Like Tree6Likes

[Doubt] About DLL Injection

This is a discussion on [Doubt] About DLL Injection within the C Programming forums, part of the General Programming Boards category; Hey guys, I'm wondering if it's possible to call a function that is in process B VA space, by process ...

  1. #1
    Registered User
    Join Date
    Apr 2012
    Posts
    5

    [Doubt] About DLL Injection

    Hey guys,
    I'm wondering if it's possible to call a function that is in process B VA space, by process A.

    So far I've made a DLL injection, and the calls I make to process B are coming from a hooking function inside the DLL code. It's working like:
    Code:
    ...
    if (presedKey == F1)
        moveTo(DWORD x, DWORD y)
    ...
    
    void __stdcall moveTo(DWORD x, DWORD y)
    {
        typedef void (__stdcall *pFunctionAddress)(DWORD, DWORD);
        pFunctionAddress pMove = (pFunctionAddress)(MOVE_ADDRESS);
        pMove(x, y); 
    }
    However, since I'm dealing with GUI's and so, I want to be possible to call functions like that from my main program, not from the DLL.
    For now, the hooking stuff is just for testing purposes.

  2. #2
    Registered User
    Join Date
    Oct 2006
    Posts
    2,297
    it's unlikely that you'll get much help with DLL injection, since it's a commonly used method to take unauthorized control of a computer.
    Code:
    namespace life
    {
        const bool change = true;
    }

  3. #3
    - - - - - - - - oogabooga's Avatar
    Join Date
    Jan 2008
    Posts
    2,808
    Are both processes your programs?

    At any rate, there's a ton of info available on this elsewhere.
    The cost of software maintenance increases with the square of the programmer's creativity. - Robert D. Bliss

  4. #4
    Captain Crash brewbuck's Avatar
    Join Date
    Mar 2007
    Location
    Portland, OR
    Posts
    7,236
    Quote Originally Posted by Antony Kossoski View Post
    Hey guys,
    I'm wondering if it's possible to call a function that is in process B VA space, by process A.

    So far I've made a DLL injection, and the calls I make to process B are coming from a hooking function inside the DLL code. It's working like:
    Given that DLL injection on Windows is implemented by "calling a function that is in process B VA space, by process A," it seems you already know the solution to the problem.

    I won't describe how the first goal is achieved here, but presumably you already know the answer because you are already injecting a DLL.

    This topic is a gray area.
    Code:
    //try
    //{
    	if (a) do { f( b); } while(1);
    	else   do { f(!b); } while(1);
    //}

  5. #5
    11DE784A SirPrattlepod's Avatar
    Join Date
    Aug 2013
    Posts
    485
    Quote Originally Posted by brewbuck View Post
    This topic is a gray area.
    How is it gray (sic)? It's a perfectly legitimate question.

  6. #6
    11DE784A SirPrattlepod's Avatar
    Join Date
    Aug 2013
    Posts
    485
    Quote Originally Posted by Elkvis View Post
    it's unlikely that you'll get much help with DLL injection, since it's a commonly used method to take unauthorized control of a computer.
    More likely you don't have any idea what you're talking about...

  7. #7
    Registered User
    Join Date
    Oct 2006
    Posts
    2,297
    Quote Originally Posted by SirPrattlepod View Post
    How is it gray (sic)? It's a perfectly legitimate question.
    It's a gray area, because it's a common method for taking control of a computer without the knowledge of the user. SirPrattlePod, google dll injection attack, and you'll understand. This forum has rules about proliferating such knowledge, because experience has shown us that most of those asking for it do so with malicious intent.
    Code:
    namespace life
    {
        const bool change = true;
    }

  8. #8
    Stoned Witch Barney McGrew's Avatar
    Join Date
    Oct 2012
    Location
    astaylea
    Posts
    420
    I'm with you Elkvis, but I wouldn't stop there. I reckon we should ban people who encourage the use of debuggers too, since they're often used to read the memory of a running program, allowing Hackers to retrieve passwords and other sensitive data from them.

    I'd watch out for Hackers who study network protocols like ARP as well. Not a day goes by where I don't read about some Hacker who performed an ARP poisoning attack for spying and/or denial of service. And don't even get me started on those disgusting unix operating systems that allow Hackers to open raw network sockets.
    nonpuz and SirPrattlepod like this.

  9. #9
    Registered User
    Join Date
    Jun 2005
    Posts
    6,208
    No need to be sarcastic, Barney. Like it or not, Elkvis is correct.

    The owner of this site has the right to discourage certain types of information being posted on HIS site. If you don't like that, you can always go elsewhere. Like it or not, requests for information about DLL injection in forums like this are usually for nefarious reasons (hacking, cracking, privilege escalation, etc), so experienced members have some justification in treating such requests as being against site policy.

    Those who advocate debuggers here are advocating them as a tool for finding problems in software. I've yet to see any members here describing techniques to use a debugger for nefarious purposes.
    Elkvis likes this.
    Right 98% of the time, and don't care about the other 3%.

  10. #10
    Stoned Witch Barney McGrew's Avatar
    Join Date
    Oct 2012
    Location
    astaylea
    Posts
    420
    The owner of this site has the right to discourage certain types of information being posted on HIS site.
    I haven't seen him around so he doesn't count. ^_^

    Like it or not, requests for information about DLL injection in forums like this are usually for nefarious reasons (hacking, cracking, privilege escalation, etc), so experienced members have some justification in treating such requests as being against site policy.
    Breaking computer security can be good, wholesome fun that doesn't hurt anybody, it just depends on how you go about it. Sometimes I like to just grab a sledgehammer and smash into one of my old computers, y'know?

  11. #11
    Registered User
    Join Date
    Apr 2012
    Posts
    5
    Hey, thank you for the replies.

    I solved my problem by calling CreateRemoteThread on every function call, instead of just the one needed to injection.
    The problem is I had a single thread looping infinitly, calling functions from inside the DLL according to keyboard (and/or mouse) messages. By that, I don't see how it is possible to call those functions explicitly (from main).

    My approach consists on keeping functions like the one mentioned above in the DLL file, but now creating and using a thread per call, as said. I can retrieve their addresses (GetProcAddress), allocate memory in the remote process in order to use parameters (VirtualAllocEx), write them at that space (WriteProcessMemory), and finally use CreateRemoteThread passing functions address and parameters address.
    So far it's working perfectly, just like expected.


    And replying to some: I'm studying it just for fun and curiosity. No harm intended.

  12. #12
    Internet Superhero
    Join Date
    Sep 2006
    Location
    Denmark
    Posts
    964
    Quote Originally Posted by Antony Kossoski View Post
    Breaking computer security can be good, wholesome fun that doesn't hurt anybody, it just depends on how you go about it.
    I completely agree, and it seems to me that the OP does not have a hidden agenda in this case. However this is not always the case, and even when it is, and the OP receives instructions on how to perform DLL injection, the information would now be freely available to anyone else reading the thread, and the site could thus inadvertently be hosting content that could further the cause of script-kiddies and other scum of that kind.

    Therefore, no matter how good the intentions of the OP might be, discussions about such subjects should be (and is) against the rules of the board.
    How I need a drink, alcoholic in nature, after the heavy lectures involving quantum mechanics.

  13. #13
    Stoned Witch Barney McGrew's Avatar
    Join Date
    Oct 2012
    Location
    astaylea
    Posts
    420
    Sir, I believe you have the wrong rascal. Also, I believe I am too cool for rulez. You gots to look on the bright side, if we all talk about security holes and exploit them, maybe that'll motivate people to write less crappy software. ^_^

  14. #14
    Internet Superhero
    Join Date
    Sep 2006
    Location
    Denmark
    Posts
    964
    Quote Originally Posted by Barney McGrew View Post
    Sir, I believe you have the wrong rascal.
    No idea what happened to that quote.

    Also, I believe I am too cool for rulez. You gots to look on the bright side, if we all talk about security holes and exploit them, maybe that'll motivate people to write less crappy software. ^_^
    Or maybe it'll mean CBoard becomes the number one hit on Google for "How do i perform a cross site script attack?".
    Elkvis likes this.
    How I need a drink, alcoholic in nature, after the heavy lectures involving quantum mechanics.

  15. #15
    Stoned Witch Barney McGrew's Avatar
    Join Date
    Oct 2012
    Location
    astaylea
    Posts
    420
    I dunno if people are all that interested in stuff like that to keep the threads going. I think most people just respond to threads like this with "don't help him, it's against the rules" 'cause they don't really know anything about the topic at hand and just want to contribute something. Personally, I only respond to these threads to annoy the people who post comments like that, 'cause I don't really know anything about DLLs either -- I use loonickz and link my libraries statically.

Page 1 of 2 12 LastLast
Popular pages Recent additions subscribe to a feed

Similar Threads

  1. DLL Injection
    By Cr4zYPT in forum C Programming
    Replies: 7
    Last Post: 09-09-2011, 11:43 AM
  2. dll injection
    By mundaneblur in forum Windows Programming
    Replies: 0
    Last Post: 09-16-2010, 12:58 AM
  3. DLL Injection
    By n1mda in forum C Programming
    Replies: 25
    Last Post: 02-13-2008, 09:11 PM
  4. DLL Injection
    By Lionel in forum Windows Programming
    Replies: 1
    Last Post: 07-24-2005, 05:18 PM

Tags for this Thread


1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21