Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


Injector v3.0
Goto page 1, 2, 3  Next
 
Post new topic   Reply to topic    Cheat Engine Forum Index -> General programming -> Binaries
View previous topic :: View next topic  
Author Message
Slugsnack
Grandmaster Cheater Supreme
Reputation: 71

Joined: 24 Jan 2007
Posts: 1857

PostPosted: Tue Mar 23, 2010 8:48 am    Post subject: Injector v3.0 This post has 1 review(s) Reply with quote

Super basic injector that I found on my computer this morning. Simply enumerates all processes and allows you to do an injection.

Current 'extra' features ( latest to oldest ) :
- DLL ejection
- Auto refresh
- Delay feature added to auto injection ( defaults to 100 )
- Auto attach settings can be cleared
- Auto injection no longer requires restart and can be enabled from main injector window
- Registry options ( memory of last injection )
- Multiple injections ( probably 3 I guess ? )
- Status bar used to notify user of injection status instead of message boxes
- Auto-injection ( settings also via registry )
- Module enumeration
- Visual style manifest ( literally haven't touched this code for like a year.. )
- Checks if a module of the same name as you are trying to inject is already loaded ( to prevent attempts at multiple injections of the same DLL )


To be added :
- Option to store configurations in local XML files

Bugs to be fixed :
--------

Suggestions are always welcome and source is available on request. Quite bored lately and hacking various games so I'll probably be updating this 'soon'.

Image :
3.5 - http://img841.imageshack.us/img841/8320/22753069.png
3.4 - http://img36.imageshack.us/img36/5594/46450580.png
3.3 - http://img169.imageshack.us/img169/6105/67476631.png
3.2 - http://img31.imageshack.us/img31/3551/57466639.png
3.1 - http://img707.imageshack.us/img707/9974/10167418.png
3.0 - http://img338.imageshack.us/img338/4351/93210926.png

Download :
3.5 - http://www.ziddu.com/download/13588420/Injectorv3.5.rar.html
3.4 - http://www.ziddu.com/download/9408544/Injectorv3.4.rar.html
3.3 - http://www.ziddu.com/download/9408545/Injectorv3.2.rar.html
3.2 - http://www.ziddu.com/download/9408546/Injectorv3.1.rar.html
3.1 - http://www.ziddu.com/download/9408547/Injectorv3.3.rar.html
3.0 - http://www.ziddu.com/download/9408548/Injectorv3.0.rar.html

As I update or think of new ideas, I'll just edit this post and move things around.


Last edited by Slugsnack on Wed Feb 02, 2011 7:00 am; edited 9 times in total
Back to top
View user's profile Send private message
iPromise
Grandmaster Cheater
Reputation: -1

Joined: 27 Jun 2009
Posts: 529
Location: Canada

PostPosted: Fri Mar 26, 2010 5:21 pm    Post subject: Reply with quote

nice Smile
Back to top
View user's profile Send private message MSN Messenger
NoMercy
Master Cheater
Reputation: 1

Joined: 09 Feb 2009
Posts: 289

PostPosted: Mon Mar 29, 2010 2:08 pm    Post subject: Reply with quote

looks nice, could u post the source? Embarassed
Back to top
View user's profile Send private message
Slugsnack
Grandmaster Cheater Supreme
Reputation: 71

Joined: 24 Jan 2007
Posts: 1857

PostPosted: Mon Mar 29, 2010 5:15 pm    Post subject: Reply with quote

Current source :
Code:
#include <windows.h>
#include <windowsx.h>
#include <commctrl.h>
#pragma comment( lib, "comctl32.lib" )
#include <tlhelp32.h>
#include <tchar.h>
#include <psapi.h>
#pragma comment( lib, "psapi.lib" )
#include <shlwapi.h>
#pragma comment( lib, "shlwapi.lib" )
#include "resource.h"

TCHAR szAutoAttach[256];
DWORD dwPID;

int nIDClear[3]         = { IDC_CLEAR1, IDC_CLEAR2, IDC_CLEAR3 };
int nIDClearSettings[3] = { IDC_CLEARAUTOATTACH1, IDC_CLEARAUTOATTACH2, IDC_CLEARAUTOATTACH3 };
int nSettingFields[3]   = { IDC_AUTOATTACHPROCESS, IDC_AUTOATTACHDLLPATH, IDC_DELAY };
int nIDPaths[3]         = { IDC_DLLPATH1, IDC_DLLPATH2, IDC_DLLPATH3 };
int nIDPathButtons[3]   = { IDC_DLLPATHBTN1, IDC_DLLPATHBTN2, IDC_DLLPATHBTN3 };
int nIDButtons[3]       = { IDC_INJECT1, IDC_INJECT2, IDC_INJECT3 };
int nIDStatus[3]        = { IDC_INJECTSTATUS1, IDC_INJECTSTATUS2, IDC_INJECTSTATUS3 };
LPTSTR lpRegValues[3]   = { _T("Last Injected 1"), _T("Last Injected 2"), _T("Last Injected 3") };

BOOL GetAutoAttachStatus( LPTSTR szStatus, size_t numberOfElements ) {
  BOOL  bAutoAttach    = FALSE;
  DWORD cbData         = sizeof( szAutoAttach );
  TCHAR szDLLPath[256] = {0};

  if( RegGetValue( HKEY_CURRENT_USER, _T("Software\\Injector"), _T("Auto Attach Process"),
      RRF_RT_REG_SZ, NULL, szAutoAttach, &cbData ) == ERROR_SUCCESS ) {
    if( cbData == sizeof TCHAR ) {
      _tcscpy_s( szStatus, numberOfElements, _T("No process specified") );
    }
    else {
      _tcscpy_s( szStatus, numberOfElements, _T("Auto-Attach enabled and targeting ") );
      _tcscat_s( szStatus, numberOfElements, szAutoAttach );

      cbData = sizeof( szDLLPath );

      if( RegGetValue( HKEY_CURRENT_USER, _T("Software\\Injector"), _T("Auto Attach DLL"),
          RRF_RT_REG_SZ, NULL, szDLLPath, &cbData ) == ERROR_SUCCESS ) {
        if( PathFileExists( szDLLPath ) )
          bAutoAttach = TRUE;
        else
          _tcscpy_s( szStatus, numberOfElements, _T("Invalid DLL Path for Auto-Attach") );
      }
    }
  }
  else
    _tcscpy_s( szStatus, numberOfElements, _T("Invalid Auto-Attach Process") );

  return bAutoAttach;
}

void ClearModuleList( HWND hWndList ) {
  ListView_DeleteAllItems( hWndList );
}

HANDLE ModuleExists( DWORD dwPID, LPTSTR szDLLName ) {
  HANDLE        hReturn   = NULL;
  HANDLE        hSnapshot = CreateToolhelp32Snapshot( TH32CS_SNAPMODULE, dwPID );
  TCHAR         szPathStripped[256];
  MODULEENTRY32 ModuleStruct;

  _tcscpy_s( szPathStripped, _countof( szPathStripped ), szDLLName );
  PathStripPath( szPathStripped );
  ModuleStruct.dwSize = sizeof ModuleStruct;
  Module32First( hSnapshot, &ModuleStruct );

  do {
    if( !_tcsicmp( szPathStripped, ( LPTSTR )&ModuleStruct.szModule ) ) {
      hReturn = ModuleStruct.hModule;
      break;
    }
  }
  while( Module32Next( hSnapshot, &ModuleStruct ) );

  CloseHandle( hSnapshot );
  return hReturn;
}

BOOL EjectDLL( DWORD dwPID, HANDLE hModule ) {
  HANDLE hProcess  = OpenProcess( PROCESS_CREATE_THREAD |
                         PROCESS_QUERY_INFORMATION | PROCESS_VM_OPERATION |
                         PROCESS_VM_WRITE | PROCESS_VM_READ, FALSE, dwPID );

  HANDLE hThread   = CreateRemoteThread( hProcess, NULL, NULL,
                         (LPTHREAD_START_ROUTINE)( GetProcAddress( GetModuleHandle( _T("kernel32.dll") ),
                         "FreeLibrary" ) ), hModule, NULL, NULL );

  CloseHandle( hProcess );
  CloseHandle( hThread );
  return hThread != 0;
}

BOOL InjectDLL( DWORD dwPID, LPTSTR szDLLPath ) {
  HANDLE hProcess  = OpenProcess( PROCESS_CREATE_THREAD |
                         PROCESS_QUERY_INFORMATION | PROCESS_VM_OPERATION |
                         PROCESS_VM_WRITE | PROCESS_VM_READ, FALSE, dwPID );

  int cszDLL       = _tcslen( szDLLPath )*sizeof TCHAR;
  LPVOID lpAddress = VirtualAllocEx( hProcess, NULL, cszDLL, MEM_COMMIT, PAGE_EXECUTE_READWRITE );
  WriteProcessMemory( hProcess, lpAddress, szDLLPath, cszDLL, NULL );
  HANDLE hThread   = CreateRemoteThread( hProcess, NULL, NULL,
                         (LPTHREAD_START_ROUTINE)( GetProcAddress( GetModuleHandle( _T("kernel32.dll") ),
                         "LoadLibraryW" ) ), lpAddress, NULL, NULL );

  Sleep( 100 );
  VirtualFreeEx( hProcess, lpAddress, NULL, MEM_RELEASE );
  CloseHandle( hProcess );
  CloseHandle( hThread );
  return hThread != 0;
}

void SingleInjection( HWND hwndDlg, int nIDDlgItem ) {
  TCHAR szDLLPath[256] = {0};
  int nIDStatusLoc, nIDSelectDLLLoc;

  for( int i = 0; i < _countof( nIDPaths ); i++ ) {
    if( nIDPaths[i] == nIDDlgItem ) {
      nIDStatusLoc    = nIDStatus[i];
      nIDSelectDLLLoc = nIDPathButtons[i];
    }
  }

  GetDlgItemText( hwndDlg, nIDDlgItem, szDLLPath, sizeof szDLLPath );
 
  if( PathFileExists( szDLLPath ) ) {
    TCHAR szPID[16];
    HWND  hWndProcessList = GetDlgItem( hwndDlg, IDC_PROCESSLIST );
    HWND  hWndModuleList  = GetDlgItem( hwndDlg, IDC_MODULELIST );
   
    ListView_GetItemText( hWndProcessList, ListView_GetSelectionMark( hWndProcessList ), 1, szPID, _countof( szPID ) );
    SetDlgItemText( hwndDlg, nIDStatusLoc,
        InjectDLL( _tstoi( szPID ), szDLLPath ) ? _T("Injection successful !!") : _T("Injection failed") );

    if( HANDLE hProcess = OpenProcess( PROCESS_QUERY_INFORMATION | PROCESS_VM_READ, FALSE, _tstoi( szPID ) ) )
      CloseHandle( hProcess );
    else
      ClearModuleList( hWndModuleList );

    NMLISTVIEW nmlw;
    nmlw.hdr.code     = LVN_ITEMCHANGED;
    nmlw.hdr.hwndFrom = GetDlgItem( hwndDlg, IDC_PROCESSLIST );
    nmlw.iItem        = ListView_GetSelectionMark( GetDlgItem( hwndDlg, IDC_PROCESSLIST ) );

    SendMessage( hwndDlg, WM_NOTIFY, 0, ( LPARAM )&nmlw );
  }
  else
    SendMessage( hwndDlg, WM_COMMAND, nIDSelectDLLLoc, NULL );
}

BOOL GetDLLPath( HWND hwndDlg, LPTSTR szDLLPath, DWORD nMaxFile ) {
  OPENFILENAME ofn = {0};

  ofn.lStructSize = sizeof ofn;
  ofn.hwndOwner   = hwndDlg;
  ofn.lpstrFilter = _T("DLL Files\0*.dll\0\0");
  ofn.hInstance   = GetModuleHandle( NULL );
  ofn.lpstrFile   = szDLLPath;
  ofn.nMaxFile    = nMaxFile;
  ofn.lpstrTitle  = _T("Select DLL to Inject");
  ofn.Flags       = OFN_EXPLORER | OFN_FILEMUSTEXIST | OFN_LONGNAMES | OFN_HIDEREADONLY;

  return GetOpenFileName( &ofn );
}

void SelectDLLPath( HWND hwndDlg, int nIDDlgItem ) {
  TCHAR szDLLPath[256] = {0};
  HKEY  hkResult;
  LPTSTR lpValueNameLoc;
  int nIDStatusLoc;
 
  for( int i = 0; i < _countof( nIDPaths ); i++ ) {
    if( nIDPaths[i] == nIDDlgItem ) {
      nIDStatusLoc   = nIDStatus[i];
      lpValueNameLoc = lpRegValues[i];
    }
  }
 
  if( GetDLLPath( hwndDlg, szDLLPath, _countof( szDLLPath ) ) ) {
    SetDlgItemText( hwndDlg, nIDDlgItem, szDLLPath );
    SetDlgItemText( hwndDlg, nIDStatusLoc, NULL );

    if( RegCreateKeyEx( HKEY_CURRENT_USER, _T("Software\\Injector"), NULL, NULL,
        REG_OPTION_NON_VOLATILE, KEY_ALL_ACCESS, NULL, &hkResult, NULL ) == ERROR_SUCCESS ) {
      RegSetValueEx( hkResult, lpValueNameLoc, 0, REG_SZ,
          ( const BYTE * )szDLLPath, ( _tcsclen( szDLLPath ) + 1 ) * sizeof TCHAR );
      RegCloseKey( hkResult );
    }
  }

  NMLISTVIEW nmlw;
  nmlw.hdr.code     = LVN_ITEMCHANGED;
  nmlw.hdr.hwndFrom = GetDlgItem( hwndDlg, IDC_PROCESSLIST );
  nmlw.iItem        = ListView_GetSelectionMark( GetDlgItem( hwndDlg, IDC_PROCESSLIST ) );

  SendMessage( hwndDlg, WM_NOTIFY, 0, ( LPARAM )&nmlw );
}

void ClearDLLPath( HWND hwndDlg, int nIDDlgItem ) {
  HKEY hkResult;
  int nIDStatusLoc, nIDInjectLoc;

  for( int i = 0; i < _countof( nIDPaths ); i++ ) {
    if( nIDPaths[i] == nIDDlgItem ) {
      nIDStatusLoc = nIDStatus[i];
      nIDInjectLoc = nIDButtons[i];
    }
  }

  SetDlgItemText( hwndDlg, nIDDlgItem, NULL );
  SetDlgItemText( hwndDlg, nIDStatusLoc, NULL );
  EnableWindow( GetDlgItem( hwndDlg, nIDInjectLoc ), FALSE );

  if( RegCreateKeyEx( HKEY_CURRENT_USER, _T("Software\\Injector"), NULL, NULL,
      REG_OPTION_NON_VOLATILE, KEY_ALL_ACCESS, NULL, &hkResult, NULL ) == ERROR_SUCCESS ) {
    for( int i = 0; i < _countof( nIDPaths ); i++ )
      if( nIDPaths[i] == nIDDlgItem )
        RegSetValueEx( hkResult, lpRegValues[i], 0, REG_SZ, NULL, NULL );

    RegCloseKey( hkResult );
  }
}

void InitProcessList( HWND hwndDlg, int nIDDlgItem ) {
  HWND hWndProcessList = GetDlgItem( hwndDlg, nIDDlgItem );
  LVCOLUMN lvc;

  lvc.mask = LVCF_FMT | LVCF_WIDTH | LVCF_TEXT | LVCF_SUBITEM;

  for( int iCol = 0; iCol < 2; iCol++ ) {
    lvc.iSubItem = iCol;
    lvc.pszText  = iCol ? _T("PID") : _T("Process Name");
    lvc.cx       = 150;
    lvc.fmt      = LVCFMT_LEFT;
    ListView_InsertColumn( hWndProcessList, iCol, &lvc );
  }

  ListView_SetColumnWidth( hWndProcessList, 1, LVSCW_AUTOSIZE_USEHEADER );
}

void InitModuleList( HWND hwndDlg, int nIDDlgItem ) {
  HWND hWndModuleList = GetDlgItem( hwndDlg, nIDDlgItem );
  LVCOLUMN lvc;

  lvc.mask     = LVCF_FMT | LVCF_WIDTH | LVCF_TEXT | LVCF_SUBITEM;
  lvc.iSubItem = 0;
  lvc.pszText  = _T("Modules");
  lvc.cx       = 150;
  lvc.fmt      = LVCFMT_LEFT;
  ListView_InsertColumn( hWndModuleList, 0, &lvc );
  ListView_SetColumnWidth( hWndModuleList, 0, LVSCW_AUTOSIZE_USEHEADER );
}

void FillProcessList( HWND hwndDlg, int nIDDlgItem ) {
  PROCESSENTRY32 ProcessStruct;
  HWND hWndProcessList = GetDlgItem( hwndDlg, nIDDlgItem );
  HANDLE hSnapshot  = CreateToolhelp32Snapshot( TH32CS_SNAPPROCESS, NULL );
  LVITEM lvI = {0};
  TCHAR str[16];

  ListView_DeleteAllItems( hWndProcessList );

  ProcessStruct.dwSize = sizeof ProcessStruct;
  Process32First( hSnapshot, &ProcessStruct );

  int iIndex;
  lvI.mask     = LVIF_TEXT;
  lvI.iItem    = 500;
  lvI.iSubItem = 0;
  lvI.pszText  = str;

  do {
    _ultot_s( ProcessStruct.th32ProcessID, str, _countof( str ), 10 );

    iIndex = ListView_InsertItem( hWndProcessList, &lvI );
    ListView_SetItemText( hWndProcessList, iIndex, 0, (LPTSTR)&ProcessStruct.szExeFile );
    ListView_SetItemText( hWndProcessList, iIndex, 1, str );
  }
  while( Process32Next( hSnapshot, &ProcessStruct ) );

  CloseHandle( hSnapshot );

  _ultot_s( iIndex + 1, str, _countof( str ), 10 );
  SetWindowText( GetDlgItem( hwndDlg, IDC_NUMPROCESSES ), str );
  SetWindowText( GetDlgItem( hwndDlg, IDC_NAME ), _T("N/A") );
  ClearModuleList( GetDlgItem( hwndDlg, IDC_MODULELIST ) );
}

void FillModuleList( DWORD dwPID, HWND hWndModuleList ) {
  MODULEENTRY32 ModuleStruct;
  HANDLE hSnapshot = CreateToolhelp32Snapshot( TH32CS_SNAPMODULE, dwPID );
  LVITEM lvI       = {0};

  ListView_DeleteAllItems( hWndModuleList );

  ModuleStruct.dwSize = sizeof ModuleStruct;
  Module32First( hSnapshot, &ModuleStruct );

  int iIndex;
  lvI.mask     = LVIF_TEXT;
  lvI.iItem    = 500;
  lvI.iSubItem = 0;
  lvI.pszText = ( LPTSTR )&ModuleStruct.szModule;

  do
    iIndex = ListView_InsertItem( hWndModuleList, &lvI );
  while( Module32Next( hSnapshot, &ModuleStruct ) );

  CloseHandle( hSnapshot );
}

INT_PTR CALLBACK SettingsProc( HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lParam ) {
  switch( uMsg ) {
    case WM_INITDIALOG: {
      DWORD dwAutoAttach, dwDelay;
      DWORD cbData = sizeof DWORD;
      TCHAR szName[256];

      if( RegGetValue( HKEY_CURRENT_USER, _T("Software\\Injector"), _T("Auto Attach"),
          RRF_RT_REG_DWORD, NULL, &dwAutoAttach, &cbData ) == ERROR_SUCCESS )
        if( dwAutoAttach == 1 )
          Button_SetCheck( GetDlgItem( hwndDlg, IDC_AUTOATTACH ), BST_CHECKED );

      cbData = sizeof( szName );
      if( RegGetValue( HKEY_CURRENT_USER, _T("Software\\Injector"), _T("Auto Attach Process"),
          RRF_RT_REG_SZ, NULL, szName, &cbData ) == ERROR_SUCCESS )
        SetDlgItemText( hwndDlg, IDC_AUTOATTACHPROCESS, szName );

      cbData = sizeof( szName );
      if( RegGetValue( HKEY_CURRENT_USER, _T("Software\\Injector"), _T("Auto Attach DLL"),
          RRF_RT_REG_SZ, NULL, szName, &cbData ) == ERROR_SUCCESS )
        SetDlgItemText( hwndDlg, IDC_AUTOATTACHDLLPATH, szName );

      cbData = sizeof( DWORD );
      if( RegGetValue( HKEY_CURRENT_USER, _T("Software\\Injector"), _T("Auto Attach Delay"),
          RRF_RT_REG_DWORD, NULL, &dwDelay, &cbData ) == ERROR_SUCCESS )
        SetDlgItemInt( hwndDlg, IDC_DELAY, dwDelay, FALSE );
      else
        SetDlgItemInt( hwndDlg, IDC_DELAY, 100, FALSE );

      return TRUE;
    }
    case WM_COMMAND: {
      switch( LOWORD( wParam ) ) {
        case IDC_AUTOATTACH: {
          HKEY  hkResult;
          DWORD dwData = ( Button_GetCheck( GetDlgItem( hwndDlg, IDC_AUTOATTACH ) ) == BST_CHECKED ) ? 1 : 0;

          if( RegCreateKeyEx( HKEY_CURRENT_USER, _T("Software\\Injector"), NULL, NULL,
              REG_OPTION_NON_VOLATILE, KEY_ALL_ACCESS, NULL, &hkResult, NULL ) == ERROR_SUCCESS ) {
            RegSetValueEx( hkResult, _T("Auto Attach"), 0, REG_DWORD, ( const BYTE * )&dwData, sizeof DWORD );
            RegCloseKey( hkResult );
          }
          break;
        }
        case IDC_DLLPATHBTN: {
          TCHAR szDLLPath[256] = {0};

          if( GetDLLPath( hwndDlg, szDLLPath, _countof( szDLLPath ) ) )
            SetDlgItemText( hwndDlg, IDC_AUTOATTACHDLLPATH, szDLLPath );

          break;
        }
        case IDC_CLEARAUTOATTACH1:
        case IDC_CLEARAUTOATTACH2:
        case IDC_CLEARAUTOATTACH3:
          for( int i = 0; i < _countof( nIDClearSettings ); i++ ) {
            if( nIDClearSettings[i] == LOWORD( wParam ) ) {
              if( i == 0 || i == 1 )
                SetDlgItemText( hwndDlg, nSettingFields[i], NULL );
              else
                SetDlgItemInt( hwndDlg, nSettingFields[i], 100, FALSE );
            }
          }
          break;
        case IDC_RESET:
          for( int i = 0; i < _countof( nIDClearSettings ); i++ )
            SendMessage( hwndDlg, WM_COMMAND, MAKEWPARAM( nIDClearSettings[i], 0 ), 0 );
          break;
        default:
          return FALSE;
      }
      return TRUE;
    }
    case WM_CLOSE: {
      HKEY  hkResult;
      TCHAR szName[256] = {0};

      if( RegCreateKeyEx( HKEY_CURRENT_USER, _T("Software\\Injector"), NULL, NULL, REG_OPTION_NON_VOLATILE,
          KEY_ALL_ACCESS, NULL, &hkResult, NULL ) == ERROR_SUCCESS ) {
        GetDlgItemText( hwndDlg, IDC_AUTOATTACHPROCESS, szName, _countof( szName ) );
        RegSetValueEx( hkResult, _T("Auto Attach Process"), 0, REG_SZ,
            ( const BYTE * )szName, ( _tcsclen( szName ) + 1 ) * sizeof TCHAR );
        GetDlgItemText( hwndDlg, IDC_AUTOATTACHDLLPATH, szName, _countof( szName ) );
        RegSetValueEx( hkResult, _T("Auto Attach DLL"), 0, REG_SZ,
            ( const BYTE * )szName, ( _tcsclen( szName ) + 1 ) * sizeof TCHAR );
        DWORD dwDelay = GetDlgItemInt( hwndDlg, IDC_DELAY, NULL, FALSE );
        RegSetValueEx( hkResult, _T("Auto Attach Delay"), 0, REG_DWORD,
            ( const BYTE * )&dwDelay, sizeof DWORD );
        RegCloseKey( hkResult );
      }
      EndDialog( hwndDlg, NULL );
      return TRUE;
    }
    default:
      return FALSE;
  }
}

INT_PTR CALLBACK DialogProc( HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lParam ) {
  switch( uMsg ) {
    case WM_INITDIALOG: {
      InitModuleList( hwndDlg, IDC_MODULELIST );
      InitProcessList( hwndDlg, IDC_PROCESSLIST );
      FillProcessList( hwndDlg, IDC_PROCESSLIST );
      DWORD dwStyle = SendMessage( GetDlgItem( hwndDlg, IDC_PROCESSLIST ), LVM_GETEXTENDEDLISTVIEWSTYLE, 0, 0 );
      SendMessage( GetDlgItem( hwndDlg, IDC_PROCESSLIST ), LVM_SETEXTENDEDLISTVIEWSTYLE, 0, dwStyle | LVS_EX_FULLROWSELECT );

      TCHAR szStatus[256]  = {0};
      DWORD cbData         = sizeof DWORD;
      DWORD dwAutoAttach;

      if( RegGetValue( HKEY_CURRENT_USER, _T("Software\\Injector"), _T("Auto Attach"),
          RRF_RT_REG_DWORD, NULL, &dwAutoAttach, &cbData ) == ERROR_SUCCESS )
        if( dwAutoAttach == 1 ) {
          CheckDlgButton( hwndDlg, IDC_TOGGLEAUTOATTACH, BST_CHECKED );
          SendMessage( hwndDlg, WM_COMMAND, MAKEWPARAM( IDC_TOGGLEAUTOATTACH, 0 ), 0 );
        }

      for( int i = 0; i < _countof( lpRegValues ); i++ ) {
        cbData = sizeof( szStatus );

        if( RegGetValue( HKEY_CURRENT_USER, _T("Software\\Injector"), lpRegValues[i],
            RRF_RT_REG_SZ, NULL, szStatus, &cbData ) == ERROR_SUCCESS )
          SetDlgItemText( hwndDlg, nIDPaths[i], szStatus );
      }

      return TRUE;
    }
    case WM_TIMER: {
      switch( wParam ) {
        case 0: {
          PROCESSENTRY32 pe32;

          HANDLE hSnapshot = CreateToolhelp32Snapshot( TH32CS_SNAPPROCESS, NULL );
          pe32.dwSize      = sizeof pe32;
          Process32First( hSnapshot, &pe32 );

          do
            if( !_tcscmp( szAutoAttach, ( const TCHAR * )&pe32.szExeFile ) ) {
              DWORD dwDelay = 100;
              DWORD cbData  = sizeof DWORD;
              dwPID         = pe32.th32ProcessID; // set global PID variable
              RegGetValue( HKEY_CURRENT_USER, _T("Software\\Injector"), _T("Auto Attach Delay"),
                  RRF_RT_REG_DWORD, NULL, &dwDelay, &cbData );
              SetDlgItemText( hwndDlg, IDC_STATUSBAR, _T("Pausing for delay..") );
              SetTimer( hwndDlg, 2, dwDelay, NULL );
              KillTimer( hwndDlg, wParam );
              break;
            }
          while( Process32Next( hSnapshot, &pe32 ) );

          CloseHandle( hSnapshot );
          break;
        }
        case 1:
          SetDlgItemText( hwndDlg, IDC_STATUSBAR, NULL );
          KillTimer( hwndDlg, wParam );
          break;
        case 2: {
          TCHAR szDLLPath[256] = {0};
          DWORD cbData         = sizeof szDLLPath;

          RegGetValue( HKEY_CURRENT_USER, _T("Software\\Injector"), _T("Auto Attach DLL"),
              RRF_RT_REG_SZ, NULL, szDLLPath, &cbData );
          SetDlgItemText( hwndDlg, IDC_STATUSBAR,
              InjectDLL( dwPID, szDLLPath ) ? _T("Auto-Injection successful !!") : _T("Auto-Injection failed") );
          CheckDlgButton( hwndDlg, IDC_TOGGLEAUTOATTACH, BST_UNCHECKED );
          SetTimer( hwndDlg, 1, 10000, NULL );
          KillTimer( hwndDlg, wParam );
          break;
        }
        default:
          return FALSE;
      }
      return TRUE;
    }
    case WM_CLOSE:
      EndDialog( hwndDlg, NULL );
      return TRUE;
    case WM_COMMAND: {
      switch( LOWORD( wParam ) ) {
        case IDCLOSE:
          SendMessage( hwndDlg, WM_CLOSE, NULL, NULL );
          break;
        case IDC_REFRESH:
          FillProcessList( hwndDlg, IDC_PROCESSLIST );
          for( int i = 0; i < _countof( nIDStatus ); i++ )
            SetDlgItemText( hwndDlg, nIDStatus[i], 0 );
          break;
        case IDC_SETTINGS:
          DialogBoxParam( GetModuleHandle( NULL ), MAKEINTRESOURCE( IDD_SETTINGS ), hwndDlg, SettingsProc, NULL );
          break;
        case IDC_CLEAR1:
        case IDC_CLEAR2:
        case IDC_CLEAR3:
          for( int i = 0; i < _countof( nIDClear ); i++ )
            if( nIDClear[i] == LOWORD( wParam ) )
              ClearDLLPath( hwndDlg, nIDPaths[i] );
          break;
        case IDC_DLLPATHBTN1:
        case IDC_DLLPATHBTN2:
        case IDC_DLLPATHBTN3:
          for( int i = 0; i < _countof( nIDPathButtons ); i++ )
            if( nIDPathButtons[i] == LOWORD( wParam ) )
              SelectDLLPath( hwndDlg, nIDPaths[i] );
          break;
        case IDC_INJECT1:
        case IDC_INJECT2:
        case IDC_INJECT3:
          for( int i = 0; i < _countof( nIDButtons ); i++ )
            if( nIDButtons[i] == LOWORD( wParam ) )
              SingleInjection( hwndDlg, nIDPaths[i] );
          break;
        case IDC_INJECTALL:
          for( int i = 0; i < _countof( nIDPaths ); i++ )
            if( GetWindowTextLength( GetDlgItem( hwndDlg, nIDPaths[i] ) ) && IsWindowEnabled( GetDlgItem( hwndDlg, nIDButtons[i] ) ) )
              SendMessage( hwndDlg, WM_COMMAND, MAKEWPARAM( nIDButtons[i], 0 ), 0 );
          break;
        case IDC_TOGGLEAUTOATTACH: {
          TCHAR szStatus[256];

          if( Button_GetCheck( GetDlgItem( hwndDlg, IDC_TOGGLEAUTOATTACH ) ) == BST_CHECKED ) {
            if( GetAutoAttachStatus( szStatus, _countof( szStatus ) ) )
              SetTimer( hwndDlg, 0, 100, NULL );

            SetDlgItemText( hwndDlg, IDC_STATUSBAR, szStatus );
          } 
          else {
            KillTimer( hwndDlg, 0 );
            KillTimer( hwndDlg, 2 );
            SetDlgItemText( hwndDlg, IDC_STATUSBAR, _T("Auto-Attach disabled") );
            SetTimer( hwndDlg, 1, 10000, NULL );
          }
          break;
        }
        case ID_FREE: {
          DWORD dwPID;
          TCHAR szPID[16];
          TCHAR szDLL[256];

          HWND hWndProcessList = GetDlgItem( hwndDlg, IDC_PROCESSLIST );
          HWND hWndModuleList  = GetDlgItem( hwndDlg, IDC_MODULELIST );
          ListView_GetItemText( hWndProcessList, ListView_GetSelectionMark( hWndProcessList ), 1, szPID, _countof( szPID ) );
          ListView_GetItemText( hWndModuleList, ListView_GetSelectionMark( hWndModuleList ), 0, szDLL, _countof( szDLL ) );
          dwPID = _tstoi( szPID );

          SetDlgItemText( hwndDlg, IDC_STATUSBAR, EjectDLL( dwPID, ModuleExists( dwPID, szDLL ) ) ?
              _T("Module successfully ejected !") : _T("DLL ejection failed !") );

          FillModuleList( dwPID, hWndModuleList );
          SetTimer( hwndDlg, 1, 10000, NULL );
        }
        default:
          return FALSE;
      }
      return TRUE;
    }
    case WM_NOTIFY: {
      if( ( ( LPNMHDR )lParam ) -> hwndFrom == GetDlgItem( hwndDlg, IDC_PROCESSLIST ) ) {
        if( ( ( LPNMHDR )lParam ) -> code == LVN_ITEMCHANGED ) {
          int iIndex = ( ( LPNMLISTVIEW )lParam ) -> iItem;

          if( iIndex != -1 ) {
            HANDLE hProcess;
            TCHAR  szPID[16];
            TCHAR  szProcess[256];
            TCHAR  szFileName[256];
            TCHAR  szDLLPath[256];
            UINT   nCopied;
            HWND   hWndModuleList  = GetDlgItem( hwndDlg, IDC_MODULELIST );
            HWND   hWndProcessList = GetDlgItem( hwndDlg, IDC_PROCESSLIST );

            ListView_GetItemText( hWndProcessList, iIndex, 0, szProcess, _countof( szFileName ) );
            ListView_GetItemText( hWndProcessList, iIndex, 1, szPID, _countof( szPID ) );

            if( hProcess = OpenProcess( PROCESS_QUERY_INFORMATION | PROCESS_VM_READ, FALSE, _tstoi( szPID ) ) ) {
              GetModuleFileNameEx( hProcess, NULL, szFileName, _countof( szFileName ) );
              FillModuleList( _tstoi( szPID ), hWndModuleList );
            }

            SetWindowText( GetDlgItem( hwndDlg, IDC_NAME ), szProcess );
            SetDlgItemText( hwndDlg, IDC_PATH, hProcess ? szFileName : _T("N/A") );

            for( int i = 0; i < _countof( nIDPaths ); i++ ) {
              nCopied = GetDlgItemText( hwndDlg, nIDPaths[i], szDLLPath, _countof( szDLLPath ) );
              EnableWindow( GetDlgItem( hwndDlg, nIDButtons[i] ), hProcess != 0
                  && nCopied != 0 && ModuleExists( _tstoi( szPID ), szDLLPath ) == NULL );
            }

            if( hProcess )
              CloseHandle( hProcess );
            else
              ClearModuleList( hWndModuleList );
          }
        }
        return TRUE;
      }
    }
    case WM_CONTEXTMENU: {
      int nCtrlID = GetDlgCtrlID( ( HWND )wParam );

      switch( nCtrlID ) {
        case IDC_MODULELIST: {
          HMENU hMenuTrackPopup, hMenu;
          POINT pt;

          pt.x = GET_X_LPARAM( lParam );
          pt.y = GET_Y_LPARAM( lParam );

          if( pt.x == -1 && pt.y == -1 )
            GetCursorPos( &pt );

          hMenu           = LoadMenu( GetModuleHandle( NULL ), MAKEINTRESOURCE( IDR_MENU1 ) );
          hMenuTrackPopup = GetSubMenu( hMenu, 0 );

          TrackPopupMenu(hMenuTrackPopup, TPM_LEFTALIGN | TPM_TOPALIGN | TPM_LEFTBUTTON, pt.x, pt.y, 0, hwndDlg, NULL);
          DestroyMenu( hMenu );
          break;
        }
        default:
          return FALSE;
      }
      return TRUE;
    }
    default:
      return FALSE;
  }
}

int WINAPI WinMain( HINSTANCE hInstance, HINSTANCE hPrevInstance, LPSTR lpCmdLine, int nShowCmd ) {
  INITCOMMONCONTROLSEX ICCEx = { sizeof ICCEx, ICC_STANDARD_CLASSES || ICC_WIN95_CLASSES };
  InitCommonControlsEx(&ICCEx);

  HANDLE hToken;
  TOKEN_PRIVILEGES tp;
  HANDLE hProcess = OpenProcess( PROCESS_ALL_ACCESS, FALSE, GetCurrentProcessId() );

  tp.PrivilegeCount = 1;
  LookupPrivilegeValue( NULL, _T("SeDebugPrivilege"), &tp.Privileges[0].Luid );
  tp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
  OpenProcessToken( hProcess, TOKEN_ADJUST_PRIVILEGES, &hToken );

  AdjustTokenPrivileges( hToken, FALSE, &tp, NULL, NULL, NULL );
  CloseHandle( hToken );
  CloseHandle( hProcess );

  DialogBoxParam( hInstance, MAKEINTRESOURCE( IDD_INJECTOR ), NULL, &DialogProc, NULL );

  return 0;
}
Back to top
View user's profile Send private message
hackerdvm
Master Cheater
Reputation: -1

Joined: 23 Nov 2008
Posts: 385
Location: On the computer hacking

PostPosted: Tue Apr 06, 2010 12:50 pm    Post subject: Reply with quote

Slugsnack do wana explain how it works any anti detection?
_________________
MASTER HACKER ALL HAIL KAPPA

JACKPOT BOIS!!! https://www.youtube.com/watch?v=qwMuMSPW3bU
Back to top
View user's profile Send private message
Slugsnack
Grandmaster Cheater Supreme
Reputation: 71

Joined: 24 Jan 2007
Posts: 1857

PostPosted: Tue Apr 06, 2010 2:35 pm    Post subject: Reply with quote

hackerdvm wrote:
Slugsnack do wana explain how it works any anti detection?

Detections usually work in 2 main methods. One is by byte signature. Since this is a quite recent binary, it's unlikely they'd have issued a byte signature already for detecting it. On top of that, injectors tend not to be the parts to be detected, but the DLLs they inject. The second way is by blocking the method of injection. If this particular method IS blocked, then the injector wouldn't work.

To put it simply, I have put no anti-detection measures mostly because in the vast majority of cases, but more importantly in my specific case, it is unnecessary.

If you want, I could add an option so after injection, the injector will close straight away. That way, even scanning byte signatures would not work.
Back to top
View user's profile Send private message
hcavolsdsadgadsg
I'm a spammer
Reputation: 26

Joined: 11 Jun 2007
Posts: 5801

PostPosted: Tue Apr 06, 2010 3:51 pm    Post subject: Reply with quote

I'd probably rather have it generate a little text file for settings than use the registry
Back to top
View user's profile Send private message
Slugsnack
Grandmaster Cheater Supreme
Reputation: 71

Joined: 24 Jan 2007
Posts: 1857

PostPosted: Tue Apr 06, 2010 5:48 pm    Post subject: Reply with quote

Well yes, you could use GetPrivateProfileInt() and that family of functions but it even says on its documentation page :
Quote:
Note This function is provided only for compatibility with 16-bit Windows-based applications. Applications should store initialization information in the registry.


I did see a cool little POC code where settings were stored by making the program polymorphic though..
Back to top
View user's profile Send private message
Flyte
Peanuts!!!!
Reputation: 6

Joined: 19 Apr 2006
Posts: 1887
Location: Canada

PostPosted: Tue Apr 06, 2010 6:35 pm    Post subject: Reply with quote

Slugsnack wrote:
Well yes, you could use GetPrivateProfileInt() and that family of functions but it even says on its documentation page :
Quote:
Note This function is provided only for compatibility with 16-bit Windows-based applications. Applications should store initialization information in the registry.


I did see a cool little POC code where settings were stored by making the program polymorphic though..


He means handling the file manually. I'd recommend some sort of XML structure, personally.
Back to top
View user's profile Send private message
Slugsnack
Grandmaster Cheater Supreme
Reputation: 71

Joined: 24 Jan 2007
Posts: 1857

PostPosted: Wed Apr 07, 2010 8:51 am    Post subject: Reply with quote

Flyte wrote:
Slugsnack wrote:
Well yes, you could use GetPrivateProfileInt() and that family of functions but it even says on its documentation page :
Quote:
Note This function is provided only for compatibility with 16-bit Windows-based applications. Applications should store initialization information in the registry.


I did see a cool little POC code where settings were stored by making the program polymorphic though..


He means handling the file manually. I'd recommend some sort of XML structure, personally.

Well yes, it's definitely doable. It's easy enough to do with _tcstok_s(), _stscanf_s(), etc. For the future, I'd consider having an option of an XML file in %LOCALAPPDATA%. Handling XML config files is a lot more convenient in .NET than C, unfortunately.
Back to top
View user's profile Send private message
Womanizer
Grandmaster Cheater
Reputation: 2

Joined: 30 May 2009
Posts: 958

PostPosted: Sun May 02, 2010 3:02 am    Post subject: Reply with quote

Dude very nice. But does it detect?

Back to top
View user's profile Send private message
Slugsnack
Grandmaster Cheater Supreme
Reputation: 71

Joined: 24 Jan 2007
Posts: 1857

PostPosted: Sun May 02, 2010 4:51 am    Post subject: Reply with quote

Detect what ?
Back to top
View user's profile Send private message
Stylo
Grandmaster Cheater Supreme
Reputation: 3

Joined: 16 May 2007
Posts: 1073
Location: Israel

PostPosted: Sun May 02, 2010 4:52 am    Post subject: Reply with quote

awesome job
auto refresher for processes list would be nice (as task manager does)
anywayz awesome
like your writing style
Back to top
View user's profile Send private message
Slugsnack
Grandmaster Cheater Supreme
Reputation: 71

Joined: 24 Jan 2007
Posts: 1857

PostPosted: Sun May 02, 2010 4:55 am    Post subject: Reply with quote

_DoR wrote:
awesome job
auto refresher for processes list would be nice (as task manager does)
anywayz awesome
like your writing style

Yeah, will add auto-refresh, good idea. I originally deliberately did not add that because I wasn't sure how to do it without having the listview constantly blinking in and out of view. I think I have a good idea on how to fix that now though. Freeing library is also working ( gave up on killing the library threads first.. I think how it is is fine ). After my exams ( about 2 weeks ), I'll fix up my code, add auto-refresh and make a new release.

I'm sort of still considering whether to add XML settings.. Not keen on the extra bloat that will result from that : /
Back to top
View user's profile Send private message
Stylo
Grandmaster Cheater Supreme
Reputation: 3

Joined: 16 May 2007
Posts: 1073
Location: Israel

PostPosted: Mon May 03, 2010 4:17 am    Post subject: Reply with quote

What's the advantage of using xml file for settings?
Doesn't the registry editor better?
I also have an idea for the auto refresher btw, so if you'd like some help thinking on it, contact me.
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> General programming -> Binaries All times are GMT - 6 Hours
Goto page 1, 2, 3  Next
Page 1 of 3

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites