article

DLL Injection -- Part ONE

Email
Submitted on: 1/4/2015 4:44:00 PM
By: Nasser Remy Rowhani (from psc cd)  
Level: Advanced
User Rating: By 7 Users
Compatibility: C++ (general), Microsoft Visual C++, Borland C++
Views: 1054
 
     This article -- PART ONE
will teach you how to inject a dll into a process. First, read this section. once you get the hang of it, The REAL stuff come in PART TWO,,where we fool around with asm OPCODES YAAAAAAY


This is my first article in this site,, so support me,, sorry if i made any mistakes, or spelling mistakes,, or or or... i donno
Anyway, It's time to rock! Time to have fun...

This article has accompanying files
 
				I'll tell you what DLL Injection is...
"Injecting a dll into a running process, is inserting a dll into the process's address space.. as you all -shuld- know is that when you load a dll, it goes to your address space, which means that, your variables/memory in general, are all accessible with normal pointers by the dll itself."



i'll explain how it works on win95/98/ME/XP/2k/NT everywhere :D --i did it all on VC++6,, so i prefer this compiler,,,shuold work on .NET too, Prollly on earlier versions too, i donno :P


This is useful when you need to make an API Spy for example,
a program that saves a log file of API functions that were called in the program...
I made a WSOCK32.DLL spy for mirc.exe... (mIRC chat client)
MAN !!! i had fun!
I'll post the log file in here...
Basically, it gives you FULL control over an app.
Some of you script kiddies might think it's good for hacking, but once you get the hand of it, you'll have so much fun, that you'll drop hacking.
Hacking is bad. STAY AWAY FROM HACKERS


There are things you need to know before you read this article (Sorry couldn't just show 'em all, they're too much)

http://msdn.microsoft.com can be used to learn "ALL" of them

1) Memory management...You need to know how windows manages it's memory
2) PE Headers <--the most important thing if you're doin this in win9x/ME --
3) Basic debbuging APIs...These are some apis that allow you do debug a certain app
4) enough knowlege of asm...and OPCODES of instructions
5) should be able to code a dll of your own

hmmm I think, if you read the WHOLE section of "Base Services" in msdn library, you should be able to learn all them steps(including PE format) :P :P :P,,
don't worry, i'll help you enough to find the articles that you need except ASM ofcourse, need to get some small "asm tutorial", then learn some "32bit asm" (API)
then, you're all set


Firstly, let me tell you, i hate lazy ppl.
You want to learn dll injection? atleast be glad that i posted some info in here,
it took me a whole week to prepare an article like this. I'm not just giving you the butter, you need to research on your own...
i'm just giving you a starter, and enough info to search on your own.
If you don't like researching, then this article isn't for you. i'm sorry...
i told you, don't worry, i'm gonna make as simple as whistling dixie :DDD
---Oh, forgot to mention, I love you "Matt Pietrek" I love you. You are Number one!
I hope you read this! You can count me as one of your favorite
students :P :P :P lol



--don't worry, it's VERY VERY VERY easy to do this
I think i shouldn't have put it in the advanced section! Read the Tutor.txt file in the zip file

winzip iconDownload article

Note: Due to the size or complexity of this submission, the author has submitted it as a .zip file to shorten your download time. Afterdownloading it, you will need a program like Winzip to decompress it.Virus note:All files are scanned once-a-day by Planet Source Code for viruses, but new viruses come out every day, so no prevention program can catch 100% of them. For your own safety, please:
  1. Re-scan downloaded files using your personal virus checker before using it.
  2. NEVER, EVER run compiled files (.exe's, .ocx's, .dll's etc.)--only run source code.

If you don't have a virus scanner, you can get one at many places on the net including:McAfee.com


Other 1 submission(s) by this author

 


Report Bad Submission
Use this form to tell us if this entry should be deleted (i.e contains no code, is a virus, etc.).
This submission should be removed because:

Your Vote

What do you think of this article (in the Advanced category)?
(The article with your highest vote will win this month's coding contest!)
Excellent  Good  Average  Below Average  Poor (See voting log ...)
 

Other User Comments


 There are no comments on this submission.
 

Add Your Feedback
Your feedback will be posted below and an email sent to the author. Please remember that the author was kind enough to share this with you, so any criticisms must be stated politely, or they will be deleted. (For feedback not related to this particular article, please click here instead.)
 

To post feedback, first please login.