Hey all. I don't know if this will be useful to anyone but here is a project I been working on since I saw Shynds cool Black Magic library.
It can read/modify memory location of a process and also inject and execute code.
Take a look and tell me what you think.
ReadMe:
Code:
/* CSyringe Class - Handle Reading & Writing memory and also Injecting and Executing your own code.
Author: Cenron
Usage:
The memory class uses datatype wrappers to make it easier to get/set data.
Supported Wrappers:
[+]Get/SetMem( unsigned long )
[+]Get/SetMem( __int64 )
[+]Get/SetMem( float )
[+]Get/SetMem( char * )
[+]Get/SetMem( int )
If you need to get data and pass it into a diffrent type then what is listed above.
Then you need to call the Write()/Read() methods. Here is a quick example of its usage.
GetMemory()->Read( (DWORD)dwAddress, (DWORD)dwLen, (LPVOID)&sMyStruct );
GetMemory()->Write( (DWORD)dwAddress, (DWORD)dwLen, (LPVOID)&sMyStruct );
Example.
#include "CSyringe.h"
void __declspec(naked) __start()
{
__asm
{
PUSH 0
PUSH 0xDEADBEEF
PUSH 0xDEADBEEF
PUSH 0
MOV EAX, 0x7E4507EA
CALL EAX
RET
}
}
void __end() {}
int main()
{
// Find the process we want to work with and open a handle to it.
DWORD dwPid = GetPidByName( "MyProgram.exe" );
hProcess = OpenProcess( PROCESS_ALL_ACCESS, TRUE, dwPid );
// Declare our class and pass our handle to it.
CSyringe * gpSy = new CSyringe( hProcess );
// Declare what text we want our MessageBox to display.
char sText[] = "Hey There";
// Prepare our injector for the text...
gpSy->CreateInjector( (DWORD)sText, strlen( sText ), "MsgBoxTxt" );
// Then inject the string.
gpSy->GetThreadByName( "MsgBoxTxt" )->Inject();
// Prepare our injector for the MessageBox injection...
gpSy->CreateInjector( (DWORD)__start, (DWORD)((DWORD)__end - (DWORD)__start), "MessageBox" );
// Then inject the stub.
gpSy->GetThreadByName( "MessageBox" )->Inject();
// Modify the 0xDEADBEEF in our stub to the actual address.
gpSy->GetMemory()->SetMem( (DWORD)((DWORD)gpSy->GetInjectorByName( "MessageBox" )->GetAllocAddr() + 0x03), (unsigned long)gpSy->GetThreadByName( "MsgBoxTxt" )->GetAllocAddr() );
gpSy->GetMemory()->SetMem( (DWORD)((DWORD)gpSy->GetInjectorByName( "MessageBox" )->GetAllocAddr() + 0x08), (unsigned long)gpSy->GetThreadByName( "MsgBoxTxt" )->GetAllocAddr() );
// Check to make sure our address was changed to the right area.
DWORD dwChecker;
gpSy->GetMemory()->GetMem( (DWORD)((DWORD)gpSy->GetThreadByName( "MessageBox" )->GetAllocAddr() + 0x03), dwChecker );
printf( "%d\n", dwChecker );
// Execute the stub we injected.
gpSy->GetThreadByName( "MessageBox" )->Execute();
// Clean Up.
CloseHandle( hProcess );
return 0;
}
Updates:
- [01-21-2009] Added CTCore and CThread classes. Not implemented.
- [01-16-2009] Added syringe control class and remote thread class, can now inject and exectue code in said process.
- [01-14-2009] Added Memory Write Capability. There are also a few type wrappers for the Write function.
- [01-13-2009] Added Memory Read Capability. There are also a few type wrappers for the Read function.
- [01-13-2009] Started project.
Todo:
[+] Get the thread manager working.
*/
EDIT: Every time I try to upload it fails.
But its posted at Game Deception.
Here is the link
[C++]CSyringe - Out of Process Mem Manager - Game Deception - Forums