- Yasaklandı
- #1
Kod:
#define MAX_PROCESSES 1024
typedef HMODULE (WINAPI *pLoadLibraryA)(LPCSTR);
typedef FARPROC (WINAPI *pGetProcAddress)(HMODULE,LPCSTR);
typedef BOOL (WINAPI *PDLL_MAIN)(HMODULE,DWORD,PVOID);
typedef struct _MANUAL_INJECT
{
PVOID ImageBase;
PIMAGE_NT_HEADERS NtHeaders;
PIMAGE_BASE_RELOCATION BaseRelocation;
PIMAGE_IMPORT_DESCRIPTOR ImportDirectory;
pLoadLibraryA fnLoadLibraryA;
pGetProcAddress fnGetProcAddress;
}MANUAL_INJECT,*PMANUAL_INJECT;
DWORD WINAPI LoadDll(PVOID p)
{
PMANUAL_INJECT ManualInject;
HMODULE hModule;
DWORD i,Function,count,delta;
PDWORD ptr;
PWORD list;
PIMAGE_BASE_RELOCATION pIBR;
PIMAGE_IMPORT_DESCRIPTOR pIID;
PIMAGE_IMPORT_BY_NAME pIBN;
PIMAGE_THUNK_DATA FirstThunk,OrigFirstThunk;
PDLL_MAIN EntryPoint;
ManualInject=(PMANUAL_INJECT)p;
pIBR=ManualInject->BaseRelocation;
delta=(DWORD)((LPBYTE)ManualInject->ImageBase-ManualInject->NtHeaders->OptionalHeader.ImageBase); // Calculate the delta
// Relocate the image
while(pIBR->VirtualAddress)
{
if(pIBR->SizeOfBlock>=sizeof(IMAGE_BASE_RELOCATION))
{
count=(pIBR->SizeOfBlock-sizeof(IMAGE_BASE_RELOCATION))/sizeof(WORD);
list=(PWORD)(pIBR+1);
for(i=0;i<count;i++)
{
if(list[i])
{
ptr=(PDWORD)((LPBYTE)ManualInject->ImageBase+(pIBR->VirtualAddress+(list[i] & 0xFFF)));
*ptr+=delta;
}
}
}
pIBR=(PIMAGE_BASE_RELOCATION)((LPBYTE)pIBR+pIBR->SizeOfBlock);
}
pIID=ManualInject->ImportDirectory;
// Resolve DLL imports
while(pIID->Characteristics)
{
OrigFirstThunk=(PIMAGE_THUNK_DATA)((LPBYTE)ManualInject->ImageBase+pIID->OriginalFirstThunk);
FirstThunk=(PIMAGE_THUNK_DATA)((LPBYTE)ManualInject->ImageBase+pIID->FirstThunk);
hModule=ManualInject->fnLoadLibraryA((LPCSTR)ManualInject->ImageBase+pIID->Name);
if(!hModule)
{
return FALSE;
}
while(OrigFirstThunk->u1.AddressOfData)
{
if(OrigFirstThunk->u1.Ordinal & IMAGE_ORDINAL_FLAG)
{
// Import by ordinal
Function=(DWORD)ManualInject->fnGetProcAddress(hModule,(LPCSTR)(OrigFirstThunk->u1.Ordinal & 0xFFFF));
if(!Function)
{
return FALSE;
}
FirstThunk->u1.Function=Function;
}
else
{
// Import by name
pIBN=(PIMAGE_IMPORT_BY_NAME)((LPBYTE)ManualInject->ImageBase+OrigFirstThunk->u1.AddressOfData);
Function=(DWORD)ManualInject->fnGetProcAddress(hModule,(LPCSTR)pIBN->Name);
if(!Function)
{
return FALSE;
}
FirstThunk->u1.Function=Function;
}
OrigFirstThunk++;
FirstThunk++;
}
pIID++;
}
if(ManualInject->NtHeaders->OptionalHeader.AddressOfEntryPoint)
{
EntryPoint=(PDLL_MAIN)((LPBYTE)ManualInject->ImageBase+ManualInject->NtHeaders->OptionalHeader.AddressOfEntryPoint);
return EntryPoint((HMODULE)ManualInject->ImageBase,DLL_PROCESS_ATTACH,NULL); // Call the entry point
}
return TRUE;
}
DWORD WINAPI LoadDllEnd()
{
return 0;
}
DWORD ProcId = 0;
DWORD FindProcess(__in_z LPCTSTR lpcszFileName)
{
LPDWORD lpdwProcessIds;
LPTSTR lpszBaseName;
HANDLE hProcess;
DWORD i, cdwProcesses, dwProcessId = 0;
lpdwProcessIds = (LPDWORD)HeapAlloc(GetProcessHeap(), 0, MAX_PROCESSES*sizeof(DWORD));
if (lpdwProcessIds != NULL)
{
if (EnumProcesses(lpdwProcessIds, MAX_PROCESSES*sizeof(DWORD), &cdwProcesses))
{
lpszBaseName = (LPTSTR)HeapAlloc(GetProcessHeap(), 0, MAX_PATH*sizeof(TCHAR));
if (lpszBaseName != NULL)
{
cdwProcesses /= sizeof(DWORD);
for (i = 0; i < cdwProcesses; i++)
{
hProcess = OpenProcess(PROCESS_QUERY_INFORMATION | PROCESS_VM_READ, FALSE, lpdwProcessIds[i]);
if (hProcess != NULL)
{
if (GetModuleBaseName(hProcess, NULL, lpszBaseName, MAX_PATH) > 0)
{
if (!lstrcmpi(lpszBaseName, lpcszFileName))
{
dwProcessId = lpdwProcessIds[i];
CloseHandle(hProcess);
break;
}
}
CloseHandle(hProcess);
}
}
HeapFree(GetProcessHeap(), 0, (LPVOID)lpszBaseName);
}
}
HeapFree(GetProcessHeap(), 0, (LPVOID)lpdwProcessIds);
}
return dwProcessId;
}
DWORD MyGetProcessId(LPCTSTR ProcessName)
{
PROCESSENTRY32 pt;
HANDLE hsnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
pt.dwSize = sizeof(PROCESSENTRY32);
if (Process32First(hsnap, &pt)) {
do {
if (!lstrcmpi(pt.szExeFile, ProcessName)) {
CloseHandle(hsnap);
return pt.th32ProcessID;
}
} while (Process32Next(hsnap, &pt));
}
CloseHandle(hsnap);
return 0;
}
PIMAGE_DOS_HEADER pIDH;
PIMAGE_NT_HEADERS pINH;
PIMAGE_SECTION_HEADER pISH;
HANDLE hProcess,hThread,hFile,hToken;
PVOID buffer,image,mem;
DWORD i,FileSize,ProcessId,ExitCode,read;
TOKEN_PRIVILEGES tp;
MANUAL_INJECT ManualInject;
bool autbypass = false;stdafx.h
Kod:
#pragma once
#include "targetver.h"
#include <stdio.h>
#include <tchar.h>
#include <stdio.h>
#include <windows.h>
#include <string>
#include <time.h>
#include <stdlib.h>
#include <iostream>
#include <tlhelp32.h>
#include <psapi.h>
#include <sddl.h>
#include <accctrl.h>
#include <conio.h>
#include <aclapi.h>
#pragma comment(lib, "Ws2_32.lib")
using namespace std;DLE hsnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
pt.dwSize = sizeof(PROCESSENTRY32);
if (Process32First(hsnap, &pt)) {
do {
if (!lstrcmpi(pt.szExeFile, ProcessName)) {
CloseHandle(hsnap);
return pt.th32ProcessID;
}
} while (Process32Next(hsnap, &pt));
}
CloseHandle(hsnap);
return 0;
}
PIMAGE_DOS_HEADER pIDH;
PIMAGE_NT_HEADERS pINH;
PIMAGE_SECTION_HEADER pISH;
HANDLE hProcess,hThread,hFile,hToken;
PVOID buffer,image,mem;
DWORD i,FileSize,ProcessId,ExitCode,read;
TOKEN_PRIVILEGES tp;
MANUAL_INJECT ManualInject;
bool autbypass = false;
RawD.h
Kod:
Your dll bytes..main.cpp
Kod:
#include "stdafx.h"
#include "RawD.h"
#include "main.h"
// Manual Map Injection From Memory || Frenzy
DWORD kjclkjclk2jlkjsafd()
{
SetConsoleTitle(" Frenzy Manual Map Injector");
system("color 4");
cout << "Developed by *****\n";
cout << "Oyun bekleniyor..\n";
while(true)
{
if(FindProcess("/*****.exe yerine başka şeylerde yazılabilir*/****.exe"))
{
PVOID rData = reinterpret_cast<char*>(rawData);
//
pIDH = (PIMAGE_DOS_HEADER)/*Memory*/rData;
pINH = (PIMAGE_NT_HEADERS)((LPBYTE)/*Memory*/rData+pIDH->e_lfanew);
DWORD pid = MyGetProcessId(/*Process Name*/"****.exe");
hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, pid);
image = VirtualAllocEx(hProcess, NULL, pINH->OptionalHeader.SizeOfImage, MEM_COMMIT | MEM_RESERVE, PAGE_EXECUTE_READWRITE);
WriteProcessMemory(hProcess, image, /*Memory*/rData, pINH->OptionalHeader.SizeOfHeaders, NULL);
pISH = (PIMAGE_SECTION_HEADER)(pINH+1);
for (i = 0; i<pINH->FileHeader.NumberOfSections; i++)
{
WriteProcessMemory(hProcess, (PVOID)((LPBYTE)image+pISH[i].VirtualAddress),
(PVOID)((LPBYTE)rData/*Memory*/+pISH[i].PointerToRawData), pISH[i].SizeOfRawData, NULL);
}
mem = VirtualAllocEx(hProcess, NULL, 4096, MEM_COMMIT | MEM_RESERVE, PAGE_EXECUTE_READWRITE);
memset(&ManualInject, 0, sizeof(MANUAL_INJECT));
ManualInject.ImageBase = image;
ManualInject.NtHeaders = (PIMAGE_NT_HEADERS)((LPBYTE)image+pIDH->e_lfanew);
ManualInject.BaseRelocation = (PIMAGE_BASE_RELOCATION)((LPBYTE)image+pINH->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_BASERELOC].VirtualAddress);
ManualInject.ImportDirectory = (PIMAGE_IMPORT_DESCRIPTOR)((LPBYTE)image+pINH->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_IMPORT].VirtualAddress);
ManualInject.fnLoadLibraryA = LoadLibraryA;
ManualInject.fnGetProcAddress = GetProcAddress;
WriteProcessMemory(hProcess,mem,&ManualInject, sizeof(MANUAL_INJECT), NULL);
WriteProcessMemory(hProcess, (PVOID)((PMANUAL_INJECT)mem+1), LoadDll, (DWORD)LoadDllEnd-(DWORD)LoadDll, NULL);
system("color 2");
system("cls");
cout << "Injecting..";
Sleep(6000);
hThread = CreateRemoteThread(hProcess, NULL, 0, (LPTHREAD_START_ROUTINE)((PMANUAL_INJECT)mem+1), mem, 0, NULL);
cout << "Injected!";
WaitForSingleObject(hThread, INFINITE);
GetExitCodeThread(hThread, &ExitCode);
ExitProcess(0);
}
}
}
int main()
{
kjclkjclk2jlkjsafd();
}Edit: Bazı kodlar ayrık olmuş konuyu açarken hata yaptım kusura bakmayın yonetıcıler duzeltebılırseniz sevinirim.
AS:A:dqADS
