Hello all.
I've encountered a huge problem while programming a tool.
I try to inject a C++ DLL (32bit) into a 32bit process but the DLL does not get injected properly.
The DLL is 100% working. Tested it with a C++ Injector.
This is my injection code:
<code>protected void adjustDebugPriv(int pid)
{
IntPtr hProcess = OpenProcess(ProcessAccess.AllAccess, false, pid);
if (IntPtr.Zero == hProcess)
{
throw new Exception("Cann't open process.");
}
TOKEN_PRIVILEGES tp = new TOKEN_PRIVILEGES();
tp.PrivilegeCount = 1;
tp.Attributes = SE_NAMES.SE_PRIVILEGE_ENABLED;
if (!API.LookupPrivilegeValue(null, SE_NAMES.SE_DEBUG_NAME, out tp.Luid))
{
API.CloseHandle(hProcess);
throw new Exception("Cann't lookup value");
}
IntPtr hToken;
if (!API.OpenProcessToken(hProcess, TOKEN_ACCESS.TOKEN_ADJUST_PRIVILEGES, out hToken))
{
API.CloseHandle(hProcess);
throw new Exception("Cann't open process token value");
}
if (!API.AdjustTokenPrivileges(hToken, false, ref tp, 0, IntPtr.Zero, IntPtr.Zero))
{
API.CloseHandle(hProcess);
API.CloseHandle(hToken);
throw new Exception("Cann't AdjustTokenPrivileges");
}
API.CloseHandle(hProcess);
API.CloseHandle(hToken);
}
public bool Inject()
{
UIntPtr bytesout;
IntPtr bytesout2;
Int32 LenWrite = dllFilePath.Length + 1;
ASCIIEncoding enc = new ASCIIEncoding();
adjustDebugPriv(procID);
IntPtr hProcess = OpenProcess(ProcessAccess.AllAccess, false, procID);
if (hProcess == null)
return false;
IntPtr AllocMem = (IntPtr)VirtualAllocEx(hProcess, (IntPtr)null, (uint)LenWrite, 0x1000, 0x40);
if (AllocMem == null)
return false;
bool wpm = WriteProcessMemory(hProcess, AllocMem, enc.GetBytes(dllFilePath), (uint)LenWrite, out bytesout);
if (!wpm)
return false;
UIntPtr Injector = (UIntPtr)GetProcAddress(API.GetModuleHandle("kernel32.dll"), "LoadLibraryA");
if (Injector == null)
return false;
IntPtr hThread = (IntPtr)CreateRemoteThread(hProcess, (IntPtr)null, 0, Injector, AllocMem, 0, out bytesout2);
if (hThread == null)
return false;
uint Result = API.WaitForSingleObject(hThread,10 * 10000);
if (Result == 0x00000080L || Result == 0x00000102L || Result == 0xFFFFFFFF)
{
if (hThread != null)
API.CloseHandle(hThread);
return false;
}
Thread.Sleep(1000);
API.VirtualFreeEx(hProcess, AllocMem, 0, FreeType.Release);
if (hThread != null)
API.CloseHandle(hThread);
return true;
}</code>
I hope you can help me.
Greetings.