Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- include /masm32/include/masm32rt.inc
- .data
- kernel32 db "kernel32.dll" ,0
- loadlib db "LoadLibraryA" ,0
- library db "C:\msg.dll" ,0
- windowname db "Untitled - Notepad" ,0
- injected db "Successfully injected!" ,0
- .data?
- procid dd ?
- prochandle dd ?
- procaddress dd ?
- handle dd ?
- address dd ?
- libsize dd ?
- thread dd ?
- .code
- start:
- push offset kernel32
- call GetModuleHandle
- mov handle,eax
- push offset library
- call lstrlen
- add eax,1
- mov libsize,eax
- push offset loadlib
- push handle
- call GetProcAddress
- mov procaddress,eax
- push offset windowname
- push NULL
- call FindWindow
- push offset procid
- push eax
- call GetWindowThreadProcessId
- push procid
- push 0
- push PROCESS_ALL_ACCESS
- call OpenProcess
- .if eax <1
- ; error on opening process
- .endif
- mov prochandle,eax
- push PAGE_READWRITE
- push MEM_COMMIT
- push libsize
- push NULL
- push prochandle
- call VirtualAllocEx
- mov address,eax
- push NULL
- push libsize
- push offset library
- push address
- push prochandle
- call WriteProcessMemory
- .if eax <1
- ; error on wpm
- .endif
- push NULL
- push 0
- push address
- push procaddress
- push 0
- push NULL
- push prochandle
- call CreateRemoteThread
- mov thread,eax
- .if thread != 0
- ;thread successfully created.
- .elseif
- jmp close
- .endif
- push INFINITE
- push offset thread
- call WaitForSingleObject
- push offset thread
- call CloseHandle
- push MEM_RELEASE
- push libsize
- push offset address
- push prochandle
- call VirtualFreeEx
- close:
- push 0
- call ExitProcess
- end start
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement