 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
rovnix
Newbie cheater
![]() Reputation: 0
Joined: 09 Feb 2014
Posts: 18
|
 Posted: Thu Dec 11, 2014 4:13 pm Post subject: Code injection - Please i need help and correction |
 |
|
hello and good evening everyone.
been working hard lately on some hooking and injection techniques lately, except that most things i been doing it by reading somethings i see on here and i dont get to understand everything, just needed to clear somethings on here .
I can do hooking now, now its the injection, converting to shellcode and injecting and thats where i have some problems, my code goes like this :
my Messagebox Code
| Code: |
#include <stdio.h>
#include <windows.h>
void MessageBoxShout()
{
MessageBox(NULL,"HookedMessageBox","Hooked",MB_ICONINFORMATION|MB_OK);
}
BOOL APIENTRY DllMain( HANDLE hModule,
DWORD ul_reason_for_call,
LPVOID lpReserved
)
{
MessageBoxShout();
return 0;
}
|
And the code to inject it ..
| Code: |
#include <stdio.h>
#include <windows.h>
void injectShellCode()
{
char shelly[] = "//Message Box Shell Code goes here";
DWORD processID;
//Start injection process
HANDLE handle = OpenProcess(PROCESS_ALL_ACCESS, TRUE, processID);
LPVOID AllocMem = VirtualAllocEx(handle, NULL, 1024, MEM_RESERVE|MEM_COMMIT, PAGE_EXECUTE_READWRITE);
LPVOID LoadLibAddy = ( LPVOID )GetProcAddress( GetModuleHandle( "user32.dll" ), "MessageBoxA" );
WriteProcessMemory(handle, AllocMem, &shelly, sizeof(shelly), NULL);
CreateRemoteThread(handle, NULL, 0, (LPTHREAD_START_ROUTINE), AllocMem, 0, NULL);
VirtualFreeEx(handle, AllocMem, 0, MEM_RELEASE);
}
int main()
{
injectShellCode();
return 0;
}
|
What i want the code to do, is to inject a the messagebox shell code into a process. got lost along the line. How do i convert the C/C++ code into a shell code and then inject into the target process...
|
|
| Back to top |
|
 |
zm0d
Master Cheater
 Reputation: 7
Joined: 06 Nov 2013
Posts: 423
|
| Posted: Thu Dec 11, 2014 5:14 pm Post subject: |
|
|
There's alot wrong in your lower code snippet. Google for some C Dll Injector source and study the code. This will hopefully help you.
Also check out your DllMain. You usually place a switch statement in it to check out the ul_reason_for_call. You'll find this with google, too.
|
|
| Back to top |
|
|
atom0s
Moderator
 Reputation: 205
Joined: 25 Jan 2006
Posts: 8587
Location: 127.0.0.1
|
| Posted: Thu Dec 11, 2014 9:12 pm Post subject: |
|
|
Reason your code is just failing entirely is because you are returning false (0) in the DllMain. The system treats this as your module failed to initialize and is just unloading it from memory.
You need to return TRUE (1) inside of DllMain if you want your module to stay loaded.
Your code to inject is entirely wrong as well.
Rather then just copy paste from the internet, why not try and learn what you are doing first. It'll help you a ton to actually learn what you are doing instant of copying things from all over the internet. Especially when what you copied is wrong.
_________________
- Retired. |
|
| Back to top |
|
|
rovnix
Newbie cheater
![]() Reputation: 0
Joined: 09 Feb 2014
Posts: 18
|
| Posted: Fri Dec 12, 2014 8:35 am Post subject: |
|
|
Ok i looked through and saw somethigs in C++, Quicky translated into C, it ran here is what it looks like
I collected some hand full codes from here hackthissite.org/forums/viewtopic.php?f=102&t=10968
| Code: |
#include <stdio.h>
#include <windows.h>
void injectShellCode()
{
unsigned char shelly[250] = "\This\is\test\0";
DWORD processID;
HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, processID);
LPVOID addr = (LPVOID)GetProcAddress(GetModuleHandle("kernel32.dll"), "LoadLibraryA");
LPVOID arg = (LPVOID)VirtualAllocEx(hProcess, NULL, strlen(shelly), MEM_RESERVE | MEM_COMMIT, PAGE_READWRITE);
int n = WriteProcessMemory(hProcess, arg, shelly, strlen(shelly), NULL);
HANDLE threadID = CreateRemoteThread(hProcess, NULL, 0, (LPTHREAD_START_ROUTINE)addr, arg, NULL, NULL);
printf("Inject Successful\n");
}
int main()
{
injectShellCode();
system("pause");
return 0;
}
|
|
|
| Back to top |
|
|
zm0d
Master Cheater
Reputation: 7
Joined: 06 Nov 2013
Posts: 423
|
| Posted: Fri Dec 12, 2014 10:00 am Post subject: |
|
|
Dude, that's pain for my eyes  . There's simply so much wrong in this small code snippet. Better start with some simple stuff and inform yourself about the Win32 API.
It's like you want to count from 1-10 but you count like 6,2,8,4,9... No order and missing numbers...
|
|
| Back to top |
|
|
Dark Byte
Site Admin
 Reputation: 470
Joined: 09 May 2003
Posts: 25791
Location: The netherlands
|
| Posted: Fri Dec 12, 2014 10:40 am Post subject: |
|
|
you're not setting the processid
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
| Back to top |
|
|
atom0s
Moderator
Reputation: 205
Joined: 25 Jan 2006
Posts: 8587
Location: 127.0.0.1
|
| Posted: Fri Dec 12, 2014 3:26 pm Post subject: |
|
|
| rovnix wrote: | Ok i looked through and saw somethigs in C++, Quicky translated into C, it ran here is what it looks like
I collected some hand full codes from here hackthissite.org/forums/viewtopic.php?f=102&t=10968
| Code: |
#include <stdio.h>
#include <windows.h>
void injectShellCode()
{
unsigned char shelly[250] = "\This\is\test\0";
DWORD processID;
HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, processID);
LPVOID addr = (LPVOID)GetProcAddress(GetModuleHandle("kernel32.dll"), "LoadLibraryA");
LPVOID arg = (LPVOID)VirtualAllocEx(hProcess, NULL, strlen(shelly), MEM_RESERVE | MEM_COMMIT, PAGE_READWRITE);
int n = WriteProcessMemory(hProcess, arg, shelly, strlen(shelly), NULL);
HANDLE threadID = CreateRemoteThread(hProcess, NULL, 0, (LPTHREAD_START_ROUTINE)addr, arg, NULL, NULL);
printf("Inject Successful\n");
}
int main()
{
injectShellCode();
system("pause");
return 0;
}
|
|
Let's go through the number of this bad/wrong with this code..
1. You never set the process id, as DB said, so you are never going to write to anything.
2. Your so called 'shelly' is not shell code. It's just a string with random escapes in it for no reason..
3. You are using PROCESS_ALL_ACCESS which is likely going to fail on any new system without extra steps taken.
4. Your VirtualAllocEx call is using kind of shitty flags for injection purposes.
5. Your WriteProcessMemory call is wrong.
6. You assume that the injection is successful without ever checking any return values.
This code has no error checking at all, which I can guarantee you every single API call failed.
You seriously need to stop trying to learn injection as the first thing you are doing with C/C++. You are totally not ready for it yet.
_________________
- Retired. |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
