x1nixmzeng Posted October 19, 2008 Share Posted October 19, 2008 Hi all, I'm new to autoit, I found a code to inject a dll inside a process. But it's not working I get instruction blah at referenced memory blah, memory could not be read error. Anyone knows why? It comes in 2 parts. _InjectDll_v2.au3 expandcollapse popup#include-once Func _InjectDll($a, $dllpath, $hWnd_or_pid=0) ;make sure the user passed valid parameters If $a <= 0 Then SetError(-1) Return False ElseIf StringLen($dllpath) <= 4 Or StringRight($dllpath, 4) <> ".dll" Then SetError(-2) Return False EndIf Local $pid, $pHandle, $pLibRemote, $modHandle, $LoadLibraryA, $hThread ;open dll that we'll be using Local $kernel32 = DllOpen("kernel32.dll") If $hWnd_or_pid = 0 Then ;get the pid from the window provided $pid = DllCall("user32.dll", "int", "GetWindowThreadProcessId", "hwnd", $a, "int_ptr", 0) If IsArray($pid) Then $pid = $pid[2] Else SetError(-3) Return False EndIf Else $pid = $a EndIf ;open the process for writing $pHandle = DllCall($kernel32, "int", "OpenProcess", "int", 0x1F0FFF, "int", 0, "int", $pid) If IsArray($pHandle) And $pHandle[0] > 0 Then $pHandle = $pHandle[0] Else SetError(-4) Return False EndIf $pLibRemote = DllCall($kernel32, "int", "VirtualAllocEx", "int", $pHandle, "short", 0, "int", 0x1000, "int", 0x1000, "int", 4) If IsArray($pLibRemote) Then If $pLibRemote[0] > 0 Then ;debug ConsoleWrite("0x" & Hex($pLibRemote[0], 8) & @CR) $pLibRemote = $pLibRemote[0] Else SetError(-5) Return False EndIf Else SetError(-6) Return False EndIf For $i = 0 To StringLen($dllpath) $ret = DllCall("kernel32.dll", "int", "WriteProcessMemory", "int", $pHandle, "int", $pLibRemote + $i, "int_ptr", Asc(StringMid($dllpath, $i + 1, 1)), "int", 1, "int", 0) If IsArray($ret) Then If $ret[0] = 0 Then SetError(-7) Return False EndIf Else SetError(-8) Return False EndIf Next $modHandle = DllCall($kernel32, "long", "GetModuleHandle", "str", "kernel32.dll") If IsArray($modHandle) Then If $modHandle[0] > 0 Then $modHandle = $modHandle[0] ConsoleWrite($modHandle & @CRLF) Else SetError(-9) Return False EndIf Else SetError(-10) Return False EndIf $LoadLibraryA = DllCall($kernel32, "long", "GetProcAddress", "long", $modHandle, "str", "LoadLibraryA") If IsArray($LoadLibraryA) Then If $LoadLibraryA[0] > 0 Then $LoadLibraryA = $LoadLibraryA[0] ConsoleWrite($LoadLibraryA & @CRLF) Else SetError(-11) Return False EndIf Else SetError (-12) Return False EndIf $hThread = DllCall($kernel32, "int", "CreateRemoteThread", "int", $pHandle, "int", 0, "int", 0, "long", $LoadLibraryA, "long", $pLibRemote, "int", 0, "int", 0) If IsArray($hThread) Then ConsoleWrite($hThread[0] & @CR) If $hThread[0] > 0 Then $hThread = $hThread[0] Else SetError(-13) Return False EndIf Else SetError(-14) Return False EndIf DllCall($kernel32, "int", "VirtualFreeEx", "int", $pHandle, "int", $pLibRemote, "int", 0x1000, "int", 0x8000) DllCall($kernel32, "int", "CloseHandle", "int", $hThread) DllCall($kernel32, "int", "CloseHandle", "int", $pHandle) DllClose($kernel32) Return True EndFunc Dll Handler expandcollapse popup#include "_InjectDll_v2.au3" #include <GUIConstants.au3> Opt("GUICloseOnEsc", 0) Opt("GUIOnEventMode", 1) HotKeySet("{END}", "ToggleSpeeder") ;MsgBox(64, "RET", _InjectDll(ProcessExists("DarkagesMI.exe"), @ScriptDir & "\speedhack.dll", 1)) Global $speedvalue = 200, $speedenabled = False Global $speedhack = DllOpen("speedhack.dll") Global $timer, $disconnectcheck ;disable the speeder DllCall($speedhack, "none", "SetSpeedEnabled", "int", 0) #region GUI ;THE GUI Global $gui = GUICreate("SpeedHandler", 300, 120, -1, -1) GUISetOnEvent($GUI_EVENT_CLOSE, "_Closing") ;THE SPEEDHANDLER SLIDER GROUP Global $g_groupSpeedHandler = GUICtrlCreateGroup("SpeedHandler", 5, 0, 290, 50) ;THE SLIDER Global $g_sliderSpeedHandler = GUICtrlCreateSlider(10, 15, 280, 15) GUICtrlSetOnEvent(-1, "g_sliderSpeedHandler") GUICtrlSetLimit(-1, 100, 0) GUICtrlSetData(-1, 20) ;THE LABEL Global $g_labelSpeedHandler = GUICtrlCreateLabel("Value: 2.00", 10, 30, 280, 15) ;THE INJECTION GROUP Global $g_groupInjection = GUICtrlCreateGroup("Injection", 5, 50, 290, 66) ;THE INJECTION LABEL Global $g_labelProcessList = GUICtrlCreateLabel("Process to inject:", 10, 65, 120, 15) ;THE PROCESS LIST COMBO BOX Global $g_comboProcessList = GUICtrlCreateCombo("Choose a process...", 95, 60, 195, 15) GUICtrlSetData(-1, _FormatProcessList()) ;THE INJECT BUTTON Global $g_btnInject = GUICtrlCreateButton("Inject", 10, 85, 135, 25) GUICtrlSetOnEvent(-1, "g_btnInjectHandler") ;THE PROCESS LIST REFRESH BUTTON Global $g_btnRefresh = GUICtrlCreateButton("Refresh Process List", 150, 85, 135, 25) GUICtrlSetOnEvent(-1, "g_btnRefreshHandler") #endregion GUISetState(@SW_SHOW) While 1 Sleep(500) WEnd Func ToggleSpeeder() $speedenabled = Not $speedenabled DllCall($speedhack, "none", "SetSpeedEnabled", "int", $speedenabled) If $speedenabled Then $timer = TimerInit() $disconnectcheck = True AdlibEnable("SpeedTimer") Else $disconnectcheck = False AdlibDisable() EndIf EndFunc Func SpeedTimer() If $disconnectcheck And TimerDiff($timer) >= 3000 Then DllCall($speedhack, "none", "SetSpeedEnabled", "int", False) $timer = TimerInit() $disconnectcheck = False ElseIf Not $disconnectcheck And TimerDiff($timer) >= 1000 Then DllCall($speedhack, "none", "SetSpeedEnabled", "int", True) $timer = TimerInit() $disconnectcheck = True EndIf EndFunc Func _FormatProcessList() Local $list = ProcessList() Local $retstr = 0 For $i = 1 To $list[0][0] $retstr = $retstr & $list[$i][0] If $i < $list[0][0] Then $retstr = $retstr & "|" Next Return $retstr EndFunc Func OnAutoItExit() DllClose($speedhack) EndFunc Func _Closing() Exit EndFunc Func g_sliderSpeedHandler() $speedvalue = GUICtrlRead($g_sliderSpeedHandler) DllCall($speedhack, "none", "SetSpeedFactor", "uint", $speedvalue * 10) GUICtrlSetData($g_labelSpeedHandler, "Value: " & StringFormat("%.02f", $speedvalue/10)) EndFunc Func g_btnInjectHandler() If StringRight(StringLower(GUICtrlRead($g_comboProcessList)), 4) = ".exe" Then _InjectDll(ProcessExists(GUICtrlRead($g_comboProcessList)), @ScriptDir & "\speedhack.dll", 1) EndIf EndFunc Func g_btnRefreshHandler() GUICtrlSetData($g_comboProcessList, "") GUICtrlSetData($g_comboProcessList, "Choose a process...") GUICtrlSetData($g_comboProcessList, _FormatProcessList()) EndFunc Is there a way to debug this piece of code? Thanks a lot! Link to comment Share on other sites More sharing options...
x1nixmzeng Posted October 23, 2008 Author Share Posted October 23, 2008 any ideas anyone? Thanks a lot! Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now