An improvement of the original reflective DLL injection technique by Stephen Fewer of Harmony Security
Home Page: https://disman.tl/2015/01/30/an-improved-reflective-dll-injection-technique.html
License: BSD 3-Clause "New" or "Revised" License
I was wondering about the following in the readme:
Injection works from Windows NT4 up to and including Windows 8, running on x86 and x64.
Could you elaborate on this? Also saw Fewer's repo has this note, although I cannot see why this should not work on Windows 10.
Hello i was checking your project and when i put in my process of 64 bits not seem's to work. Show me:
https://i.imgsafe.org/0768f572cb.png
https://i.imgsafe.org/066c71ae5c.png
I think because the majority of dll's used by the vc++ project must to be the same for 32 bits. So when i run
the app and compile in 32 bits. I never cant to use more in my 64 bits so i have incompatibility between both.
inject.exe 1234 is no longer correct for your code.
I am trying to update this loader. At first i'm trying get to work. And when i get to work i will try to get that with the name you can inject. For example in c++ will be:
HANDLE processList=CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
PROCESSENTRY32 pInfo;
BOOL st=TRUE;
pInfo.dwSize=sizeof(PROCESSENTRY32);
Process32First(processList, &pInfo);
int myPid=0;
do
{
if(strcmp(pInfo.szExeFile, "test.exe")==0)
{
myPid=pInfo.th32ProcessID;
break;
}
Process32Next(lista, &pInfo);
}
while(st!=FALSE);
So with the name you can inject into the process. reference:
https://blog.ka0labs.net/post/8/
this feature can be added in your project.
I compile the code for 32 bit, Release.
Run calc.exe *32. (runs with processID 8468)
Run: inject 8468
inject 8468
Allocated memory address in remote process: 0x000F0000
Wrote shellcode to 0x106805
[+] Injected the 'reflective_dll.dll' DLL into process 6736.
I get the message that it injected into 6736 instead of 8468. I can confirm that it's not in the calc.exe process...
When I see "Hello from DllMain!" and close calc.exe, the message box is still there. (I.e. it's not in the calc.exe process)
Hi i got this message ok:
[+] Created thread exited with code 0.
Ok and it created. and show me hello world all okay. But when i access in the process i don't see my dll why?
rdi.sln building fine under VS2015
inject working fine but nUserdataLen is always 0 in MyFunction.
Cause?
MyFunction(LPVOID lpUserdata, DWORD nUserdataLen)
Yes it does, can you take a look for a fix or the project is dead?
(Exception thrown: read access violation "initial_state" was "0x555C3A43".)
Building Fails somehow
Dear dismantl,
Hope you are fine. How can i use this, could you please explain with some examples?
And how can i inject a DLL to an app?
Thanks.
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google โค๏ธ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.