Why does this dode fail injection?
-
I got DLL injection example from youtube. http://www.youtube.com/watch?v=H3O3hmXkt1I For some reason it says: "Injection failed" (under indows 7) and under win xp this exe doesn't even start (i see msgbox telling me to reinstall this app). It compiles w/o errors Injector.exe
#include <iostream> #include <direct.h> #include <windows.h> #include <tlhelp32.h> using namespace std; char* GetCurrentDir() { char* szRet = (char*)malloc(MAX_PATH); _getcwd(szRet, MAX_PATH); return szRet; } LPCTSTR SzToLPCTSTR(char* szString) { LPTSTR lpszRet; size_t size = strlen(szString)+1; lpszRet = (LPTSTR)malloc(MAX_PATH); mbstowcs_s(NULL,lpszRet,size,szString,_TRUNCATE); return lpszRet; } void WaitForProcessToAppear(LPCTSTR lpcszProc, DWORD dwDelay) { HANDLE hSnap; PROCESSENTRY32 peProc; BOOL bAppeared = FALSE; while (!bAppeared) { if((hSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0)) != INVALID_HANDLE_VALUE) { peProc.dwSize = sizeof(PROCESSENTRY32); if(Process32First(hSnap, &peProc)) while(Process32Next (hSnap, &peProc) && !bAppeared) if(!lstrcmp(lpcszProc, peProc.szExeFile)) bAppeared = TRUE; } CloseHandle(hSnap); Sleep(dwDelay); } } DWORD GetProcessIdByName(LPCTSTR lpcszProc) { HANDLE hSnap; PROCESSENTRY32 peProc; DWORD dwRet = -1; if((hSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0)) != INVALID_HANDLE_VALUE) { peProc.dwSize = sizeof(PROCESSENTRY32); if(Process32First(hSnap, &peProc)) while(Process32Next (hSnap, &peProc)) if(!lstrcmp(lpcszProc, peProc.szExeFile)) dwRet = peProc.th32ProcessID; } CloseHandle(hSnap); return dwRet; } BOOL InjectDLL(DWORD dwPid, char* szDllPath) { DWORD dwMemSize; HANDLE hProc; LPVOID lpRemoteMem, lpLoadLibrary; BOOL bRet = FALSE; if((hProc = OpenProcess(PROCESS_VM_OPERATION | PROCESS_VM_WRITE | PROCESS_CREATE_THREAD, FALSE, dwPid)) != NULL) { dwMemSize = strlen(szDllPath) +1; if((lpRemoteMem = VirtualAllocEx(hProc,NULL,dwMemSize,MEM_COMMIT,PAGE_READWRITE)) != NULL) if(WriteProcessMemory(hProc, lpRemoteMem, (LPCVOID)szDllPath,dwMemSize,NULL)) { lpLoadLibrary = GetProcAddress(GetModuleHandleA("kernel32.dll"), "LoadLibraryA"); if(CreateRemoteThread(hProc, NULL, 0, (LPTHREAD_START_ROUTINE)lpLoadLibrary, lpRemoteMem, 0, NULL) != NULL) bRet = TRUE; } } CloseHandle(hProc); return bRet; } int main() { char szProc[MAX_PATH],szD -
I got DLL injection example from youtube. http://www.youtube.com/watch?v=H3O3hmXkt1I For some reason it says: "Injection failed" (under indows 7) and under win xp this exe doesn't even start (i see msgbox telling me to reinstall this app). It compiles w/o errors Injector.exe
#include <iostream> #include <direct.h> #include <windows.h> #include <tlhelp32.h> using namespace std; char* GetCurrentDir() { char* szRet = (char*)malloc(MAX_PATH); _getcwd(szRet, MAX_PATH); return szRet; } LPCTSTR SzToLPCTSTR(char* szString) { LPTSTR lpszRet; size_t size = strlen(szString)+1; lpszRet = (LPTSTR)malloc(MAX_PATH); mbstowcs_s(NULL,lpszRet,size,szString,_TRUNCATE); return lpszRet; } void WaitForProcessToAppear(LPCTSTR lpcszProc, DWORD dwDelay) { HANDLE hSnap; PROCESSENTRY32 peProc; BOOL bAppeared = FALSE; while (!bAppeared) { if((hSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0)) != INVALID_HANDLE_VALUE) { peProc.dwSize = sizeof(PROCESSENTRY32); if(Process32First(hSnap, &peProc)) while(Process32Next (hSnap, &peProc) && !bAppeared) if(!lstrcmp(lpcszProc, peProc.szExeFile)) bAppeared = TRUE; } CloseHandle(hSnap); Sleep(dwDelay); } } DWORD GetProcessIdByName(LPCTSTR lpcszProc) { HANDLE hSnap; PROCESSENTRY32 peProc; DWORD dwRet = -1; if((hSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0)) != INVALID_HANDLE_VALUE) { peProc.dwSize = sizeof(PROCESSENTRY32); if(Process32First(hSnap, &peProc)) while(Process32Next (hSnap, &peProc)) if(!lstrcmp(lpcszProc, peProc.szExeFile)) dwRet = peProc.th32ProcessID; } CloseHandle(hSnap); return dwRet; } BOOL InjectDLL(DWORD dwPid, char* szDllPath) { DWORD dwMemSize; HANDLE hProc; LPVOID lpRemoteMem, lpLoadLibrary; BOOL bRet = FALSE; if((hProc = OpenProcess(PROCESS_VM_OPERATION | PROCESS_VM_WRITE | PROCESS_CREATE_THREAD, FALSE, dwPid)) != NULL) { dwMemSize = strlen(szDllPath) +1; if((lpRemoteMem = VirtualAllocEx(hProc,NULL,dwMemSize,MEM_COMMIT,PAGE_READWRITE)) != NULL) if(WriteProcessMemory(hProc, lpRemoteMem, (LPCVOID)szDllPath,dwMemSize,NULL)) { lpLoadLibrary = GetProcAddress(GetModuleHandleA("kernel32.dll"), "LoadLibraryA"); if(CreateRemoteThread(hProc, NULL, 0, (LPTHREAD_START_ROUTINE)lpLoadLibrary, lpRemoteMem, 0, NULL) != NULL) bRet = TRUE; } } CloseHandle(hProc); return bRet; } int main() { char szProc[MAX_PATH],szDTry to run the code with administrator privileges.
«_Superman_» I love work. It gives me something to do between weekends.
Microsoft MVP (Visual C++) -
Try to run the code with administrator privileges.
«_Superman_» I love work. It gives me something to do between weekends.
Microsoft MVP (Visual C++) -
>Try to run the code with administrator privileges. still fails. Does that code work for you?
You should try to debug it and find out what fails exactly.
«_Superman_» I love work. It gives me something to do between weekends.
Microsoft MVP (Visual C++) -
I got DLL injection example from youtube. http://www.youtube.com/watch?v=H3O3hmXkt1I For some reason it says: "Injection failed" (under indows 7) and under win xp this exe doesn't even start (i see msgbox telling me to reinstall this app). It compiles w/o errors Injector.exe
#include <iostream> #include <direct.h> #include <windows.h> #include <tlhelp32.h> using namespace std; char* GetCurrentDir() { char* szRet = (char*)malloc(MAX_PATH); _getcwd(szRet, MAX_PATH); return szRet; } LPCTSTR SzToLPCTSTR(char* szString) { LPTSTR lpszRet; size_t size = strlen(szString)+1; lpszRet = (LPTSTR)malloc(MAX_PATH); mbstowcs_s(NULL,lpszRet,size,szString,_TRUNCATE); return lpszRet; } void WaitForProcessToAppear(LPCTSTR lpcszProc, DWORD dwDelay) { HANDLE hSnap; PROCESSENTRY32 peProc; BOOL bAppeared = FALSE; while (!bAppeared) { if((hSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0)) != INVALID_HANDLE_VALUE) { peProc.dwSize = sizeof(PROCESSENTRY32); if(Process32First(hSnap, &peProc)) while(Process32Next (hSnap, &peProc) && !bAppeared) if(!lstrcmp(lpcszProc, peProc.szExeFile)) bAppeared = TRUE; } CloseHandle(hSnap); Sleep(dwDelay); } } DWORD GetProcessIdByName(LPCTSTR lpcszProc) { HANDLE hSnap; PROCESSENTRY32 peProc; DWORD dwRet = -1; if((hSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0)) != INVALID_HANDLE_VALUE) { peProc.dwSize = sizeof(PROCESSENTRY32); if(Process32First(hSnap, &peProc)) while(Process32Next (hSnap, &peProc)) if(!lstrcmp(lpcszProc, peProc.szExeFile)) dwRet = peProc.th32ProcessID; } CloseHandle(hSnap); return dwRet; } BOOL InjectDLL(DWORD dwPid, char* szDllPath) { DWORD dwMemSize; HANDLE hProc; LPVOID lpRemoteMem, lpLoadLibrary; BOOL bRet = FALSE; if((hProc = OpenProcess(PROCESS_VM_OPERATION | PROCESS_VM_WRITE | PROCESS_CREATE_THREAD, FALSE, dwPid)) != NULL) { dwMemSize = strlen(szDllPath) +1; if((lpRemoteMem = VirtualAllocEx(hProc,NULL,dwMemSize,MEM_COMMIT,PAGE_READWRITE)) != NULL) if(WriteProcessMemory(hProc, lpRemoteMem, (LPCVOID)szDllPath,dwMemSize,NULL)) { lpLoadLibrary = GetProcAddress(GetModuleHandleA("kernel32.dll"), "LoadLibraryA"); if(CreateRemoteThread(hProc, NULL, 0, (LPTHREAD_START_ROUTINE)lpLoadLibrary, lpRemoteMem, 0, NULL) != NULL) bRet = TRUE; } } CloseHandle(hProc); return bRet; } int main() { char szProc[MAX_PATH],szDtry setting debug priviledges
-
try setting debug priviledges
whats the debug privileges? In youtube tutorial is used win xp but i hav win 7, would that be a problem? if i debug variables to console i will probably get just some numbers that doesn't say any thing for me but, I will try it. edit1: why doesn't this exe run on win xp?( copied binary (didn't recompile it)) "This application has failed to start because the application configuration is incorrect. Reinstalling the application may fix this problem" in win 7 it runs but doen't inject.
modified on Tuesday, April 20, 2010 3:04 PM
-
I got DLL injection example from youtube. http://www.youtube.com/watch?v=H3O3hmXkt1I For some reason it says: "Injection failed" (under indows 7) and under win xp this exe doesn't even start (i see msgbox telling me to reinstall this app). It compiles w/o errors Injector.exe
#include <iostream> #include <direct.h> #include <windows.h> #include <tlhelp32.h> using namespace std; char* GetCurrentDir() { char* szRet = (char*)malloc(MAX_PATH); _getcwd(szRet, MAX_PATH); return szRet; } LPCTSTR SzToLPCTSTR(char* szString) { LPTSTR lpszRet; size_t size = strlen(szString)+1; lpszRet = (LPTSTR)malloc(MAX_PATH); mbstowcs_s(NULL,lpszRet,size,szString,_TRUNCATE); return lpszRet; } void WaitForProcessToAppear(LPCTSTR lpcszProc, DWORD dwDelay) { HANDLE hSnap; PROCESSENTRY32 peProc; BOOL bAppeared = FALSE; while (!bAppeared) { if((hSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0)) != INVALID_HANDLE_VALUE) { peProc.dwSize = sizeof(PROCESSENTRY32); if(Process32First(hSnap, &peProc)) while(Process32Next (hSnap, &peProc) && !bAppeared) if(!lstrcmp(lpcszProc, peProc.szExeFile)) bAppeared = TRUE; } CloseHandle(hSnap); Sleep(dwDelay); } } DWORD GetProcessIdByName(LPCTSTR lpcszProc) { HANDLE hSnap; PROCESSENTRY32 peProc; DWORD dwRet = -1; if((hSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0)) != INVALID_HANDLE_VALUE) { peProc.dwSize = sizeof(PROCESSENTRY32); if(Process32First(hSnap, &peProc)) while(Process32Next (hSnap, &peProc)) if(!lstrcmp(lpcszProc, peProc.szExeFile)) dwRet = peProc.th32ProcessID; } CloseHandle(hSnap); return dwRet; } BOOL InjectDLL(DWORD dwPid, char* szDllPath) { DWORD dwMemSize; HANDLE hProc; LPVOID lpRemoteMem, lpLoadLibrary; BOOL bRet = FALSE; if((hProc = OpenProcess(PROCESS_VM_OPERATION | PROCESS_VM_WRITE | PROCESS_CREATE_THREAD, FALSE, dwPid)) != NULL) { dwMemSize = strlen(szDllPath) +1; if((lpRemoteMem = VirtualAllocEx(hProc,NULL,dwMemSize,MEM_COMMIT,PAGE_READWRITE)) != NULL) if(WriteProcessMemory(hProc, lpRemoteMem, (LPCVOID)szDllPath,dwMemSize,NULL)) { lpLoadLibrary = GetProcAddress(GetModuleHandleA("kernel32.dll"), "LoadLibraryA"); if(CreateRemoteThread(hProc, NULL, 0, (LPTHREAD_START_ROUTINE)lpLoadLibrary, lpRemoteMem, 0, NULL) != NULL) bRet = TRUE; } } CloseHandle(hProc); return bRet; } int main() { char szProc[MAX_PATH],szDWhy don't you give us something to go on? How far does execution get? If something fails, are any error being returned? What are the errors? Has the code ever worked? Is something catching fire?
Steve
-
I got DLL injection example from youtube. http://www.youtube.com/watch?v=H3O3hmXkt1I For some reason it says: "Injection failed" (under indows 7) and under win xp this exe doesn't even start (i see msgbox telling me to reinstall this app). It compiles w/o errors Injector.exe
#include <iostream> #include <direct.h> #include <windows.h> #include <tlhelp32.h> using namespace std; char* GetCurrentDir() { char* szRet = (char*)malloc(MAX_PATH); _getcwd(szRet, MAX_PATH); return szRet; } LPCTSTR SzToLPCTSTR(char* szString) { LPTSTR lpszRet; size_t size = strlen(szString)+1; lpszRet = (LPTSTR)malloc(MAX_PATH); mbstowcs_s(NULL,lpszRet,size,szString,_TRUNCATE); return lpszRet; } void WaitForProcessToAppear(LPCTSTR lpcszProc, DWORD dwDelay) { HANDLE hSnap; PROCESSENTRY32 peProc; BOOL bAppeared = FALSE; while (!bAppeared) { if((hSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0)) != INVALID_HANDLE_VALUE) { peProc.dwSize = sizeof(PROCESSENTRY32); if(Process32First(hSnap, &peProc)) while(Process32Next (hSnap, &peProc) && !bAppeared) if(!lstrcmp(lpcszProc, peProc.szExeFile)) bAppeared = TRUE; } CloseHandle(hSnap); Sleep(dwDelay); } } DWORD GetProcessIdByName(LPCTSTR lpcszProc) { HANDLE hSnap; PROCESSENTRY32 peProc; DWORD dwRet = -1; if((hSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0)) != INVALID_HANDLE_VALUE) { peProc.dwSize = sizeof(PROCESSENTRY32); if(Process32First(hSnap, &peProc)) while(Process32Next (hSnap, &peProc)) if(!lstrcmp(lpcszProc, peProc.szExeFile)) dwRet = peProc.th32ProcessID; } CloseHandle(hSnap); return dwRet; } BOOL InjectDLL(DWORD dwPid, char* szDllPath) { DWORD dwMemSize; HANDLE hProc; LPVOID lpRemoteMem, lpLoadLibrary; BOOL bRet = FALSE; if((hProc = OpenProcess(PROCESS_VM_OPERATION | PROCESS_VM_WRITE | PROCESS_CREATE_THREAD, FALSE, dwPid)) != NULL) { dwMemSize = strlen(szDllPath) +1; if((lpRemoteMem = VirtualAllocEx(hProc,NULL,dwMemSize,MEM_COMMIT,PAGE_READWRITE)) != NULL) if(WriteProcessMemory(hProc, lpRemoteMem, (LPCVOID)szDllPath,dwMemSize,NULL)) { lpLoadLibrary = GetProcAddress(GetModuleHandleA("kernel32.dll"), "LoadLibraryA"); if(CreateRemoteThread(hProc, NULL, 0, (LPTHREAD_START_ROUTINE)lpLoadLibrary, lpRemoteMem, 0, NULL) != NULL) bRet = TRUE; } } CloseHandle(hProc); return bRet; } int main() { char szProc[MAX_PATH],szDi think OpenProcess need just PROCESS_ALL_ACCESS, that is enough. Please check whether it is failing on that location Check this article API Hooking (LoadLibrary)[^] for more info. :)
Величие не Бога может быть недооценена.
-
i think OpenProcess need just PROCESS_ALL_ACCESS, that is enough. Please check whether it is failing on that location Check this article API Hooking (LoadLibrary)[^] for more info. :)
Величие не Бога может быть недооценена.
>Why don't you give us something to go on? How far does execution get? If something fails, are any error being returned? What are the errors? Has the code ever worked? Is something catching fire?
Proccess: inject.exe
DLL: test.dll
Waiting for process...
Injection failed!Proccess:
http://autoit.pri.ee/downloads/dllinject.zip >i think OpenProcess need just PROCESS_ALL_ACCESS, that is enough. >Please check whether it is failing on that location 'I tried that, same result as above