Pesquisar na Comunidade

Olá galera, estou aprendendo dll injection e por algum motivo meu código retorna com sucesso. mesmo se a dll não existir. alguém consegue me ajudar? segue o código: Se eu deletar o DLL.dll do c:// ele continua dando como sucesso /* how to do dll inject 1 - abrimos o processo com OpenProcess() passando o id do processo 2 - se sucesso, então pegamos o endereço do processo com a função (LPVOID) getProcAddress(getModuleHandleA("Kernel32.dll"), "LoadLibraryA") 3 - Alocamos memória virtual com a função VirtualAllocEx() 4 - criamos um remote thread com CreateRemoteThread() 5 - wait for the operation complete com WaitForSingleObject() 6 - liberamso memoria com vitualFreeEx() CloseHandle() - remote thread CloseHandle() - hTargetProcess - processo aberto */ #include <cstdio> #include <iostream> #include <windows.h> #include <tlhelp32.h> #include <string> #include <cstdlib> #include <vector> using namespace std; DWORD find_process_id(wstring processName) { PROCESSENTRY32 entry; entry.dwSize = sizeof(PROCESSENTRY32); HANDLE snapshot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, NULL); if (Process32First(snapshot, &entry) == TRUE) { while (Process32Next(snapshot, &entry) == TRUE) { if (stricmp(entry.szExeFile, "Tibia.exe") == 0) { return entry.th32ProcessID; } } } CloseHandle(snapshot); } bool InjectDynamicLibrary(DWORD processId, char* dllPath) { // Open a new handle to the target process HANDLE hTargetProcess = OpenProcess(PROCESS_ALL_ACCESS, 0, processId); if (hTargetProcess != NULL) // if the handle is valid { cout << "Processo aberto.......ok" << endl; cout << "Tentaremos injetar a LIB :" << dllPath << endl; // Kernel32.dll is always mapped to the same address in each process // So we can just copy the address of it & LoadLibraryA in OUR process and // expect it to be same in the remote process too. LPVOID LoadLibAddr = (LPVOID)GetProcAddress(GetModuleHandleA("kernel32.dll"), "LoadLibraryA"); if(LoadLibAddr != NULL) { cout << "LoadLibAddr.......OK" << endl; // We must allocate more memory in the target process to hold the path for our dll in it's addresspace. LPVOID LoadPath = VirtualAllocEx(hTargetProcess, 0, strlen(dllPath), MEM_COMMIT | MEM_RESERVE, PAGE_READWRITE); if(LoadPath != NULL) { //MessageBox(HWND_DESKTOP, "LoadPath Sucesso!", "MESSAGE", MB_OK); cout << "LoadPath.......OK" << endl; // Create a thread in the target process that will call LoadLibraryA() with the dllpath as a parameter HANDLE RemoteThread = CreateRemoteThread(hTargetProcess, 0, 0, (LPTHREAD_START_ROUTINE)LoadLibAddr, LoadPath, 0, 0); if(RemoteThread) { cout << "Remote Thread.......OK" << endl; // Wait for the operation to complete, then continue. WaitForSingleObject(RemoteThread, INFINITE); // the path to the dll is no longer needed in the remote process, so we can just free the memory now. VirtualFreeEx(hTargetProcess, LoadPath, strlen(dllPath), MEM_RELEASE); CloseHandle(RemoteThread); CloseHandle(hTargetProcess); return true; }else{ MessageBox(HWND_DESKTOP, "Remote Thread Error!", "MESSAGE", MB_OK); } }else{ MessageBox(HWND_DESKTOP, "LoadLibAddr ERROR", "MESSAGE", MB_OK); } }else{ MessageBox(HWND_DESKTOP, "LoadLibAddr Fail!", "MESSAGE", MB_OK); } }else{ MessageBox(HWND_DESKTOP, "problema ao abrir processo!", "MESSAGE", MB_OK); } return false; } int main( int, char *[] ) { DWORD processId = find_process_id(L"chrome"); if(processId) { // MessageBox(0, "Processo localizado. fazendo inject","NOTICE", MB_OK); cout << "Process ID finded : " << processId << endl; const wchar_t* libName = L"c:/DLL.dll"; // or L"zß???" char lib[11]; std::wcstombs(lib, libName, 11); wcout << libName << endl; InjectDynamicLibrary(processId, "c:/DLL.dll"); } return 0; }