I got this erro while try run xenos:

"The thread tried to read from or write to a virtual address for which it does not have the appropriate access."

Some hint?

Hello,
So I found some stuff that could be added to xenos for make it better:

https://github.com/G-E-N-E-S-I-S/loadlibrayy
It work with an exploit with cpuz driver
(This is an injector in c# but it work only with x64 process)

There is ways to load drivers without test mode:
https://github.com/hfiref0x/TDL
https://github.com/hfiref0x/DSEFix
Why not impliment them instead of asking for restart computer in test mode? Btw it can give some BSOD!!

Hello,

Can Xenos be used as a standalone library? For example if i wanted to write my own application and have Xenos only handle the DLL injection process.

After compilation a .LIB file is created in the directory but im not sure which headers are needed / if there is a single simple include.

Thanks for your time and creating this library!

Hello man,
when i try to select Kernel mode injection i got always this errore in log file

2016-01-10 22:55:51 NORMAL Started on Windows 10.0.0.10586 x64. Driver status: 0xC000012F
2016-01-10 22:55:58 ERROR Failed to load BlackBone driver:

The image file was not specified in the correct format, it did not have an initial MZ.

i run the injector with administrative priviledge.
Another thing is "protect self" under tools menu is always disable

Regards

Error

Failed to load BlackBone driver:

Windows 无法验证此文件的数字签名。某软件或硬件最近有所更改，可能安装了签名错误或损毁的文件，或者安装的文件可能是来路不明的恶意软件。

Google Translate:
(Failed to verify the digital signature of this file. A software or hardware has recently changed, may have installed a signed error or damaged file, or the installation of the file may be unknown malware.)

First time it's show up on my Win10 x64.

And then i switch my system to WIN7 X64 same error pop up.

I dont know what it's , how can i fix it?

From @DarthTon on June 2, 2015 9:8

Pages allocated using 'Conceal memory' manual map option aren't preserved if driver is unloaded before target process is terminated.

Copied from original issue: DarthTon/Blackbone#35

WIN7 x64 Kernel(APC) inject to notepad.exe(x64), notepad crash.

WIN7 x64 Kernel(APC) inject to cmd.exe failed(not crash)
but with very strange behavier:
It print a "More ? " string after by each inject operatiion in the cmd window!!!

I checked any system or user level hook with a adv tools, and I shutdown any secure softwares.

Hello,

I seem to be having an issue getting the blackbone driver to load with Xenos. In my log file, every session begins with this line;

Started on Windows 10.0.0.17134 x64. Driver status: 0xC0000225

But I have test mode enabled already. According to the readme, this is a dependency error? If so what would I be missing as I downloaded Xenos prebuilt.

User Manual Mapping & Kernel Manual Mapping

Test OS:windows 7 x64 ultimate

32bit & 64bit dll File Manual Mapping No option Injection

But 10~20 Time -> ManualMapping dll Thread Dead

Extreme Injector ManualMapping dll Thread no dead

test.dll file cmd.exe <-- manual mapping injection!

Thank you test.zip file upload

test.zip

E.g. Xenos.exe -d=dll_to_inject -p=proccess_to_inject?

Hello man,
Ii found some bug that could be addressed like this:

1. function MainDlg::Inject() at top of it i add:

if (_procList.selection() == -1)
{
Message::ShowError(_hwnd, L"Select process first!");
return;
}

SaveConfig();

so it check if process is selected and the save config to be sure runtime changes on process selection and image selection are reflected

1. function InjectionCore::GetTargetProcess calling CreateProcessW() on error copy this:

status = LastNtStatus();
Message::ShowError( _hMainDlg, L"Failed to create new process.\n" + blackbone::Utils::GetErrorDescription(status) );
return status;

otherwise it return 0 instead error

1. function MainDlg::OnSelectExecutable change if with this:

if (SelectExecutable( path ))
SetActiveProcess( 0, path );
else
_procList.reset();

Hope this could help

Regards

It's a required dependency, it might as well be included.
https://github.com/blog/2104-working-with-submodules

EDIT: it should be possible to have it pointing to latest master branch too, instead of only a prefixed commit

When I select the '' kernel '' option on the injector I get this following error = Falied to load heelix driver. Object Name Not Found

Please Help-me

Does Xenos have to lock the image files at all times?
It seems odd that we can't change/update the images while Xenos is running.

Does this injector working undetected?

I solved, don't need you.

While I inject it it keep showing Error code but I resolve that I seen youtube to stop error code but I test it out and still not working I just inject lithium vip from zekion its really working but not working inject [Speed hook and Sparkly cheat] how I stop error code or maybe the dll not working or tf2 inferno jungle

if I do:
xenos --load someprofile.xpr it starts xenos and I only need to press inject and it successfully injects the specified dll.

if I do the same with xenos --run someprofile.xpr I get a popup stating 👍
Can not attach to the process.
An invalid Client ID was specified.

The log states:
2017-04-06 20:13:12 NORMAL Started on Windows 6.1.1.7601 x64. Driver status: 0xC0000225
2017-04-06 20:13:12 CRITICAL Injection initiated. Mode: 1, process type: 0, pid: 0, mmap flags: 0x4,
erasePE: 0, unlink: 0, thread hijack: 0, init routine: '', init arg: ''
2017-04-06 20:13:12 ERROR Can not attach to the process.
An invalid Client ID was specified.

So somehow it doesn't seem to load the specified profile with --run

Hey,

so i just compiled xenos 32bit and when i run it it shows up in taskmanager for about 2 sec and the closes again...

When selecting Kernel (Manual Map) or trying to manually inject the driver (sc create & sc start) I get the following error:

2017-11-27 22:02:36 *NORMAL*     Started on Windows 10.0.0.16299 x64. Driver status: 0xC0000225
2017-11-27 22:02:41 *ERROR*      Failed to load BlackBone driver:

Windows cannot verify the digital signature for this file. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

I got the executable from UC & the driver from Blackbone repo.

I'm using x86 injector version to load a 32bit dll into AAPG games that is 32 bit too.
But when i select manual lauch it never fing AAGame.exe but i run the game.
This is the debug log:

2015-09-04 18:46:08 NORMAL Started on Windows 10.0.0.10240 x64. Driver status: 0xC0000033
2015-09-04 18:46:56 CRITICAL Injection initiated. Mode: 1, process type: 2, pid: 0, mmap flags: 0x4, erasePE: 0, unlink: 0, thread hijack: 0, init routine: '', init arg: ''
2015-09-04 18:46:56 NORMAL Waiting on process D:\Programmi (x86)\Steam\steamapps\common\America's Army\AAPG\Binaries\Win32\AAGame.exe
2015-09-04 18:48:48 WARNING Process wait canceled by user

I cancel the process after i saw that it not get it after 30sec of AAGame.exe running

This is the config file

XenosConfig
Hack.dll
4
D:\Programmi (x86)\Steam\steamapps\common\America ' s Army\AAPG\Binaries\Win32\AAGame.exe
0
0
0
1
0
2
1
5000
0



XenosConfig

i saw now that there 's a problem getting right path of it because of ' ( America's Army in debug but America ' s in config file )

Could be that?

Another thing, i select manual map injection type and select erasePE but in config file remain erasePE always 0 is it right?

Regards

i need the update of read stone 5
windows version 1809

title

so when I'm building the injector, theres only one problem/error, and that is "cannot open input file mscoree.lib". Whats wrong? did I not download the file? I cloned it using GitHub desktop. any help?

Hi there.

I've seen a lot of people having issues with xenos and getting the error code 0xC0000001. I've had this issue myself a few times but I'm not too sure how I actually fixed them.

So basically, I just wanted to know what's the best way to deal with this error?

-plx

Error 3 error LNK2019: unresolved external symbol "public: static class std::basic_string<wchar_t,struct std::char_traits<wchar_t>,class std::allocator<wchar_t> > __cdecl blackbone::Utils::UTF8ToWstring(class std::basic_string<char,struct std::char_traits,class std::allocator > const &)" (?UTF8ToWstring@Utils@blackbone@@sa?AV?$basic_string@_WU?$char_traits@_W@std@@v?$allocator@_W@2@@std@@abv?$basic_string@DU?$char_traits@D@std@@v?$allocator@D@2@@4@@z) referenced in function "class std::basic_string<wchar_t,struct std::char_traits<wchar_t>,class std::allocator<wchar_t> > __cdecl acut::ensure_tchar<wchar_t>(char const *)" (??$ensure_tchar@_W@acut@@ya?AV?$basic_string@_WU?$char_traits@_W@std@@v?$allocator@_W@2@@std@@pbd@Z) G:\New Folder\Xenos-master\src\ProfileMgr.obj Xenos

InjectionCore.cpp
change
if(pContext->cfg.injectMode == Existing && pContext->pid == 0)

by
if(pContext->cfg.processMode == Existing && pContext->pid == 0)

Hello man,
sometimes when i close injector file will not be deleted correctly.
i cannot reproduce it easily so cannot get more information to you.

Hello, recently updated my personal version to yours.

The APSTUDIO is adding "target.h" in the ressource file, once you edited it. since you deleted the header for the SDKDDKVer.h its a nasty job to delete this parse everytime.

this just appears on win8.1?

Hello man,
thx for take into consideration my fixes.
i found 3 another bugs

1. function MainDlg::LoadImageFile check if process is selected before enable inject button

   if (_procList.selection() != -1)
   _inject.enable();

2. function InjectionCore::GetTargetProcess if you get error calling CreateProcessW() it return 0 and not errorcode so i fix it like this

status = LastNtStatus();
Message::ShowError( _hMainDlg, L"Failed to create new process.\n" + blackbone::Utils::GetErrorDescription(status) );
return status;

1. function DlgSettings::OnInit i add this check to prevent using driver injection method if you don't have a valid driver

if(NT_SUCCESS(blackbone::Driver().status()))
{
_injectionType.Add(L"Kernel (CreateThread)", Kernel_Thread);
_injectionType.Add(L"Kernel (APC)", Kernel_APC);
_injectionType.Add(L"Kernel (Manual map)", Kernel_MMap);
//_injectionType.Add( L"Kernel driver manual map", Kernel_DriverMap );
}

Hope this improve your amazing work

Regards

Hello man,
when pid == -1 and _core.process().pid() == 0 it should return TRUE instead of give 2 error message box

Regards

I rebuilt from the latest commits and noticed something odd.
Here are the steps to reproduce:

• 1 Start cmd.exe (or whatever)
• 2 Select cmd.exe and inject dummy dll
• 3 Close cmd.exe and open a new one
• 4 Press inject again, an error will popup: Can not attach to the process.

Now if you select the "New" radio button and then the "Existing" again, follow steps 1-4 and it will error saying: "Failed to create new process."

If you select the "Manual Launch" radio button and then the "Existing" again, follow steps 1-4 and it will pop the "Waiting ... " window, even though a "new" cmd.exe is already open.

I guess this isn't finished properly yet, here's what I think should happen:

• You have a process selected, you close that process and reopen it
• Once you hit inject Xenos realizes that the PID does not exist anymore
• It will search running processes for the old executable's path and if there is one, select it
• If there is no open process matching, open the "Waiting" window.. I guess that feature is fine.

a BSOD BUG in driver:

if defined(WIN7)

if (ver_short != WINVER_7 && ver_short != WINVER_7_SP1)
{
if(ver_short == WINVER_7_SP1 && buildNo != 18700)
pData->correctBuild = FALSE;
return STATUS_NOT_SUPPORTED;
}

elif defined(WIN8)

the 'buildNo' will never be check, so BSOD in my win7 x64 OS.

FIX:

if defined(WIN7)

if (ver_short != WINVER_7 && ver_short != WINVER_7_SP1)
return STATUS_NOT_SUPPORTED;
if (ver_short == WINVER_7_SP1 && buildNo != 18700)
pData->correctBuild = FALSE;

elif defined(WIN8)

BTW, I think if you update a new OFFSET for unsupported OS is more better for this 'FIX'....

Hey, I use VS 13
error C3533: 'auto &': a parameter cannot have a type that contains 'auto'(Routines.cpp)
error C3486: a parameter for a lambda cannot have a default argument(Main.cpp)

I casually stumbled over an older version of this fantastic tool (1.0.1.4 iirc) and I remember there was this option to automatically inject dlls as soon as the selected exe started.

Would it be possible to add this again? Perhaps I dunno, a simple checkbox next to Manual launch?
In particular it would be very useful in The Division, since shortly after launch the executable is killed and started again by uplay client, and this fools basically every automatic inject-once-and-forgot tool.

Thank you.

I've been trying to use the overloaded Load() method that takes a pointer to an image. I'm getting the error "failed to inject x86 module into native x64 process", but I made sure that my DLL was indeed an x64 module.

Is this feature properly supported?

I can't load BlackBoneDrv when I added VMProtect to BlackBoneDrv.
I just added VMProtectDecryptStringW to BlackBoneDrv, I can compile successfully in VS, but I can't load the driver.

Failed to Load BlackBone Driver:

The specified image file did not have the correct format, it did not have an initial MZ.

Not sure what I'm doing from. Using dsefix to disable signing, tried it in test mode also. I compiled both blackdone and Xenos as source with no errors.

So I resolved all the issues regarding inclusion with xenos(which is pain in the ass btw). And now I get these errors: https://pastebin.com/DZYBP62X . because I don't want to solve them all can somebody give me a compiled binary of the newest xenos? Or maybe DarthTon can you start including binaries in the github or a link to them? I'm doing this solely cause I get this error: Error code 0xC0000001 . And I don't have the fall creators update:
2017-10-30 18:37:31 NORMAL Started on Windows 10.0.0.15063 x64. Driver status: 0xC0000225
And I tried out the solution that the guy proposed on the issue

I changed the name of everything related to '' BlackBone '' including driver name (L ''BlackBone'') to kedira (L ''Kedira'') and I load the driver but xenos does not recognize and it says that it does not have to start the driver that Has to be by test mode but the driver is already started. What can I do?

hi darthton, i am trying to get x64 dll injected into csrss, i load driver which remove psprotection for 10 seconds and restore but in the time xenos returns error and bsod me. - Can send dump via email if you can provide. am i miss something else like mitigation policy?

DEP (permanent); ASLR (high entropy); Dynamic code prohibited; Strict handle checks; CF Guard; Signatures restricted (Microsoft only)

any advice can give. it work well for notepad when i protect it first.

This would avoid Windows from bothering user with potential "Driver couldn't be installed" tooltip, regardless of the kind of injection type he was looking for.

Hello man,
if you delete the config file and the reopen the injector and only configure it in the advanced form without selecting process or exe image, then if you close and reopen setting are not loaded.
Injector give an exception here:

auto nodes = xml.all_nodes_named( L"XenosConfig.imagePath" );

XenosCurrentProfile.xpr look like this

-XenosConfig-
-manualMapFlags-0-/manualMapFlags-
-procName/-
-hijack-0-/hijack-
-unlink-0-/unlink-
-erasePE-0-/erasePE-
-close-0-/close-
-krnHandle-0-/krnHandle-
-processMode-0-/processMode-
-injectMode-0-/injectMode-
-delay-0-/delay-
-period-0-/period-
-procCmdLine/-
-initRoutine/-
-initArgs/-
-/XenosConfig-

I replace < and > with -

So imagePath not exist and throw an exception and it not load other settings

Regards

What does it mean and how can I resolve it?

I'm trying to inject a dll without any special config, it's linked with a static lib but nothing out of the ordinary.

10:21:52 *NORMAL*     Started on Windows 10.0.0.15063 x64. Driver status: 0xC0000225
10:24:22 *CRITICAL*   Injection initiated. Mode: 0, process type: 0, pid: xxxx, mmap flags: 0x4, erasePE: 0, unlink: 0, thread hijack: 0, init routine: '', init arg: ''
10:24:22 *CRITICAL*   Injecting image 'C:\Code\DebugProj\Release\DebugProj.dll'
10:24:22 *ERROR*      Failed to inject image using default injection, status: 0xC0000135
10:24:22 *ERROR*      Failed to inject image 'C:\Code\DebugProj\Release\DebugProj.dll'.
Error code 0xC0000135

from log
Failed to inject image using manual map, status: 0xC0000225
is this my problem?

After installing the W10 AU whenever I try to use kernel injection methods the blackbone driver fails.

Error message:

Failed to load BlackBone driver:

The request is not supported.

Any Idea what could be happening? it seems like a local issue.

https://b.catgirlsare.sexy/oejC.png
How do i fix this ? I'm already on test mode.

void Log::Init(HMODULE hModule)
{
memset(g_logFile, 0, sizeof(g_logFile));

if (GetModuleFileNameA(hModule, g_logFile, MAX_PATH) != 0)
{
    size_t slash = -1;

    for (size_t i = 0; i < strlen(g_logFile); i++)
    {
        if (g_logFile[i] == '/' || g_logFile[i] == '\\')
        {
            slash = i;
        }
    }

    if (slash != -1)
    {
        g_logFile[slash + 1] = '\0';
        strcpy_s(g_debugLogFile, g_logFile);
        strcat_s(g_debugLogFile, "debug.log");
        strcat_s(g_logFile, "hook.log");
    }
    else
    {
        // Shitty manual mapper detected.
        MessageBoxA(nullptr, "Unable to parse target module path", "ERROR", MB_OK);
        ExitProcess(0);
    }
}
else
{
    // Shitty manual mapper detected. | 2much 4 xenos manual map
    MessageBoxA(nullptr, "GetModuleFileNameA failed", "ERROR", MB_OK);
    ExitProcess(0);
}

}