Advertisement
krot

DLL Injector

Aug 27th, 2016
259
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. include /masm32/include/masm32rt.inc
  2.  
  3. .data
  4.     kernel32    db "kernel32.dll"           ,0
  5.     loadlib     db "LoadLibraryA"           ,0
  6.     library     db "C:\msg.dll"             ,0
  7.     windowname  db "Untitled - Notepad"     ,0
  8.     injected    db "Successfully injected!" ,0
  9.  
  10. .data?
  11.     procid      dd ?
  12.     prochandle  dd ?
  13.     procaddress dd ?
  14.     handle      dd ?
  15.     address     dd ?
  16.     libsize     dd ?
  17.     thread      dd ?
  18.  
  19. .code
  20.  
  21. start:
  22.     push offset kernel32
  23.     call GetModuleHandle
  24.    
  25.     mov handle,eax
  26.     push offset library
  27.     call lstrlen
  28.    
  29.     add eax,1
  30.     mov libsize,eax
  31.     push offset loadlib
  32.     push handle
  33.     call GetProcAddress
  34.    
  35.     mov procaddress,eax
  36.    
  37.     push offset windowname
  38.     push NULL
  39.     call FindWindow
  40.    
  41.     push offset procid
  42.     push eax
  43.     call GetWindowThreadProcessId
  44.    
  45.     push procid
  46.     push 0
  47.     push PROCESS_ALL_ACCESS
  48.     call OpenProcess
  49.    
  50.     .if eax <1
  51.         ; error on opening process
  52.     .endif
  53.    
  54.     mov prochandle,eax
  55.    
  56.     push PAGE_READWRITE
  57.     push MEM_COMMIT
  58.     push libsize
  59.     push NULL
  60.     push prochandle
  61.     call VirtualAllocEx
  62.    
  63.     mov address,eax
  64.    
  65.     push NULL
  66.     push libsize
  67.     push offset library
  68.     push address
  69.     push prochandle
  70.     call WriteProcessMemory
  71.    
  72.     .if eax <1
  73.         ; error on wpm
  74.     .endif
  75.    
  76.     push NULL
  77.     push 0
  78.     push address
  79.     push procaddress
  80.     push 0
  81.     push NULL
  82.     push prochandle
  83.     call CreateRemoteThread
  84.  
  85.     mov thread,eax
  86.    
  87.     .if thread != 0
  88.         ;thread successfully created.
  89.     .elseif
  90.         jmp close
  91.     .endif
  92.    
  93.     push INFINITE
  94.     push offset thread
  95.     call WaitForSingleObject
  96.    
  97.     push offset thread
  98.     call CloseHandle
  99.    
  100.     push MEM_RELEASE
  101.     push libsize
  102.     push offset address
  103.     push prochandle
  104.     call VirtualFreeEx
  105.    
  106.     close:
  107.         push 0
  108.         call ExitProcess
  109. end start
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement