Last active
December 3, 2023 15:42
-
-
Save es3n1n/cbfa18457fd3e6fa30c6f40a48fa4321 to your computer and use it in GitHub Desktop.
LoadLibraryA (LLA) injector
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#include "injector.h" | |
#include <TlHelp32.h> | |
#include <stdio.h> | |
#define INJECTOR_FAIL(s) { printf(s " Error code: %d\n", GetLastError( ) ); return false; } | |
namespace injector { | |
namespace detail { | |
bool fixed_csgo = false; | |
void* get_process_by_name( const wchar_t* name ) { | |
void* thSnapShot = CreateToolhelp32Snapshot( TH32CS_SNAPPROCESS, 0 ); | |
if ( thSnapShot == INVALID_HANDLE_VALUE ) | |
return nullptr; | |
PROCESSENTRY32W pe; | |
pe.dwSize = sizeof( PROCESSENTRY32W ); | |
unsigned long ret = 0; | |
for ( bool proc = Process32FirstW( thSnapShot, &pe ); proc; proc = Process32NextW( thSnapShot, &pe ) ) { | |
if ( wcscmp( pe.szExeFile, name ) ) | |
continue; | |
ret = pe.th32ProcessID; | |
break; | |
} | |
CloseHandle( thSnapShot ); | |
return ret ? OpenProcess( PROCESS_ALL_ACCESS, false, ret ) : nullptr; | |
} | |
} | |
bool inject( const wchar_t* proc, const char* path ) { | |
HANDLE proc_handle = detail::get_process_by_name( proc ); | |
if ( !detail::fixed_csgo && proc_handle && !wcscmp( proc, L"csgo.exe" ) ) { | |
HMODULE ntdll = GetModuleHandleW( L"ntdll.dll" ); | |
if ( !ntdll ) | |
INJECTOR_FAIL( "csgo patcher: Failed to find ntdll module." ); | |
void* load_dll = GetProcAddress( ntdll, "LdrLoadDll" ); | |
void* open_file = GetProcAddress( ntdll, "NtOpenFile" ); | |
if ( !load_dll || !open_file ) | |
INJECTOR_FAIL( "csgo patcher: Failed to find functions to patch." ); | |
WriteProcessMemory( proc_handle, load_dll, load_dll, 10, nullptr ); | |
WriteProcessMemory( proc_handle, open_file, open_file, 10, nullptr ); | |
detail::fixed_csgo = true; | |
} | |
return ::injector::inject( proc_handle, path ); | |
} | |
bool inject( HANDLE proc, const char* path ) { | |
if ( !proc ) | |
INJECTOR_FAIL( "Failed to open a process. Make sure injector is running as an admin." ); | |
char full_path[ 260 ]; | |
if ( !GetFullPathNameA( path, sizeof( full_path ), full_path, nullptr ) ) | |
INJECTOR_FAIL( "Failed to find a dll." ); | |
HMODULE kernel32 = GetModuleHandleW( L"kernel32.dll" ); | |
if ( !kernel32 ) | |
INJECTOR_FAIL( "Failed to get kernel32.dll handle." ); | |
void* lla = reinterpret_cast< void* >( GetProcAddress( kernel32, "LoadLibraryA" ) ); | |
if ( !lla ) | |
INJECTOR_FAIL( "Failed to find LoadLibraryA function." ); | |
void* str = VirtualAllocEx( proc, nullptr, strlen( full_path ), MEM_RESERVE | MEM_COMMIT, PAGE_EXECUTE_READWRITE ); | |
if ( !str ) | |
INJECTOR_FAIL( "Failed to allocate memory region for str." ); | |
WriteProcessMemory( proc, str, full_path, strlen( full_path ), nullptr ); | |
CreateRemoteThread( proc, nullptr, 0, reinterpret_cast< LPTHREAD_START_ROUTINE >( lla ), str, 0, nullptr ); | |
CloseHandle( proc ); | |
return true; | |
} | |
} | |
#undef INJECTOR_FAIL |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#pragma once | |
#include <Windows.h> | |
namespace injector { | |
namespace detail { | |
extern bool fixed_csgo; | |
void* get_process_by_name( const wchar_t* name ); | |
} | |
bool inject( const wchar_t* proc, const char* path ); | |
bool inject( HANDLE proc, const char* path ); | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#include "injector/injector.h" | |
int main( ) { | |
if ( !injector::inject( L"csgo.exe", "bruh.dll" ) ) | |
system( "pause" ); | |
return EXIT_SUCCESS; | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment