Embedded Files
We don't display ads so we rely on your Bitcoin donations to 1KWEk9QaiJb2NwP5YFmR24LyUBa4JyuKqZ
Post date: Oct 17, 2010 10:52:20 PM
{
Create Process Ex Demo
by Aphex
This program demonstrates how to inject a DLL into a created process
using the Ex method. This method prevents any changes from being
noticed in the application being injected into. Commonly known as FWB++.
}
program CreateProcEx;uses Windows, afxCodeHook;var StartInfo: TStartupInfo; ProcInfo: TProcessInformation; BytesRead, Module, Process, Size: dword; Path: array [0..MAX_PATH] of char; Data: pointer;begin //get the dll data to inject Module := CreateFile(pchar('test.dll'), GENERIC_READ, FILE_SHARE_READ, nil, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, 0); Size := GetFileSize(Module, nil); GetMem(Data, Size); ReadFile(Module, Data^, Size, BytesRead, nil); CloseHandle(Module); //create process and inject ZeroMemory(@StartInfo, SizeOf(TStartupInfo)); StartInfo.cb := SizeOf(TStartupInfo); CreateProcessEx(nil, 'notepad.exe', nil, nil, False, 0, nil, nil, StartInfo, ProcInfo, Data); Process := ProcInfo.hProcess; FreeMem(Data); Sleep(3000); //kill the process TerminateProcess(Process, 0);end.test.dll
library test;uses Windows;procedure EntryPoint(Reason: dword); stdcall;begin if Reason = DLL_PROCESS_ATTACH then MessageBox(0, 'hi from notepad :)', 'afxCodeHook', 0);end;begin DLLProc := @EntryPoint; EntryPoint(DLL_PROCESS_ATTACH);end.Google Sites
Report abuse