DLL Injection, Help please

This is a discussion on DLL Injection, Help please within the C Programming forums, part of the General Programming Boards category; This code made for DLL injection to a MineSweeper Game. What it does is: Set Timer from 20 seconds to ...

  1. #1
    Registered User
    Join Date
    May 2010
    Posts
    15

    DLL Injection, Help please

    This code made for DLL injection to a MineSweeper Game.
    What it does is: Set Timer from 20 seconds to 100 seconds.
    My problem is that it only executes once and it doesn’t work on the 2nd try, please help. I want this code to work every time you reset your game.


    Code:
    #include <windows.h>
     //Define variables
    DWORD ThreadID;
    int *time = (int*)0x0100579C; 
     DWORD WINAPI changeTime(LPVOID lParam) {
    while(1)
    if(*time >= 20) { 
    *time = 100; 
    return 0;
    }
    }
    BOOL APIENTRY DllMain(HINSTANCE hDll, DWORD callReason, LPVOID lpReserved) {
     if(callReason == DLL_PROCESS_ATTACH) {
                 CreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)&changeTime, 0, 0, &ThreadID);
     }    
     return 1;
    }

  2. #2
    Captain Crash brewbuck's Avatar
    Join Date
    Mar 2007
    Location
    Portland, OR
    Posts
    7,249
    No way in hell would that ever work. Nothing ever calls changeTime(). Although the basic structure of your DLL injection is there. As this can be used for quite nefarious purposes, I'll leave it there. If you can figure it out based on what you can find online by yourself, you deserve it. Otherwise, not.

    Some moderator might take issue with this topic, but they can scold me later. Hacking Windows Minesweeper? Come on, that's like required reading for being a true geek.

    EDIT: okay, okay, my comments include some deliberate obscurity and inaccuracy. we have to keep the game interesting, right?
    Last edited by brewbuck; 05-04-2010 at 10:01 PM.
    Code:
    //try
    //{
    	if (a) do { f( b); } while(1);
    	else   do { f(!b); } while(1);
    //}

  3. #3
    Registered User
    Join Date
    May 2010
    Posts
    15
    it already works(try it if you want), how to loop injected dll's tasks?

  4. #4
    Captain Crash brewbuck's Avatar
    Join Date
    Mar 2007
    Location
    Portland, OR
    Posts
    7,249
    Quote Originally Posted by AlexWu View Post
    it already works(try it if you want), how to loop injected dll's tasks?
    Okay, big hint. Bigger than is probably necessary. Do you think that the "int *time" variable maybe should be declared as volatile? Also, how do you expect the loop to continue when it included a return statement?

    BTW, hard-coding the vmaddr is simply bad form. Yuck.
    Code:
    //try
    //{
    	if (a) do { f( b); } while(1);
    	else   do { f(!b); } while(1);
    //}

  5. #5
    Registered User
    Join Date
    May 2010
    Posts
    15
    Tried still works on the 1st try only :\

  6. #6
    Registered User
    Join Date
    May 2010
    Posts
    15
    Guys, can someone help me how to loop my program without breaking it please?

  7. #7
    Captain Crash brewbuck's Avatar
    Join Date
    Mar 2007
    Location
    Portland, OR
    Posts
    7,249
    Quote Originally Posted by AlexWu View Post
    Guys, can someone help me how to loop my program without breaking it please?
    Dude, your loop HAS A RETURN STATEMENT IN IT.
    Code:
    //try
    //{
    	if (a) do { f( b); } while(1);
    	else   do { f(!b); } while(1);
    //}

  8. #8
    Registered User
    Join Date
    May 2010
    Posts
    15
    I know, this is my problem.
    if i change it to "return FALSE;" dll will show error while injecting.
    How should i do it :\?

  9. #9
    Captain Crash brewbuck's Avatar
    Join Date
    Mar 2007
    Location
    Portland, OR
    Posts
    7,249
    Quote Originally Posted by AlexWu View Post
    I know, this is my problem.
    if i change it to "return FALSE;" dll will show error while injecting.
    How should i do it :\?
    How surprising that when you return an error code from DllMain() it results in an error. Hmm, I wonder what you should do...

    Remove the return statement, silly.
    Code:
    //try
    //{
    	if (a) do { f( b); } while(1);
    	else   do { f(!b); } while(1);
    //}

  10. #10
    Registered User
    Join Date
    May 2010
    Posts
    15
    Love you! Is here way to give you reputation points?

  11. #11
    Captain Crash brewbuck's Avatar
    Join Date
    Mar 2007
    Location
    Portland, OR
    Posts
    7,249
    Quote Originally Posted by AlexWu View Post
    Love you! Is here way to give you reputation points?
    I don't think I would deserve a reputation point for pointing out that a return statement in a loop halts the loop.

    And no, there's no such system here.
    Code:
    //try
    //{
    	if (a) do { f( b); } while(1);
    	else   do { f(!b); } while(1);
    //}

  12. #12
    ...and never returned. StainedBlue's Avatar
    Join Date
    Aug 2009
    Posts
    168
    Quote Originally Posted by brewbuck View Post
    BTW, hard-coding the vmaddr is simply bad form. Yuck.
    just out of curiosity, whats a better method for hooking the virtual memory (if thats whats in-fact going on here), i really dont know much about the win32 Api, but i found all this quite interesting.

    Also, from what i was reading off of msdn, it sounds like using dll-thread-attach is prerty much a dead-end for malicious dll injection. Is that true?
    goto( comeFrom() );

  13. #13
    Captain Crash brewbuck's Avatar
    Join Date
    Mar 2007
    Location
    Portland, OR
    Posts
    7,249
    Quote Originally Posted by StainedBlue View Post
    just out of curiosity, whats a better method for hooking the virtual memory (if thats whats in-fact going on here), i really dont know much about the win32 Api, but i found all this quite interesting.
    You have to find the address manually, but I'd at least make it a command line parameter instead of a constant in the code.

    Also, from what i was reading off of msdn, it sounds like using dll-thread-attach is prerty much a dead-end for malicious dll injection. Is that true?
    I don't know, I have no experience with the technique for malicious purposes. I've only used it for Forces Of Good.
    Code:
    //try
    //{
    	if (a) do { f( b); } while(1);
    	else   do { f(!b); } while(1);
    //}

Popular pages Recent additions subscribe to a feed

Similar Threads

  1. Dll Injection Question
    By zenox in forum C Programming
    Replies: 13
    Last Post: 03-15-2008, 10:54 AM
  2. problem- injection dll thru remotethread
    By Brij in forum Windows Programming
    Replies: 11
    Last Post: 10-30-2006, 12:45 AM
  3. dll communicating between each other
    By cloudy in forum C++ Programming
    Replies: 5
    Last Post: 06-17-2005, 02:20 AM
  4. DLL and std::string woes!
    By Magos in forum C++ Programming
    Replies: 7
    Last Post: 09-08-2004, 12:34 PM
  5. dll injection - 99% CPU Usage
    By Andrew_5342 in forum Windows Programming
    Replies: 2
    Last Post: 05-20-2003, 11:27 PM

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21