Injector

///-------------------------------------------------------------------------------------------------

/// Author: ReactiioN

/// Created: 11.05.2017

///

/// Last modified by: ReactiioN

/// Last modified on: 11.05.2017

///-------------------------------------------------------------------------------------------------

/// Copyright© ReactiioN <https://reactiion.pw>.All rights reserved.

///-------------------------------------------------------------------------------------------------

#pragma once

/// https://msdn.microsoft.com/de-de/library/windows/desktop/ff818516(v=vs.85).aspx

#include <Windows.h>

/// https://msdn.microsoft.com/de-de/library/windows/desktop/ms686701(v=vs.85).aspx

#include <TlHelp32.h>

/// http://en.cppreference.com/w/cpp/header/string

#include <string>

/// http://en.cppreference.com/w/cpp/header/unordered_map

#include <unordered_map>

 

///-------------------------------------------------------------------------------------------------

/// <summary> A win32/64 .dll injector. </summary>

///

/// <remarks> ReactiioN, 11.05.2017. </remarks>

///-------------------------------------------------------------------------------------------------

class Injector

{

/// <summary>

/// Information describing the proc.

/// </summary>

using ProcInfo = std::unordered_map<std::string, PROCESSENTRY32>;

 

/// <summary>

/// Information describing the module.

/// </summary>

using ModuleInfo = std::unordered_map<std::string, MODULEENTRY32>;

 

public:

///-------------------------------------------------------------------------------------------------

/// <summary> Default constructor. </summary>

///

/// <remarks> ReactiioN, 11.05.2017. </remarks>

///-------------------------------------------------------------------------------------------------

Injector() = default;

 

///-------------------------------------------------------------------------------------------------

/// <summary> Injects the given file. </summary>

///

/// <remarks> ReactiioN, 11.05.2017. </remarks>

///

/// <param name="filename"> Filename of the file. </param>

///

/// <returns> True if it succeeds, false if it fails. </returns>

///-------------------------------------------------------------------------------------------------

bool inject( const std::string& filename );

 

///-------------------------------------------------------------------------------------------------

/// <summary> Injects. </summary>

///

/// <remarks> ReactiioN, 11.05.2017. </remarks>

///

/// <param name="pid"> The PID. </param>

/// <param name="filename"> Filename of the file. </param>

///

/// <returns> True if it succeeds, false if it fails. </returns>

///-------------------------------------------------------------------------------------------------

bool inject( const uint32_t pid, const std::string& filename );

 

///-------------------------------------------------------------------------------------------------

/// <summary> Determines if we can parse process modules. </summary>

///

/// <remarks> ReactiioN, 11.05.2017. </remarks>

///

/// <returns> True if it succeeds, false if it fails. </returns>

///-------------------------------------------------------------------------------------------------

bool parse_process_modules();

 

///-------------------------------------------------------------------------------------------------

/// <summary> Searches for the first target process. </summary>

///

/// <remarks> ReactiioN, 11.05.2017. </remarks>

///

/// <param name="process_name"> Name of the process. </param>

///

/// <returns> True if it succeeds, false if it fails. </returns>

///-------------------------------------------------------------------------------------------------

bool find_target_process( const std::string& process_name );

 

///-------------------------------------------------------------------------------------------------

/// <summary> Gets loaded modules. </summary>

///

/// <remarks> ReactiioN, 11.05.2017. </remarks>

///

/// <returns> The loaded modules. </returns>

///-------------------------------------------------------------------------------------------------

inline const ModuleInfo& get_loaded_modules() const;

 

///-------------------------------------------------------------------------------------------------

/// <summary> Parse loaded modules. </summary>

///

/// <remarks> ReactiioN, 11.05.2017. </remarks>

///

/// <returns> A ModuleInfo. </returns>

///-------------------------------------------------------------------------------------------------

ModuleInfo parse_loaded_modules() const;

 

///-------------------------------------------------------------------------------------------------

/// <summary> Ejects the given module name. </summary>

///

/// <remarks> ReactiioN, 11.05.2017. </remarks>

///

/// <param name="module_name"> Name of the module. </param>

///-------------------------------------------------------------------------------------------------

void eject( const std::string& module_name );

 

///-------------------------------------------------------------------------------------------------

/// <summary> Parse running proccesses. </summary>

///

/// <remarks> ReactiioN, 11.05.2017. </remarks>

///

/// <returns> A ProcInfo. </returns>

///-------------------------------------------------------------------------------------------------

static ProcInfo parse_running_proccesses();

 

///-------------------------------------------------------------------------------------------------

/// <summary> Parse loaded modules. </summary>

///

/// <remarks> ReactiioN, 11.05.2017. </remarks>

///

/// <param name="pid"> The PID. </param>

///

/// <returns> A ModuleInfo. </returns>

///-------------------------------------------------------------------------------------------------

static ModuleInfo parse_loaded_modules( const uint32_t pid );

 

///-------------------------------------------------------------------------------------------------

/// <summary> Gets directory file path. </summary>

///

/// <remarks> ReactiioN, 11.05.2017. </remarks>

///

/// <param name="file"> The file. </param>

///

/// <returns> The directory file path. </returns>

///-------------------------------------------------------------------------------------------------

static std::string get_directory_file_path( const std::string& file );

 

private:

/// <summary>

/// Identifier for the process.

/// </summary>

uint32_t m_processId = 0;

/// <summary>

/// The function of LoadLibrarA.

/// </summary>

uintptr_t m_loadLibrary = 0;

/// <summary>

/// The loaded modules.

/// </summary>

ModuleInfo m_loadedModules;

};

 

inline const Injector::ModuleInfo& Injector::get_loaded_modules() const

{

return m_loadedModules;

}

 

///-------------------------------------------------------------------------------------------------

/// End of injector.hpp

///-------------------------------------------------------------------------------------------------

#include "injector.hpp"

/// http://en.cppreference.com/w/cpp/header/codecvt

#include <codecvt>

/// http://en.cppreference.com/w/cpp/header/fstream

#include <fstream>

 

inline std::string unicode_to_string( const std::wstring& unicode_string )

{

static std::wstring_convert<

std::codecvt_utf8_utf16<int16_t>, int16_t

> conversion;

return conversion.to_bytes( reinterpret_cast<const int16_t*>( unicode_string.data() ) );

}

 

bool Injector::inject( const std::string& filename )

{

return inject( m_processId, filename );

}

 

bool Injector::inject( const uint32_t pid, const std::string& filename )

{

if( !m_loadLibrary ) {

auto kernel32 = GetModuleHandleA( "kernel32.dll" );

if( !kernel32 ) {

return false;

}

 

m_loadLibrary = reinterpret_cast<uintptr_t>( GetProcAddress( kernel32, "LoadLibraryA" ) );

if( !m_loadLibrary ) {

return false;

}

}

 

/// check if the file exists

std::fstream bin( filename, std::ios::in | std::ios_base::binary );

if( !bin ) {

printf( "invalid file\n" );

return false;

}

 

/// check if the module is loaded

auto temp_name = filename;

const auto pos = temp_name.find_last_of( "\\" );

if( pos != std::string::npos ) {

temp_name.erase( 0, pos + 1 );

}

 

if( parse_loaded_modules( pid ).count( temp_name ) != 0 ) {

return false;

}

 

HANDLE process_handle = nullptr;

void* data = nullptr;

 

auto safe_exit = [&process_handle, &data]{

if( process_handle ) {

if( data ) {

VirtualFreeEx( process_handle, data, 0, MEM_RELEASE );

data = nullptr;

}

CloseHandle( process_handle );

process_handle = nullptr;

}

return false;

};

 

/// try to open a process handle to the target process id

process_handle = OpenProcess( PROCESS_ALL_ACCESS, FALSE, pid );

if( process_handle == INVALID_HANDLE_VALUE ) {

return safe_exit();

}

 

/// calculate the length of the filename which gets written

/// into the target process

const auto data_size = filename.length() + 1;

data = VirtualAllocEx(

process_handle,

nullptr,

static_cast<DWORD>( data_size ),

MEM_RESERVE | MEM_COMMIT,

PAGE_READWRITE

);

if( !data ) {

return safe_exit();

}

 

/// write the filename(absolute path) into the target process

if( !WriteProcessMemory(

process_handle,

data,

filename.data(),

data_size,

nullptr

) ) {

return safe_exit();

}

 

/// create a thread in our target process and try to call

/// their LoadLibraryA

auto thread_handle = CreateRemoteThread(

process_handle,

nullptr,

0,

reinterpret_cast<LPTHREAD_START_ROUTINE>( m_loadLibrary ),

data,

0,

nullptr

);

if( thread_handle == INVALID_HANDLE_VALUE ) {

return safe_exit();

}

 

/// Wait unitl DllMain returns something

WaitForSingleObject( thread_handle, INFINITE );

 

/// free data

return !safe_exit();

}

 

bool Injector::parse_process_modules()

{

m_loadedModules = parse_loaded_modules();

return !m_loadedModules.empty();

}

 

bool Injector::find_target_process( const std::string& process_name )

{

for( const auto& kp : parse_running_proccesses() ) {

if( !process_name.compare( kp.first ) ) {

m_processId = kp.second.th32ProcessID;

return true;

}

}

return false;

}

 

Injector::ModuleInfo Injector::parse_loaded_modules() const

{

return std::move( parse_loaded_modules( m_processId ) );

}

 

void Injector::eject( const std::string& module_name )

{

if( !m_loadedModules.count( module_name ) ) {

return;

}

 

auto& mod_data = m_loadedModules.at( module_name );

FreeLibrary( mod_data.hModule );

 

m_loadedModules.erase( module_name );

 

parse_process_modules();

}

 

Injector::ProcInfo Injector::parse_running_proccesses()

{

auto snap = CreateToolhelp32Snapshot( TH32CS_SNAPPROCESS, 0 );

if( snap == INVALID_HANDLE_VALUE ) {

return {};

}

 

ProcInfo proc_info;

PROCESSENTRY32 proc_entry = { sizeof( PROCESSENTRY32 ) };

if( !!Process32First( snap, &proc_entry ) ) {

do {

proc_info.insert(

#ifdef _UNICODE

std::make_pair( unicode_to_string( proc_entry.szExeFile ), proc_entry )

#else

std::make_pair( proc_entry.szExeFile, proc_entry )

#endif

);

} while( !!Process32Next( snap, &proc_entry ) );

}

 

CloseHandle( snap );

 

return std::move( proc_info );

}

 

Injector::ModuleInfo Injector::parse_loaded_modules( const uint32_t pid )

{

if( !pid ) {

return {};

}

 

auto snap = CreateToolhelp32Snapshot( TH32CS_SNAPMODULE | TH32CS_SNAPMODULE32, pid );

if( snap == INVALID_HANDLE_VALUE ) {

return {};

}

 

ModuleInfo module_info;

MODULEENTRY32 module_entry = { sizeof( MODULEENTRY32 ) };

if( !!Module32First( snap, &module_entry ) ) {

do {

module_info.insert(

#ifdef _UNICODE

std::make_pair( unicode_to_string( module_entry.szModule ), module_entry )

#else

std::make_pair( module_entry.szModule, module_entry )

#endif

);

} while( !!Module32Next( snap, &module_entry ) );

}

 

CloseHandle( snap );

 

return std::move( module_info );

}

 

std::string Injector::get_directory_file_path( const std::string& file )

{

char buffer[ MAX_PATH + 1 ] = {};

GetCurrentDirectoryA( MAX_PATH + 1, buffer );

 

std::string directory( buffer );

directory.append( "\\" );

 

if( !file.empty() ) {

directory.append( file );

}

 

return directory;

}