Little injector made based on tutorial/source code

1. #include "Injector.h"
2.  
3. HANDLE CInjector::GetProcessByName(const std::string& strProcessName)
4. {
5.     PROCESSENTRY32 ProcessInfo;
6.     ProcessInfo.dwSize = sizeof(PROCESSENTRY32);
7.  
8.     HANDLE hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, NULL);
9.     if (hSnapshot == INVALID_HANDLE_VALUE) return NULL;
10.  
11.     Process32First(hSnapshot, &ProcessInfo);
12.     if (strProcessName.find(ProcessInfo.szExeFile) != std::string::npos)
13.     {
14.         CloseHandle(hSnapshot);
15.         if (!ProcessInfo.th32ProcessID) return NULL;
16.         return OpenProcess(PROCESS_ALL_ACCESS, 0, ProcessInfo.th32ProcessID);
17.     }
18.  
19.     while (Process32Next(hSnapshot, &ProcessInfo))
20.     {
21.         if (strProcessName.find(ProcessInfo.szExeFile) != std::string::npos)
22.         {
23.             CloseHandle(hSnapshot);
24.             if (!ProcessInfo.th32ProcessID) return NULL;
25.             //return OpenProcess(PROCESS_VM_OPERATION | PROCESS_VM_WRITE | PROCESS_CREATE_THREAD | PROCESS_QUERY_INFORMATION, PROCESS_VM_READ, ProcessInfo.th32ProcessID);
26.             return OpenProcess(PROCESS_ALL_ACCESS, 0, ProcessInfo.th32ProcessID);
27.         }
28.     }
29.  
30.     CloseHandle(hSnapshot);
31.     return NULL;
32. }
33.  
34. bool CInjector::SetPrivilege(const std::string& strNamePrivilege, bool bEnableTF)
35. {
36.     HANDLE hToken;
37.     LUID SeValue;
38.     TOKEN_PRIVILEGES TokenPrivileges;
39.  
40.     if (!OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hToken))
41.         return false;
42.  
43.     if (!LookupPrivilegeValue(NULL, strNamePrivilege.c_str(), &SeValue))
44.     {
45.         CloseHandle(hToken);
46.         return false;
47.     }
48.  
49.     TokenPrivileges.PrivilegeCount = 1;
50.     TokenPrivileges.Privileges[0].Luid = SeValue;
51.     TokenPrivileges.Privileges[0].Attributes = bEnableTF ? SE_PRIVILEGE_ENABLED : 0;
52.  
53.     AdjustTokenPrivileges(hToken, FALSE, &TokenPrivileges, sizeof(TokenPrivileges), NULL, NULL);
54.     CloseHandle(hToken);
55.     return true;
56. }
57.  
58. bool CInjector::Inject(const std::string& strModulePath, const std::string& strProcessName)
59. {
60.     LPVOID lpRemoteString, lpLoadLibrary;
61.     HANDLE hThread, hProcess;
62.     DWORD dwOutput;
63.  
64.     if (!SetPrivilege("SeDebugPrivilege", true)) return false;
65.  
66.     hProcess = GetProcessByName(strProcessName);
67.     if (!hProcess) return false;
68.  
69.     lpLoadLibrary = (LPVOID)GetProcAddress(GetModuleHandle("kernel32.dll"), "LoadLibraryA");
70.     if (!lpLoadLibrary) return false;
71.  
72.     lpRemoteString = (LPVOID)VirtualAllocEx(hProcess, NULL, strlen(strModulePath.c_str()), MEM_RESERVE | MEM_COMMIT, PAGE_READWRITE);
73.     if (!lpRemoteString) return false;
74.  
75.     if (!WriteProcessMemory(hProcess, (LPVOID)lpRemoteString, strModulePath.c_str(), strlen(strModulePath.c_str()), NULL))
76.         return false;
77.  
78.     hThread = CreateRemoteThread(hProcess, NULL, NULL, (LPTHREAD_START_ROUTINE)lpLoadLibrary, (LPVOID)lpRemoteString, NULL, NULL);
79.     if (!hThread) return false;
80.     else
81.     {
82.         while (GetExitCodeThread(hThread, &dwOutput))
83.             if (dwOutput != STILL_ACTIVE) break;
84.     }
85.  
86.     CloseHandle(hThread);
87.     CloseHandle(hProcess);
88.  
89.     return true;
90. }