fork(5) download

#include "stdafx.h"
#include <stdio.h>
#include <windows.h>
#include <tlhelp32.h>
 
#define LOGFILE "C:\\injection.log"
#define PROCESSNAME L"explorer.exe"
 
DWORD getProcessID();
int addLogMessage(char* str, int code);
BOOL setPrivilege(HANDLE hToken, LPCTSTR szPrivName, BOOL fEnable);
 
typedef FARPROC (WINAPI *LPMessageBox)(HWND, LPCWSTR, LPCWSTR, UINT);
 
typedef struct _InjectData {
	char				title[50];
	char				msg[50];	
	LPMessageBox		MessageB;
} InjectData, *PInjectData;
 
InjectData injectData = { 
	"Test",
	"Привет",
	NULL
};
 
static DWORD WINAPI InjectionMain(LPVOID lpParams) {
 
	PInjectData info = (PInjectData)lpParams;
 
	info->MessageB(NULL, (LPCWSTR)info->msg, (LPCWSTR)info->title, MB_OK);
	return 0;
}
 
static void __declspec( naked ) end_proc() {
}
 
 
int _tmain(int argc, _TCHAR* argv[]) {
 
	char		buffer [50];
	HANDLE		hToken;
	HANDLE		processHandel;
	HINSTANCE	userHinstance;
 
	DWORD processID = getProcessID();
 
	HANDLE hCurrentProc = GetCurrentProcess();
 
	if(!OpenProcessToken(hCurrentProc, TOKEN_QUERY | TOKEN_ADJUST_PRIVILEGES, &hToken)) { 
        addLogMessage("OpenProcessToken Error", GetLastError());
		return 0;
	} else { 
		if (!setPrivilege(hToken, SE_DEBUG_NAME, TRUE)) {
			addLogMessage("SetPrivlegesSE_DEBUG_NAME Error", GetLastError());
			return 0;
		} 
	} 
 
	if(processID == 0) {
		MessageBox(NULL, _T("Процесс не найден!"), _T("Error"), MB_OK | MB_ICONERROR);
		return 0;
	}
 
	processHandel = OpenProcess(PROCESS_ALL_ACCESS, false, processID);
	if(processHandel == NULL) {
		addLogMessage("Open process error", GetLastError());
		return 0;
	}
 
	userHinstance = LoadLibrary(_T("user32.dll"));
	injectData.MessageB = (LPMessageBox) GetProcAddress(userHinstance, "MessageBoxA");
 
	DWORD ProcSize = (DWORD)end_proc - (DWORD)InjectionMain;
	sprintf_s(buffer, "Process size: %u", ProcSize);
	addLogMessage(buffer, 0);
 
	LPVOID lpProc	= VirtualAllocEx(processHandel, NULL, ProcSize, MEM_COMMIT, PAGE_EXECUTE_READWRITE );
	LPVOID lpParams = VirtualAllocEx(processHandel, NULL, 1024, MEM_COMMIT, PAGE_READWRITE );
 
	if (!lpProc || !lpParams) {
		addLogMessage("Error allocating memory ", 1000);
		return 0;
	}
 
	sprintf_s(buffer, "Memory allocated at 0x%X and 0x%X", lpProc, lpParams );
	addLogMessage(buffer, 0);
 
	DWORD dwWritten;
	if(WriteProcessMemory(processHandel, lpProc, InjectionMain, ProcSize, &dwWritten ) == 0) {
		addLogMessage("WriteProcessMemory error", GetLastError());
		return 0;
	}
 
	if(WriteProcessMemory( processHandel, lpParams, &injectData, sizeof(injectData), &dwWritten ) == 0) {
		addLogMessage("WriteProcessMemory error", GetLastError());
		return 0;
	}
 
	sprintf_s(buffer, "Чтения памяти", lpProc, lpParams );
	addLogMessage(buffer, 0);
 
	DWORD ThreadID;
	HANDLE hThread = CreateRemoteThread(processHandel, NULL, 0, (LPTHREAD_START_ROUTINE)lpProc, lpParams, 0, &ThreadID);
 
	if (hThread == NULL) {
		sprintf_s(buffer, "Error creating thread");
		addLogMessage(buffer, GetLastError());
		return 0;
	} else {
		WaitForSingleObject( hThread, INFINITE );
	}
 
    FreeLibrary(userHinstance);
 
	VirtualFreeEx(processHandel, lpProc, ProcSize, MEM_DECOMMIT );
	VirtualFreeEx(processHandel, lpParams, 1024, MEM_DECOMMIT );
    CloseHandle(processHandel);
 
	addLogMessage("Success injecting!", 0);
 
	return 0;
}
 
DWORD getProcessID() {
	DWORD processID = 0;
	HANDLE snapHandle;
	PROCESSENTRY32 processEntry = {0};
 
	if( (snapHandle = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0)) == INVALID_HANDLE_VALUE ) {
        return 0;
	}
 
	processEntry.dwSize = sizeof(PROCESSENTRY32);
    Process32First(snapHandle, &processEntry);
	do {
		if ( wcscmp(processEntry.szExeFile, PROCESSNAME) == 0 ) {
			return processEntry.th32ProcessID;
		}
	} while (Process32Next(snapHandle,&processEntry));
 
	if ( snapHandle != INVALID_HANDLE_VALUE ) {
		CloseHandle(snapHandle);
	}
 
	return 0;
}
 
BOOL setPrivilege(HANDLE hToken, LPCTSTR szPrivName, BOOL fEnable) {
    TOKEN_PRIVILEGES tp;
    tp.PrivilegeCount = 1;
    LookupPrivilegeValue(NULL, szPrivName, &tp.Privileges[0].Luid);
    tp.Privileges[0].Attributes = fEnable ? SE_PRIVILEGE_ENABLED : 0;
    AdjustTokenPrivileges(hToken, FALSE, &tp, sizeof(tp), NULL, NULL);
    return((GetLastError() == ERROR_SUCCESS));
}
 
int addLogMessage(char* str, int code) {
	errno_t err;
	FILE* log;
 
	if((err = fopen_s(&log, LOGFILE, "a+")) != 0) {
		return -1;
	}
 
	fprintf(log, "[code: %u] %s\n", code, str);
	fclose(log);
	return 0;
}

prog.cpp:1:20: error: stdafx.h: No such file or directory
prog.cpp:3:21: error: windows.h: No such file or directory
prog.cpp:4:22: error: tlhelp32.h: No such file or directory
prog.cpp:9: error: ‘DWORD’ does not name a type
prog.cpp:11: error: ‘BOOL’ does not name a type
prog.cpp:13: error: ISO C++ forbids declaration of ‘FARPROC’ with no type
prog.cpp:13: error: typedef ‘FARPROC’ is initialized (use __typeof__ instead)
prog.cpp:13: error: ‘WINAPI’ was not declared in this scope
prog.cpp:13: error: ‘LPMessageBox’ was not declared in this scope
prog.cpp:18: error: ‘LPMessageBox’ does not name a type
prog.cpp:25: error: too many initializers for ‘InjectData’
prog.cpp:27: error: ‘DWORD’ does not name a type
prog.cpp:35: error: variable or field ‘__declspec’ declared void
prog.cpp:35: error: ‘naked’ was not declared in this scope
prog.cpp:39: error: ‘_TCHAR’ has not been declared
prog.cpp: In function ‘int _tmain(int, int**)’:
prog.cpp:42: error: ‘HANDLE’ was not declared in this scope
prog.cpp:42: error: expected `;' before ‘hToken’
prog.cpp:43: error: expected `;' before ‘processHandel’
prog.cpp:44: error: ‘HINSTANCE’ was not declared in this scope
prog.cpp:44: error: expected `;' before ‘userHinstance’
prog.cpp:46: error: ‘DWORD’ was not declared in this scope
prog.cpp:46: error: expected `;' before ‘processID’
prog.cpp:48: error: expected `;' before ‘hCurrentProc’
prog.cpp:50: error: ‘hCurrentProc’ was not declared in this scope
prog.cpp:50: error: ‘TOKEN_QUERY’ was not declared in this scope
prog.cpp:50: error: ‘TOKEN_ADJUST_PRIVILEGES’ was not declared in this scope
prog.cpp:50: error: ‘hToken’ was not declared in this scope
prog.cpp:50: error: ‘OpenProcessToken’ was not declared in this scope
prog.cpp:51: error: ‘GetLastError’ was not declared in this scope
prog.cpp:54: error: ‘SE_DEBUG_NAME’ was not declared in this scope
prog.cpp:54: error: ‘TRUE’ was not declared in this scope
prog.cpp:54: error: ‘setPrivilege’ was not declared in this scope
prog.cpp:55: error: ‘GetLastError’ was not declared in this scope
prog.cpp:60: error: ‘processID’ was not declared in this scope
prog.cpp:61: error: ‘_T’ was not declared in this scope
prog.cpp:61: error: ‘MB_OK’ was not declared in this scope
prog.cpp:61: error: ‘MB_ICONERROR’ was not declared in this scope
prog.cpp:61: error: ‘MessageBox’ was not declared in this scope
prog.cpp:65: error: ‘processHandel’ was not declared in this scope
prog.cpp:65: error: ‘PROCESS_ALL_ACCESS’ was not declared in this scope
prog.cpp:65: error: ‘processID’ was not declared in this scope
prog.cpp:65: error: ‘OpenProcess’ was not declared in this scope
prog.cpp:67: error: ‘GetLastError’ was not declared in this scope
prog.cpp:71: error: ‘userHinstance’ was not declared in this scope
prog.cpp:71: error: ‘_T’ was not declared in this scope
prog.cpp:71: error: ‘LoadLibrary’ was not declared in this scope
prog.cpp:72: error: ‘struct InjectData’ has no member named ‘MessageB’
prog.cpp:72: error: ‘LPMessageBox’ was not declared in this scope
prog.cpp:72: error: expected `;' before ‘GetProcAddress’
prog.cpp:74: error: expected `;' before ‘ProcSize’
prog.cpp:75: error: ‘ProcSize’ was not declared in this scope
prog.cpp:75: error: ‘sprintf_s’ was not declared in this scope
prog.cpp:78: error: ‘LPVOID’ was not declared in this scope
prog.cpp:78: error: expected `;' before ‘lpProc’
prog.cpp:79: error: expected `;' before ‘lpParams’
prog.cpp:81: error: ‘lpProc’ was not declared in this scope
prog.cpp:81: error: ‘lpParams’ was not declared in this scope
prog.cpp:82: warning: deprecated conversion from string constant to ‘char*’
prog.cpp:86: error: ‘lpProc’ was not declared in this scope
prog.cpp:86: error: ‘lpParams’ was not declared in this scope
prog.cpp:89: error: expected `;' before ‘dwWritten’
prog.cpp:90: error: ‘InjectionMain’ was not declared in this scope
prog.cpp:90: error: ‘dwWritten’ was not declared in this scope
prog.cpp:90: error: ‘WriteProcessMemory’ was not declared in this scope
prog.cpp:91: error: ‘GetLastError’ was not declared in this scope
prog.cpp:95: error: ‘dwWritten’ was not declared in this scope
prog.cpp:95: error: ‘WriteProcessMemory’ was not declared in this scope
prog.cpp:96: error: ‘GetLastError’ was not declared in this scope
prog.cpp:103: error: expected `;' before ‘ThreadID’
prog.cpp:104: error: expected `;' before ‘hThread’
prog.cpp:106: error: ‘hThread’ was not declared in this scope
prog.cpp:108: error: ‘GetLastError’ was not declared in this scope
prog.cpp:111: error: ‘INFINITE’ was not declared in this scope
prog.cpp:111: error: ‘WaitForSingleObject’ was not declared in this scope
prog.cpp:114: error: ‘FreeLibrary’ was not declared in this scope
prog.cpp:116: error: ‘MEM_DECOMMIT’ was not declared in this scope
prog.cpp:116: error: ‘VirtualFreeEx’ was not declared in this scope
prog.cpp:118: error: ‘CloseHandle’ was not declared in this scope
prog.cpp:120: warning: deprecated conversion from string constant to ‘char*’
prog.cpp: At global scope:
prog.cpp:125: error: ‘DWORD’ does not name a type
prog.cpp:149: error: ‘BOOL’ does not name a type
prog.cpp: In function ‘int addLogMessage(char*, int)’:
prog.cpp:159: error: ‘errno_t’ was not declared in this scope
prog.cpp:159: error: expected `;' before ‘err’
prog.cpp:162: error: ‘err’ was not declared in this scope
prog.cpp:162: error: ‘fopen_s’ was not declared in this scope

Standard output is empty