError = true)]
public static extern UInt32 WaitForSingleObject(
IntPtr hHandle,
UInt32 dwMilliseconds
);
/// <summary>
/// kernel32.WriteProcessMemory
/// </summary>
/// <param name="hProcess"></param>
/// <param name="lpBaseAddress"></param>
/// <param name="lpBuffer"></param>
/// <param name="nSize"></param>
/// <param name="lpNumberOfBytesWritten"></param>
/// <returns></returns>
[DllImport("kernel32.dll", SetLastError = true)]
public static extern bool WriteProcessMemory(
IntPtr hProcess,
IntPtr lpBaseAddress,
byte[] lpBuffer,
uint nSize,
out int lpNumberOfBytesWritten
);
/// <summary>
/// Virtual memory allocation types.
/// </summary>
[Flags]
public enum AllocationType
{
Commit = 0x1000,
Reserve = 0x2000,
Decommit = 0x4000,
Release = 0x8000,
Reset = 0x80000,
Physical = 0x400000,
TopDown = 0x100000,
WriteWatch = 0x200000,
LargePages = 0x20000000
}
/// <summary>
/// Virtual memory protection types.
/// </summary>
[Flags]
public enum MemoryProtection
{
Execute = 0x10,
ExecuteRead = 0x20,
ExecuteReadWrite = 0x40,
ExecuteWriteCopy = 0x80,
NoAccess = 0x01,
ReadOnly = 0x02,
ReadWrite = 0x04,
WriteCopy = 0x08,
GuardModifierflag = 0x100,
NoCacheModifierflag = 0x200,
WriteCombineModifierflag = 0x400
}
/// <summary>
/// Thread access flags.
/// </summary>
[Flags]
public enum ThreadAccess : int
{
TERMINATE = (0x0001),
SUSPEND_RESUME = (0x0002),
GET_CONTEXT = (0x0008),
SET_CONTEXT = (0x0010),
SET_INFORMATION = (0x0020),
QUERY_INFORMATION = (0x0040),
SET_THREAD_TOKEN = (0x0080),
IMPERSONATE = (0x0100),
DIRECT_IMPERSONATION = (0x0200)
}
/// <summary>
/// Process creation startup information structure.
/// </summary>
[StructLayout(LayoutKind.Sequential, CharSet = CharSet.Unicode)]
public struct STARTUPINFO
{
public Int32 cb;
public string lpReserved;
public string lpDesktop;
public string lpTitle;
public Int32 dwX;
public Int32 dwY;
public Int32 dwXSize;
public Int32 dwYSize;
public Int32 dwXCountChars;
public Int32 dwYCountChars;
public Int32 dwFillAttribute;
public Int32 dwFlags;
public Int16 wShowWindow;
public Int16 cbReserved2;
public IntPtr lpReserved2;
public IntPtr hStdInput;
public IntPtr hStdOutput;
public IntPtr hStdError;
}
/// <summary>
/// Process creation information structure.
/// </summary>
[StructLayout(LayoutKind.Sequential)]
public struct PROCESS_INFORMATION
{
public IntPtr hProcess;
public IntPtr hThread;
public int dwProcessId;
public int dwThreadId;
}
/// <summary>
/// Process creation security attributes structure.
/// </summary>
[StructLayout(LayoutKind.Sequential)]
public struct SECURITY_ATTRIBUTES
{
public int nLength;
public IntPtr lpSecurityDescriptor;
public int bInheritHandle;
}
/// <summary>
/// CreateProcess creation flags.
/// </summary>
public const UInt32 DEBUG_PROCESS = 0x00000001;
public const UInt32 DEBUG_ONLY_THIS_PROCESS = 0x00000002;
public const UInt32 CREATE_SUSPENDED = 0x00000004;
public const UInt32 DETACHED_PROCESS = 0x00000008;
public const UInt32 CREATE_NEW_CONSOLE = 0x00000010;
/// <summary>
/// CreateProcess priority constants.
/// </summary>
public const UInt32 NORMAL_PRIORITY_CLASS = 0x00000020;
public const UInt32 IDLE_PRIORITY_CLASS = 0x00000040;
public const UInt32 HIGH_PRIORITY_CLASS = 0x00000080;
public const UInt32 REALTIME_PRIORITY_CLASS = 0x00000100;
/// <summary>
/// WaitForSingleObject constants.
/// </summary>
public const UInt32 INFINITE = 0xFFFFFFFF;
public const UInt32 WAIT_ABANDONED = 0x00000080;
public const UInt32 WAIT_OBJECT_0 = 0x00000000;
public const UInt32 WAIT_TIMEOUT = 0x00000102;
}
#endregion
}
|
May have issues since I didn't debug the loader much since it wasn't the main focus of the project.
_________________
- Retired. |
|
| Back to top |
|
|
Pingo
Grandmaster Cheater
![]() Reputation: 8
Joined: 12 Jul 2007
Posts: 571
|
|
| Back to top |
|
|
Krähne
Expert Cheater
Reputation: 0
Joined: 06 Jun 2010
Posts: 108
Location: Inside of my Kernel
|
| Posted: Tue Mar 15, 2011 7:41 pm Post subject: |
|
|
| Wiccaan wrote: | Yes it's possible. Just import the API and you can call it as normal. Here's an example, I wrote this injector class for an old project a few weeks back:
| Code: | | //(...) Nice code (...) |
May have issues since I didn't debug the loader much since it wasn't the main focus of the project. |
Lol, you're a genius! thanks alot, i'll learn about it.
No man... that's a CRT method, i don't want use that.
Thanks anyways.
|
|
| Back to top |
|
|
AhMunRa
Grandmaster Cheater Supreme
![]() Reputation: 27
Joined: 06 Aug 2010
Posts: 1117
|
| Posted: Tue Mar 15, 2011 8:50 pm Post subject: |
|
|
I'm in love with Wiccaan's code. Well documented, well formatted.
I have a bad habit of not commenting and 2 days later I forget why I did something the way I did or I forget what a function does entirely.
_________________
<Wiccaan> Bah that was supposed to say 'not saying its dead' lol. Fixing >.> |
|
| Back to top |
|
|
Krähne
Expert Cheater
Reputation: 0
Joined: 06 Jun 2010
Posts: 108
Location: Inside of my Kernel
|
| Posted: Tue Mar 15, 2011 11:08 pm Post subject: |
|
|
| AhMunRa wrote: | | I have a bad habit of not commenting and 2 days later I forget why I did something the way I did or I forget what a function does entirely. |
ROFL; I was also... but then I got used... and now i can't get confused in my source codes ^^.
Wiccan is a nice coder... thumbs up for him! 
|
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
