d2jsp
Log InRegister
d2jsp Forums > Off-Topic > Computers & IT > Programming & Development > Im Bored
Prev123Next
Closed New Topic New Poll
Member
Posts: 13,425
Joined: Sep 29 2007
Gold: 0.00
Warn: 20%
Mar 23 2013 11:46am
here is our DLL file that we will be injecting. all it does is parse the fdwReason variable and if we are attached to a process it will load launch our function from within the thread.


main.h

Code
#include <windows.h>

void SomeFunction(const LPCSTR sometext);



main.cpp

Code
#include "main.h"

void SomeFunction(const LPCSTR sometext)
{
   MessageBoxA(0, sometext, "Message from DLL", MB_OK | MB_ICONINFORMATION);
}

BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD fdwReason, LPVOID lpvReserved)
{
   switch (fdwReason)
   {
       case DLL_PROCESS_ATTACH:
           // attach to process
           // return FALSE to fail DLL load
           SomeFunction("I just injected into our game oh em gee");
           break;

       case DLL_PROCESS_DETACH:
           // detach from process
           break;

       case DLL_THREAD_ATTACH:
           // attach to thread
           break;

       case DLL_THREAD_DETACH:
           // detach from thread
           break;
   }
   return TRUE; // succesful
}
Member
Posts: 13,425
Joined: Sep 29 2007
Gold: 0.00
Warn: 20%
Mar 23 2013 01:20pm
well i just found out after an hour of debugging that code::blocks is gay for creating dll files. since it uses gcc instead of a native msvc compiler it adds or forgets to add a bunch of crap.

gonna have to remake my dll in msvc later.

on another note heres another version of a dll injector i made up. instead of searching for a window name it searches for a process name instead.

Code
#include <Windows.h>
#include <TlHelp32.h>
#include <stdio.h>

#define CREATE_THREAD_ACCESS (PROCESS_CREATE_THREAD | PROCESS_QUERY_INFORMATION | PROCESS_VM_OPERATION | PROCESS_VM_WRITE | PROCESS_VM_READ)

char FileToInject[] = "GameHack.dll";
char ProcessName[]  = "Game.exe";
char dllPath[255]   = "C:\\Users\\abduct\\Dekstop\\HACKS\\Test\\";
typedef HINSTANCE (*fpLoadLibrary)(char*);

BOOL InjectDLL(DWORD ProcessID);

int main()
{
   DWORD processId = 0;

   PROCESSENTRY32 pe32 = {sizeof(PROCESSENTRY32)};
   HANDLE hProcSnap;

   while(!processId)
   {
       system("cls");

       printf("Searching for: %s\n", ProcessName );
       printf("Make sure your game is running\n");

       hProcSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);

       if(Process32First(hProcSnap, &pe32))
       {
           do
           {
               if(!strcmp(pe32.szExeFile, ProcessName))
               {
                   processId = pe32.th32ProcessID;
                   break;
               }
           }while(Process32Next(hProcSnap, &pe32));
       }
       Sleep(1000);
   }

   while(!InjectDLL(processId))
   {
       system("cls");
       printf("DLL Failed To Inject\n");
       Sleep(1000);
   }

   printf("DLL Injected successfully\n");
   printf("Closing Injector in 5 seconds");

   CloseHandle(hProcSnap);

   Sleep(5000);

   return 0;
}

BOOL InjectDLL(DWORD ProcessID)
{
   HANDLE hProc;
   LPVOID paramAddr;
   HINSTANCE hDLL = LoadLibraryA("KERNEL32");
   fpLoadLibrary LoadLibraryAddr = (fpLoadLibrary)GetProcAddress(hDLL, "LoadLibraryA");

   hProc = OpenProcess(CREATE_THREAD_ACCESS, FALSE, ProcessID);

   strcat(dllPath, FileToInject);

   paramAddr = VirtualAllocEx(hProc, 0, strlen(dllPath) + 1, MEM_RESERVE|MEM_COMMIT, PAGE_READWRITE);
   BOOL memoryWritten = WriteProcessMemory(hProc, paramAddr, dllPath, strlen(dllPath) +1, NULL);

   CreateRemoteThread(hProc, 0, 0, (LPTHREAD_START_ROUTINE)LoadLibraryAddr, paramAddr, 0, 0);
   CloseHandle(hProc);

   return memoryWritten;
}
Member
Posts: 16,144
Joined: Mar 27 2008
Gold: 14,618.00
Mar 23 2013 02:16pm
good to see your progress. but tell us more about how you compile that stuff, how to make a dll, and so on.

if you want to change your mind and cross-compile on linux, here's the code i use:
Code
#-mwindows -> removes console window
#-ld3d9 -> required for directx9

test: main.exe
 wine main.exe
main.exe: main.cpp
 i586-mingw32msvc-g++ -o main.exe main.cpp -ld3d9 -mwindows
clean:
 rm -f main.exe

for those who dont know: save that code as "Makefile" and type "make" in console, it will be cross-compiled and executed by wine.

these tools i had to install:
Code
sudo apt-get install mingw32 mingw32-runtime mingw32-binutils


to test the directx9, you can copy the main.cpp from a directx tutorial site, found on google, i guess first result. (i dont post link to the site cuz last time i got warn, despite the fact that it wasn't against the rules...)

This post was edited by Richter on Mar 23 2013 02:18pm
Member
Posts: 9,803
Joined: Jun 28 2005
Gold: 6.67
Mar 23 2013 02:20pm
Isn't that thread directly in conflict with forum rules? http://forums.d2jsp.org/topic.php?t=57605111&f=120


Anyhow, if you're blogging, I'd like to see that blog.
Member
Posts: 13,425
Joined: Sep 29 2007
Gold: 0.00
Warn: 20%
Mar 23 2013 02:21pm
Quote (Richter @ Mar 23 2013 04:16pm)
good to see your progress. but tell us more about how you compile that stuff, how to make a dll, and so on.

if you want to change your mind and cross-compile on linux, here's the code i use:
Code
#-mwindows -> removes console window
#-ld3d9 -> required for directx9

test: main.exe
 wine main.exe
main.exe: main.cpp
 i586-mingw32msvc-g++ -o main.exe main.cpp -ld3d9 -mwindows
clean:
 rm -f main.exe

for those who dont know: save that code as "Makefile" and type "make" in console, it will be cross-compiled and executed by wine.

these tools i had to install:
Code
sudo apt-get install mingw32 mingw32-runtime mingw32-binutils


to test the directx9, you can copy the main.cpp from a directx tutorial site, found on google, i guess first result. (i dont post link to the site cuz last time i got warn, despite the fact that it wasn't against the rules...)


yea im just dumping code somewhere for now and ill make a new thread to explain it eventually. i am trying to figure out why this dll isnt injecting. i've tried the 2 methods ive posted and they both give no errors (stepped through the application) yet i cannot get a message box to appear in my game app. its stumping me atm. im going to try calc.exe to see if im not loading correct libraries or something.
Member
Posts: 13,425
Joined: Sep 29 2007
Gold: 0.00
Warn: 20%
Mar 23 2013 02:22pm
Quote (KrzaQ2 @ Mar 23 2013 04:20pm)
Isn't that thread directly in conflict with forum rules? http://forums.d2jsp.org/topic.php?t=57605111&f=120


Anyhow, if you're blogging, I'd like to see that blog.


well technically it is not. there is no automated game play. i am testing on my own built game. i am not linking binaries or code that is malicious.
Member
Posts: 9,803
Joined: Jun 28 2005
Gold: 6.67
Mar 23 2013 02:25pm
I was thinking about "discussing the program", but if it's not malicious and breaks no ToS I guess it's ok :)
Member
Posts: 16,144
Joined: Mar 27 2008
Gold: 14,618.00
Mar 23 2013 02:29pm
its oubviously not against the ToS of anything
and i don't understand how this could be used for malicious stuff
Member
Posts: 9,803
Joined: Jun 28 2005
Gold: 6.67
Mar 23 2013 03:04pm
Quote (Richter @ 23 Mar 2013 21:29)
its oubviously not against the ToS of anything
and i don't understand how this could be used for malicious stuff
It is not, but what is your first thought when someone talks about game hacking?
Member
Posts: 16,144
Joined: Mar 27 2008
Gold: 14,618.00
Mar 23 2013 03:34pm
Quote (KrzaQ2 @ 23 Mar 2013 22:04)
It is not, but what is your first thought when someone talks about game hacking?

my first thoughts are: cool, a challenge, something that teaches us how to code games which are less vulnerable against evil hackers.

you need to know that the term "hacking" doesn't mean "evilness". imo, most of the people think that hackers are evil by definition... but i know multiple hackers (also called penetration testers), and not even one would do something illegal.

it would have been better if we just had omitted this word, to prevent misunderstandings.
Go Back To Programming & Development Topic List
Prev123Next
Closed New Topic New Poll