From Collaborative RCE Tool Library

Jump to: navigation, search

DLL Injection Framework

Tool name: DLL Injection Framework
Rating: 5.0 (1 vote)
Author: Admiral                        
Website: http://www.ring3circus.com/downloads/dll-injection-framework
Current version: 1.0
Last updated: December 20, 2007
Direct D/L link: Locally archived copy
License type: Free / Open Source
Description: The process of remote function hooking via a DLL is notoriously messy, so I’ve tried to encapsulate as much of the mess as possible into a C++ class. Here’s an example of some client code that injects a DLL into Windows Calculator, then installs two hooks (one by name and another by address):

-----------------------------------------------------------------
// Create the injection object
DLLInjection injection("E:/Temp/HookDLL.dll");

// Find Calc.exe by its window
DWORD process_id = injection.GetProcessIDFromWindow(
"SciCalc",
"Calculator");

// Inject the DLL
HMODULE remote_module = injection.InjectDLL(process_id);

// Hook a DLL function (User32!SetWindowTextW)
HDLLHOOK swtw_hook = injection.InstallDLLHook(
"C:/Windows/System32/User32.dll",
"SetWindowTextW",
"SetWindowTextHookW");

// Hook a function manually (Calc!0100F3CF)
HDLLHOOK manual_hook = injection.InstallCodeHook(
reinterpret_cast (0×0100F3CF),
“SomeOtherHook”);

// Remove the hooks
injection.RemoveHook(swtw_hook);
injection.RemoveHook(manual_hook);
-----------------------------------------------------------------

Testing has been limited so don’t be surprised to find bugs. If you do find any, please report them.
Related URLs: No related URLs have been submitted for this tool yet


Screenshot:
Screenshot of DLL Injection Framework


RSS feed Feed containing all updates for this tool.

You are welcome to add your own useful notes about this tool, for others to see!

Retrieved from "http://www.woodmann.com/collaborative/tools/index.php/DLL_Injection_Framework"


If you find that any information for the tool above is missing, outdated or incorrect, please edit it!
(please also edit it if you think it fits well in some additional category, since this can also be controlled)

Views
Category Navigation Tree
RCE Tools
   Categorized by Target Type  (294)
   Categorized by Tool Type  (1403)
   Anti Anti Test Tools  (17)
   Assemblers  (29)
   Code Coverage Tools  (13)
   Code Injection Tools  (40)
   Code Ripping Tools  (2)
   Crypto Tools  (17)
   Data Extraction Tools  (29)
   Debuggers  (61)
   Decompilers  (31)
   Deobfuscation Tools  (18)
   Dependency Analyzer Tools  (6)
   Diff Tools  (48)
   Disassemblers  (83)
   Dongle Analysis Tools  (28)
   Exe Analyzers  (51)
   Executable File Editors & Patchers  (107)
   Firefox Extensions  (3)
   GUI Manipulation Tools  (20)
   Hardware Reversing Tools  (28)
   Helper Tools  (3)
   Hex Editors  (13)
   IDA Signature Creation Tools  (5)
   Kernel Tools  (15)
   Memory Data Tracing Tools  (10)
   Memory Patchers  (7)
   Memory Search Tools  (8)
   Monitoring Tools  (154)
   Network Tools  (26)
   Packers  (20)
   Patch Packaging Tools  (13)
   Profiler Tools  (11)
   Programming Libraries  (56)
   Regular Expression Tools  (4)
   Resource Editors  (14)
   Reverse Engineering Frameworks  (12)
   Source Code Tools  (12)
   String Finders  (10)
   Symbol Tools  (13)
   System Information Extraction Tools  (10)
   Technical PoC Tools  (8)
   Test and Sandbox Environments  (25)
   Tool Extensions  (178)
   Tool Hiding Tools  (7)
   Tool Signatures  (20)
   Tracers  (23)
   Unpacking Tools  (95)
   Needs New Category  (3)