Discussion in 'Mixed Languages' started by CODYQX4, Sep 16, 2011.
Yeah, good work Cody, really professional developement ...
Personally, I do not like use C++ to perform code injections into memory adresses, the real ways of it, is dumping the real adress to the offset allocated into memory, taking too long and not doing an automatic search, using dumpers to calc the memory path and convert to exact DWORD on start and end, and manually patching offset by offset...
C++ is just an extension of C and designed by Bjarne Strousup who invented the language so his friends would not have to learn assembler. Most of the kernels (Linux, Apple, Windows) are written in C or C++. What better tool exists to do the kind of manipulations that you're describing?
And regarding code injections...? Are these code injections into processes already running?, and do they inject code into the standard Dll initialization functions that are called when every Dll is loaded (DLL_PROCESS_ATTACH, DLL_PROCESS_DETACH, DLL_THREAD_ATTACH, DLL_THREAD_DETACH) or are you patching the Dll file itself? The easiest way to create a Dll hook is to modify the DLL_THREAD_ATTACH call to call extra code which you have injected into the address space of the Dll. There are also options to modify the import tables of executables using the M$ Detours project (search for Microsoft Research Detours).
I'm just interested in what you mean exactly.
Anything is possible with these languages, the problem is the complexity that involves only inject a simple code in a place of memory, need to convert and manipulate everything in DWORDs;
To simple path "55041-00168-305-190595-03-1033-3790.0000-2692009" PID Adress, you can work with 48 DWORDs, with exact location of the path one per one into memory, +48 to path other PIDs into empty offsets without crashing the application ;
With C#, has a automated tools to path a multiple strings into memory instantly .
And the other question, Code Injection?
Extra: Are these managed code Dll's or standard windows Dll's?