Создание инжектора

Тема в разделе "Гайды для CrossFire", создана пользователем oleg_bt123bt, 24 мар 2013.

  1. Оффлайн

    oleg_bt123bt первый сержант

    На форуме с:
    8 янв 2013
    Сообщения:
    87
    Симпатии:
    139
    Баллы:
    39
    Пол:
    Женский
    Всем привет
    В этой теме я вас обучу как создавать инжекторы .
    Если у вас возникнут вопросы то пишите .

    1.) Скачайте Microsoft Visual Basic 2010 Express: .
    Скачать эту программу вы можете здесь .
    2.) Создайте новый проект : Windows Forms Application
    3.) Создайте:
    5 Buttons
    2 Radiobuttons
    5 Labels
    1 Listboxes
    1 Timers
    1 OpenFileDialog
    1 Checkbox
    1 Textbox

    4.)Переименовываем:
    Button1 = "Открыть DLL"
    Button2 = "Удалить"
    Button3 = "Удалить всё"
    Button4 = "Инжект"
    Button5 = "Выход"
    RadioButton1 = "Ручное"
    RadioButton2 = "Автоматическое"
    Label1 = “Процесс.exe: "
    Label2 = "Режим:”
    Label3 = "После внедрения:”
    Label4 = "Добавить DLL”
    Label5 = “Waiting for Program to Start...”
    ListBox1 = "DLL"
    CheckBox1 = "Закрыть инжектор"
    TextBox1 = “ “
    OpenFileDialog1 = “OpenFile”

    5.)Вставляем код:
    Правой кнопкой жмём вставить код и вставляем код ,Сначала удаляем прошлый код и вставляем новый наш.
    [​IMG]
    вот код
    Public Class Form1
    Private TargetProcessHandle As Integer
    Private pfnStartAddr As Integer
    Private pszLibFileRemote As String
    Private TargetBufferSize As Integer

    Public Const PROCESS_VM_READ = &H10
    Public Const TH32CS_SNAPPROCESS = &H2
    Public Const MEM_COMMIT = 4096
    Public Const PAGE_READWRITE = 4
    Public Const PROCESS_CREATE_THREAD = (&H2)
    Public Const PROCESS_VM_OPERATION = (&H8)
    Public Const PROCESS_VM_WRITE = (&H20)
    Dim DLLFileName As String
    Public Declare Function ReadProcessMemory Lib "kernel32" ( _
    ByVal hProcess As Integer, _
    ByVal lpBaseAddress As Integer, _
    ByVal lpBuffer As String, _
    ByVal nSize As Integer, _
    ByRef lpNumberOfBytesWritten As Integer) As Integer

    Public Declare Function LoadLibrary Lib "kernel32" Alias "LoadLibraryA" ( _
    ByVal lpLibFileName As String) As Integer

    Public Declare Function VirtualAllocEx Lib "kernel32" ( _
    ByVal hProcess As Integer, _
    ByVal lpAddress As Integer, _
    ByVal dwSize As Integer, _
    ByVal flAllocationType As Integer, _
    ByVal flProtect As Integer) As Integer

    Public Declare Function WriteProcessMemory Lib "kernel32" ( _
    ByVal hProcess As Integer, _
    ByVal lpBaseAddress As Integer, _
    ByVal lpBuffer As String, _
    ByVal nSize As Integer, _
    ByRef lpNumberOfBytesWritten As Integer) As Integer

    Public Declare Function GetProcAddress Lib "kernel32" ( _
    ByVal hModule As Integer, ByVal lpProcName As String) As Integer

    Private Declare Function GetModuleHandle Lib "Kernel32" Alias "GetModuleHandleA" ( _
    ByVal lpModuleName As String) As Integer

    Public Declare Function CreateRemoteThread Lib "kernel32" ( _
    ByVal hProcess As Integer, _
    ByVal lpThreadAttributes As Integer, _
    ByVal dwStackSize As Integer, _
    ByVal lpStartAddress As Integer, _
    ByVal lpParameter As Integer, _
    ByVal dwCreationFlags As Integer, _
    ByRef lpThreadId As Integer) As Integer

    Public Declare Function OpenProcess Lib "kernel32" ( _
    ByVal dwDesiredAccess As Integer, _
    ByVal bInheritHandle As Integer, _
    ByVal dwProcessId As Integer) As Integer

    Private Declare Function FindWindow Lib "user32" Alias "FindWindowA" ( _
    ByVal lpClassName As String, _
    ByVal lpWindowName As String) As Integer

    Private Declare Function CloseHandle Lib "kernel32" Alias "CloseHandleA" ( _
    ByVal hObject As Integer) As Integer


    Dim ExeName As String = IO.Path.GetFileNameWithoutExtension(Application.ExecutablePath)
    Private Sub Inject()
    On Error GoTo 1 ' If error occurs, app will close without any error messages
    Timer1.Stop()
    Dim TargetProcess As Process() = Process.GetProcessesByName(TextBox1.Text)
    TargetProcessHandle = OpenProcess(PROCESS_CREATE_THREAD Or PROCESS_VM_OPERATION Or PROCESS_VM_WRITE, False, TargetProcess(0).Id)
    pszLibFileRemote = OpenFileDialog1.FileName
    pfnStartAddr = GetProcAddress(GetModuleHandle("Kernel32"), "LoadLibraryA")
    TargetBufferSize = 1 + Len(pszLibFileRemote)
    Dim Rtn As Integer
    Dim LoadLibParamAdr As Integer
    LoadLibParamAdr = VirtualAllocEx(TargetProcessHandle, 0, TargetBufferSize, MEM_COMMIT, PAGE_READWRITE)
    Rtn = WriteProcessMemory(TargetProcessHandle, LoadLibParamAdr, pszLibFileRemote, TargetBufferSize, 0)
    CreateRemoteThread(TargetProcessHandle, 0, 0, pfnStartAddr, LoadLibParamAdr, 0, 0)
    CloseHandle(TargetProcessHandle)
    1: Me.Show()
    End Sub

    Private Sub Form1_Load(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles MyBase.Load
    DLL.Name = "DLL"
    Button1.Text = "Открыть DLL"
    Label2.Text = "Waiting for Program to Start..."
    Timer1.Interval = 50
    Timer1.Start()
    End Sub

    Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button1.Click
    OpenFileDialog1.Filter = "DLL (*.dll) |*.dll"
    OpenFileDialog1.ShowDialog()
    End Sub

    Private Sub Button2_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button2.Click
    For i As Integer = (DLL.SelectedItems.Count - 1) To 0 Step -1
    DLL.Items.Remove(DLL.SelectedItems(i))
    Next
    End Sub

    Private Sub Button3_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button3.Click
    DLL.Items.Clear()
    End Sub

    Private Sub Button4_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button4.Click
    If IO.File.Exists(OpenFileDialog1.FileName) Then
    Dim TargetProcess As Process() = Process.GetProcessesByName(TextBox1.Text)
    If TargetProcess.Length = 0 Then

    Me.Label2.Text = ("Waiting for " + TextBox1.Text + ".exe")
    Else
    Timer1.Stop()
    Me.Label2.Text = "Successfully Injected!"
    Call Inject()
    If CheckBox1.Checked = True Then
    End
    Else
    End If
    End If
    Else
    End If

    End Sub

    Private Sub Button5_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button5.Click
    Me.Close()
    End Sub

    Private Sub RadioButton1_CheckedChanged(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles RadioButton1.CheckedChanged
    Button4.Enabled = True
    Timer1.Enabled = False
    End Sub

    Private Sub RadioButton2_CheckedChanged(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles RadioButton2.CheckedChanged
    Button4.Enabled = False
    Timer1.Enabled = True
    End Sub

    Private Sub Timer1_Tick(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Timer1.Tick
    If IO.File.Exists(OpenFileDialog1.FileName) Then
    Dim TargetProcess As Process() = Process.GetProcessesByName(TextBox1.Text)
    If TargetProcess.Length = 0 Then

    Me.Label2.Text = ("Waiting for " + TextBox1.Text + ".exe")
    Else
    Timer1.Stop()
    Me.Label2.Text = "Successfully Injected!"
    Call Inject()
    If CheckBox1.Checked = True Then
    End
    Else
    End If
    End If
    Else
    End If
    End Sub

    Private Sub OpenFileDialog1_FileOk(ByVal sender As System.Object, ByVal e As System.ComponentModel.CancelEventArgs) Handles OpenFileDialog1.FileOk
    Dim FileName As String
    FileName = OpenFileDialog1.FileName.Substring(OpenFileDialog1.FileName.LastIndexOf("\"))
    Dim DllFileName As String = FileName.Replace("\", "")
    Me.DLL.Items.Add(DllFileName)
    End Sub
    End Class

    6.)Вставляем картинку, значёк.
    [​IMG]

    7.)Выделяем “Автоматическое”и”Закры� �ь инжектор”и ставим False где написано “Checked”
    Нажимаем на Плей
    [​IMG]


    8.)Сохраняем!
    Сохраняем
    [​IMG]



    Вот и всё . Если у вас какие то вопросы то задавайте.
     
  2.  

Поделиться этой страницей

Уважаемый пользователь!

Мы обнаружили, что вы блокируете показ рекламы на нашем сайте.

Просим внести его в список исключения или отключить AdBlock.

Наши материалы предоставляются БЕСПЛАТНО и единственным доходом является реклама.

Спасибо за понимание!