comment
IRC Chat
play_arrow
Este sitio utiliza cookies propias y de terceros. Si continúa navegando consideramos que acepta el uso de cookies. OK Más Información.

Inyeccion Dll

  • 2 Respuestas
  • 3627 Vistas

0 Usuarios y 1 Visitante están viendo este tema.

Desconectado Juan

  • *
  • Underc0der
  • Mensajes: 159
  • Actividad:
    0%
  • Reputación 0
  • Ex-Drinky
    • Ver Perfil
« en: Agosto 30, 2010, 06:34:42 pm »
Bueno aqui les dejo esta inyeccion dll que cree hace un tiempo:

Código: Visual Basic
  1. '***********************************
  2. '** Inyeccion Dll By Drinky94     **
  3. '** Fecha: 16- Junio - 2010       **
  4. '***********************************
  5. Option Explicit
  6.  
  7. Private Declare Function ShellExecute Lib "shell32.dll" Alias "ShellExecuteA" (ByVal hwnd As Long, ByVal lpOperation As String, ByVal lpFile As String, ByVal lpParameters As String, ByVal lpDirectory As String, ByVal nShowCmd As Long) As Long
  8. Private Declare Function FindWindow Lib "user32" Alias "FindWindowA" (ByVal lpClassName As String, ByVal lpWindowName As String) As Long
  9. Private Declare Sub Sleep Lib "kernel32" (ByVal dwMilliseconds As Long)
  10. Private Declare Function OpenProcess Lib "Kernel32.dll" (ByVal dwDesiredAccessas As Long, ByVal bInheritHandle As Long, ByVal dwProcId As Long) As Long
  11. Private Declare Function GetWindowThreadProcessId Lib "user32" (ByVal hwnd As Long, lpdwProcessId As Long) As Long
  12. Private Declare Function VirtualAllocEx Lib "kernel32" (ByVal hProcess As Long, ByVal lpAddress As Long, ByVal dwSize As Long, ByVal flAllocationType As Long, ByVal flProtect As Long) As Long
  13. Private Declare Function WriteProcessMemory Lib "kernel32" (ByVal hProcess As Long, lpBaseAddress As Any, lpBuffer As Any, ByVal nSize As Long, lpNumberOfBytesWritten As Long) As Long
  14. Private Declare Function GetProcAddress Lib "kernel32" (ByVal hModule As Long, ByVal lpProcName As String) As Long
  15. Private Declare Function GetModuleHandle Lib "kernel32" Alias "GetModuleHandleA" (ByVal lpModuleName As String) As Long
  16. Private Declare Function CreateRemoteThread Lib "kernel32" (ByVal hProcess As Long, lpThreadAttributes As Long, ByVal dwStackSize As Long, lpStartAddress As Long, lpParameter As Any, ByVal dwCreationFlags As Long, lpThreadId As Long) As Long
  17. Private Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As Long
  18.  
  19. Const STANDARD_RIGHTS_REQUIRED As Long = &HF0000
  20. Const SYNCHRONIZE As Long = &H100000
  21. Const PROCESS_ALL_ACCESS As Long = (STANDARD_RIGHTS_REQUIRED Or SYNCHRONIZE Or &HFFF)
  22. Const MEM_COMMIT As Long = &H1000
  23. Const PAGE_READWRITE As Long = &H4
  24.  
  25. Public Function Inyectar(Ruta As String, NameWindow As String, RutaDll As String) As Boolean
  26.     On Error GoTo Error
  27.     Dim IdWin As Long
  28.     Dim IdProc As Long
  29.     Dim ProcMan As Long
  30.     Dim EsMe As Long
  31.     Dim NBytes As Long
  32.     Dim Fun As Long
  33.     Dim IdHil As Long
  34.     ShellExecute 0, "open", Ruta, 0, 0, 0
  35.     Sleep (10000)
  36.     IdWin = FindWindow(vbNullString, NameWindow)
  37.     If IdWin = 0 Then GoTo Error
  38.     GetWindowThreadProcessId IdWin, IdProc
  39.     If IdProc = 0 Then GoTo Error
  40.     ProcMan = OpenProcess(PROCESS_ALL_ACCESS, False, IdProc)
  41.     Debug.Print Err.LastDllError
  42.     If ProcMan = 0 Then GoTo Error
  43.     EsMe = VirtualAllocEx(ProcMan, 0, Len(RutaDll), MEM_COMMIT, PAGE_READWRITE)
  44.     Debug.Print Err.LastDllError
  45.     WriteProcessMemory ProcMan, ByVal EsMe, ByVal RutaDll, Len(RutaDll), NBytes
  46.     Fun = GetProcAddress(GetModuleHandle("kernel32.dll"), "LoadLibraryA")
  47.     CreateRemoteThread ProcMan, ByVal 0, 0, ByVal Fun, ByVal EsMe, 0, IdHil
  48.     CloseHandle ProcMan
  49.     Inyectar = True
  50.     Exit Function
  51. Error:
  52.     MsgBox "Error al inyectar la DLL", vbCritical, "Error"
  53.     Inyectar = False
  54. End Function

Ejemplo de uso ( en un modulo):

Código: Visual Basic
  1. Sub main()
  2.     Dim retorno As Boolean
  3.     retorno = Inyectar("c:\windows\system32\calc.exe", "Calculadora", "C:\fary.dll")
  4.     If retorno = 0 Then
  5.         MsgBox "La Dll no se pudo inyectar"
  6.     Else
  7.         MsgBox "La Dll se a inyectado con Exito"
  8.     End If
  9. End Sub


salu2!

« Última modificación: Mayo 12, 2014, 03:31:19 pm por Expermicid »

Desconectado _katze_

  • *
  • Underc0der
  • Mensajes: 37
  • Actividad:
    0%
  • Reputación 0
    • Ver Perfil
    • Email
« Respuesta #1 en: Agosto 30, 2010, 08:56:04 pm »
esto si es un aporte voy a probar aver q pasa!

Desconectado Dr0B4ck

  • *
  • Underc0der
  • Mensajes: 51
  • Actividad:
    0%
  • Reputación 0
  • Todos somos muy ignorantes. Lo que ocurre es que no todos ignoramos las mismas cosas...
    • MSN Messenger - dr0b4ck@hotmail.com
    • AOL Instant Messenger - dr0b4ck@hotmail.com
    • Yahoo Instant Messenger - dr0b4ck@hotmail.com
    • Ver Perfil
    • dr0b4ck-lab
« Respuesta #2 en: Octubre 28, 2011, 02:12:00 am »
nada mal men le veo muy beuna programacion espero sigas aportando mas...
[♠] [♦] [♣] [♥] カřθBમčאּ[♠] [♦] [♣] [♥]

 

¿Te gustó el post? COMPARTILO!