broihon / gh-injector-library Goto Github PK

also do i need to simply get visual studio for this? or just get game running, and start that one injection method?

Hi I get this error upon injecting (sometimes). I am wondering if this is fault of my dll, or the injector.

SR_NTCTE_ERR_RPM_FAIL 0x1010000C//ReadProcessMemory : win32 error : reading the results of the shellcode failed

Albeit I only get this error maybe 3/10 injections.

Hello, First I must say: Great Library, what I like the most is how stable it is.

I made my Own Wrapper for .NET. I am trying all the methods with different flags. and it works perfectly.

But the Problem is that When I finish Injecting, my application (Injector) closes. and it does not generate the .log either .

I really have no idea what is going on. I don't have any specific details. any ideas?

Line 152 of the Tools.cpp file, is that a mistake?

`delete[] headers; //the memory pointed to by nt_header is also freed after deleted headers[]

if (nt_headers->FileHeader.Machine != target_machine) // always get wrong value here

{

LOG(1, "DLL platform mismatch\n");

return FILE_ERR_INVALID_FILE;

}
return FILE_ERR_SUCCESS;`

X86 compilation fails due to the below error originated in pch.cpp:
Error C2664: '_invalid_parameter_handler _set_thread_local_invalid_parameter_handler(_invalid_parameter_handler)': cannot convert argument 1 from 'void (__stdcall *)(const wchar_t *,const wchar_t *,const wchar_t *,unsigned int,uintptr_t)' to '_invalid_parameter_handler' (55, 70)

Replacing auto old = _set_thread_local_invalid_parameter_handler(ImTheTrashMan);
with
auto old = _set_thread_local_invalid_parameter_handler(reinterpret_cast<_invalid_parameter_handler>(ImTheTrashMan));
makes the compilation succeeds.
I have only tested the compilation and I don't know if this change is the correct one.

Thanks and keep the good work! This library is amazing!

P.S. There are several suggestions/optimizations that R# recommends (for example making old const just to mention one specific to this section of code). May be you may want to apply such kind optimizations to make the project cleaner and better.
P.S.2: I am not sure if you left spaces in the library name for any particular reason, but if there is no particular reason then it would be much better to remove them and rename with something like "GHInjectorX86" or whatever you like more. Spaces can create troubles in paths (without spaces I would have saved myself from writing escaping code).
P.S.3: I noticed that "Debug|x64" is the only configuration configured as "Use Multi-Byte Character Set", all the others with "Use Unicode Characters Set". Multi-Byte Character Set cause LoadLibrary to fail (it just block) at least in C#, but I have to deduce this also applies to unmanaged code. I had to compile into Unicode in order to make it work. Not sure why this configuration is the only one to use Multi-byte, may be you just missed it out.

Heyo, just tried injecting and it just said Shell failed with 0040000A.
I have no idea, what that could mean tbh, in the code it said not being able to get some import. But it was an internal error afaik.
I would greatly appreciate the help.

For the DLL I injected, it's a basic 64bit DLL with the default Settings for a DLL in VS.
Only thing i "imported" is D3D9 for an Overlay.
I used the Manual Mapping Method.

This project is missing a LICENSE file.

What is the license for this project? Can I re-use it in my project? If yes, under what conditions?

Hey,

I can't seem to start this application on Windows 11.

Info:
OS: Windows 11 Pro
Version: 21H2
Build: 22000.588

When I try to run the application, nothing happens and I don't get any error messages (not in Event Viewer aswell).

Any suggestions?

What you see in log:

Source : Injection.cppr.cpp in InjectWImports at line 116

Injection.cppr.cpp should be: Injection.cpp

Bug appears to stem from:

memcpy(data.szFileName, __FILENAMEW__,  ((size_t)lstrlenW(__FILENAMEW__)) * 2);	
#define __FILENAMEW__ (wcsrchr(__FILEW__, '\\') + 1)

Similarly:

InjectWImports should be InjectionW

You can see, both the strings are double the length they should be

I can fix it

When I download the GH Injector.zip, extract it and try to run it does nothing.

Hi,

I can't seem to successfully inject my dll

the error I got from GH_Inj_Log.txt

30-12-2020 13:55:51
Version            : GH Injector V3.4
OS                 : Windows 10 Enterprise 1909 (Build 18363)
File               : (nullptr)
Target             : (undetermined)
Target PID         : 1220
Source             : Import Handler.cpp in ResolveImports at line 36
Errorcode          : 0x0000001C
Advanced errorcode : 0x00000000
Injectionmode      : LoadLibraryExW
Launchmethod       : NtCreateThreadEx
Platform           : ---
HandleValue        : 0x00000000
Flags              : 0x00000000

I have tried to use another injection mode and launchmethod but still no luck
below is my code

	HINSTANCE hInjectionMod = LoadLibrary(GH_INJ_MOD_NAME);

	auto InjectA = (f_InjectA)GetProcAddress(hInjectionMod, "InjectA");

	INJECTIONDATAA data =
	{
		"C:\\Users\\Nanda Abi Fahmi\\source\\repos\\TestFunctionInjection\\TestFunctionInjection\\testdll.dll",
		PID,
		INJECTION_MODE::IM_LoadLibraryExW,
		LAUNCH_METHOD::LM_NtCreateThreadEx,
		NULL,
		0,
		NULL,
		0,
		true
	};

	InjectA(&data);

I am wondering if I'm missing something

Thanks

can we inject (shellcode genterated by hex editor) instead of (.dll path on hard disk) using manual mapping

if it's possible can you give a hint?

I tried to access it through my wrapper.

The float type in vb would be single. however it still doesn't work.

Couldn't you change the return to an integer?

such as GetSymbolState and GetImportState work fine.

The library builds fine but when I try to use it I get the error 0x0000001C
If I use the already built dll works fine. Maybe there is some configuration missing in Visual Studio?

Version : GH Injector V3.4
OS : Windows 10 Enterprise 2004 (Build 19035)
File : (nullptr)
Target : (undetermined)
Target PID : 31360
Source : Injection.cppr.cpp in InjectWImports at line 116
Errorcode : 0x0000001C
Advanced errorcode : 0x00000000
Injectionmode : LoadLibraryExW
Launchmethod : NtCreateThreadEx
Platform : ---
HandleValue : 0x00000000
Flags : 0x00000000

Hello, I have a question about the function IsThreadInAlertableState of ProcessInfo

In the x64 region:
//...
else if (ctx.Rip == m_WaitFunctionReturnAddress[2])
{
return (ctx.Rsi == TRUE);
}
else if (ctx.Rip == m_WaitFunctionReturnAddress[3])
{
return (ctx.Rsi == TRUE);
}
//...
There is a reason why its rsi?
I thought it was r9 for NtWaitForMultipleObjects and r8 for NtSignalAndWaitForSingleObject

When I try to inject it says "an error accured " and the error code is 0x00000012 how to fix it

I just tried to run the example in Readme. I added a "main" function to make it compilable. But it reports error when going to main function with the error code "0xC0000005". I didn't arrange anything else except adding main() arranged the "data" and deteled the strcpy function;

using 20H2 19042.1165

If you tries to use any method that doesnt use loadlib, it causes windows to force reboot.
not sure if this is only happening to me or smth.

I'm gonna change the URL to -> https://guidedhacking.com/threads/guidedhacking-dll-injector.8417/

We'll put a FAQ / troubleshooting guide right at the top there. The main description will be on the main "overview" tab. Hopefully this will reduce the number of dumb questions we get.

Hello,
using GH Library I would like to launch a process in a suspended state (probably using CreateProcess since I believe that should be the only one to provide this functionality), enable an hook and then resume the process. In the other issue you said me that this is only possible with NtCreateThreadEx which is the one I use by default (and If I am not wrong the recommended one).

This is how I do the injection:

var siex = new Kernel32.STARTUPINFOEX();
CreateProcess(targetExe, null, null, null, false, CREATE_PROCESS.CREATE_SUSPENDED, null, null, siex, out var notepad));

var id = new Native.InjectiondataW
{
    szDllPath = dllToInject,
    ProcessID = notepad.dwProcessId,
    Mode = LoadLibraryExW,
    Method = NtCreateThreadEx,
    GenerateErrorLog = false
};
InjectW(ref id)

It continue until the attachment to the process and then:
K32GetModuleBaseNameW failed: 00000006

Error code: InjErrCantGetExeFilename
(K32)GetModuleBaseNameW: win32 error: failed to resolve the file name of the target process
The handle is invalid.

Tried with all the injection modes available, but same error.

Then I decided to go deeper and discovered that here is the call function that failed:

Basically GetModuleBaseNameW fails to resolve the executable name and stop execution. On non suspended process it works.
I suspect that it fails because on a suspended process only NTDLL is the one working while GetModuleBaseNameW should belong to Kernel32. May there are alternative function available in NTDLL that could do the same.

Anyway, I commented that code and manually added the already known executable name with the following code:

As a result of this change the execution continued and completed with success.
Surprisingly I was also able to enter into the injected dll and resume the process.

So, is really necessary that call at GetModuleBaseNameW ??? I see that it fills InjectiondataW->szTargetProcessExeFileName.
If you need to know the exe file name the user can just fill that field them self and we are good to go. It would be fine if you could implement such functionality in your lib and if you need I could provide some working code to simplify the process. A function like CreateAndInject(bool suspended).

I really like this lib, it's the only one that works, there are little things to improve and fix, but is still amazing!

Hi I have a problem with injection of dll

Log file:
03-01-2023 16:10:26
Version : GH Injector V4.7
OS : Windows 10 22H2 (Build 19045)
File : hello_world86.dll
Target : x86process.exe
Target PID : 7360
Source : Manual Mapping.cpp in MMAP_NATIVE::ManualMap at line 291
Errorcode : 0x00400002
Advanced errorcode : 0xC0000034
Injectionmode : ManualMap
Launchmethod : NtCreateThreadEx
Platform : x64/x86 (native)
HandleValue : 0x00000000
Flags : 0x00FE0000

Code:

int main() {

	HINSTANCE hInjectionMod = LoadLibrary(GH_INJ_MOD_NAME);

	auto InjectA = (f_InjectA)GetProcAddress(hInjectionMod, "InjectA");
	auto GetSymbolState = (f_GetSymbolState)GetProcAddress(hInjectionMod, "GetSymbolState");
	auto GetImportState = (f_GetSymbolState)GetProcAddress(hInjectionMod, "GetImportState");
	auto StartDownload = (f_StartDownload)GetProcAddress(hInjectionMod, "StartDownload");
	auto GetDownloadProgressEx = (f_GetDownloadProgressEx)GetProcAddress(hInjectionMod, "GetDownloadProgressEx");

	Sleep(500);
	StartDownload();

	while (GetDownloadProgressEx(PDB_DOWNLOAD_INDEX_NTDLL, false) != 1.0f)
	{
		Sleep(10);
	}

	while (GetSymbolState() != 0)
	{
		Sleep(10);
	}

	while (GetImportState() != 0)
	{
		Sleep(10);
	}

	DWORD TargetProcessId = FindProcessId("x86process.exe");
	DWORD flags = MM_DEFAULT;

	INJECTIONDATAA data =
	{
		"",
		TargetProcessId,
		INJECTION_MODE::IM_ManualMap,
		LAUNCH_METHOD::LM_NtCreateThreadEx,
		flags,
		2000,
		NULL,
		NULL,
		true
	};

	strcpy(data.szDllPath, "hello_world86.dll");
	InjectA(&data);

	return 0;
}

I don't know how to ask for a request here at github so I'm putting it as an issue. Can we manual map from a file in memory, like a file downloaded with libcurl? I tried to read your code but it's kinda complicated so I was never able to implement it, but maybe you can....

log file :

06-03-2022 16:39:18
Version : GH Injector V4.6
OS : Windows 10 21H2 (Build 19044)
File : D:\visual studio project\c++ dll internal chit\asd.dll
Target : ac_client.exe
Target PID : 12404
Source : NtCreateThreadEx WOW64.cpp in SR_NtCreateThreadEx_WOW64 at line 251
Errorcode : 0x10100009
Advanced errorcode : 0x00000102
Injectionmode : LoadLibraryExW
Launchmethod : NtCreateThreadEx
Platform : wow64
HandleValue : 0x00000000
Flags : 0x00000000

debug console:

Injection module loaded at 00007FFD0BBC0000
Set print callback: 00007FF785CD2740
Creating DragDrop window
HWND = 000A06F0
Loading settings
Added file: D:/visual studio project/c++ dll internal chit/asd.dll
Settings loaded successfully
Tooltips enabled
GH Injector V4.6
Initializing GUI
GUI initialized
Console docked: right
Injector ready
Processlist updated
Launching injection thread
All symbols loaded
Import handler finished
All symbols loaded
Import handler finished
All symbols loaded
Import handler finished
All symbols loaded
Import handler finished
InjectW called with pData = 0000002C06F3A180
Attached to target process
Target process name = ac_client.exe
Validating specified file
File validated and prepared for injection:
D:\visual studio project\c++ dll internal chit\asd.dll
Begin InjectDLL_WOW64
Shell data initialized
Shellsize = 000005D0
Total size = 000009A8
pArg = 00640000
pShell = 006403D0
Shell written to memory
Entering StartRoutine_WOW64
Begin SR_NtCreateThreadEx_WOW64
Creating ProcessInfo
ProcessInfo initialized
Codecave allocated at 0000000000650000
Creating thread with:
pRoutine = 00650018
pArg = 00650000
Thread created with TID = 002710 (010000)
Entering wait state
WaitForSingleObject failed: 00000102
Return from StartRoutine_WOW64
StartRoutine_WOW64 failed: 10100009
Injection finished
Injection thread returned
Check the error log for more information
Injection 1/1 finished
Injection (1/1) failed:
Error = 10100009

if this issue is dumb, im sorry

I've just been getting this issue after using the default injection method

GH Injector V4.8 loaded
Imagebase = 00007FFED7380000
Launching PDB thread(s)
Launching import resolver thread
DllMain exit
 SYMBOL_LOADER::Cleanup
 SYMBOL_LOADER::Initialize called in thread 00001D5C (7516)
 SYMBOL_LOADER::Cleanup
 SYMBOL_LOADER::Initialize called in thread 00001080 (4224)
 ResolveImports called
 ntdll.dll    loaded at 00007FFF66710000
 kernel32.dll loaded at 00007FFF65D80000
 OSVersion = 100
OSBuildVersion = 19045
 ResolveImports_WOW64 called
 Waiting for native symbol parser to finish initialization
 GH Injector SM - x86.exe is missing
 SYMBOL_LOADER: ready to parse PE headers
 SYMBOL_LOADER: x86 target identified
 SYMBOL_LOADER: ready to parse PE headers
 SYMBOL_LOADER: x64 target identified
 SYMBOL_LOADER: sections mapped
 SYMBOL_LOADER: PDB signature identified
 SYMBOL_LOADER: PDB path = C:\Users\godiswithme\source\repos\testing-again\x64\Release\x86\wntdll.pdb
  SYMBOL_LOADER::VerifyExistingPdb called
 SYMBOL_LOADER: sections mapped
 SYMBOL_LOADER: PDB signature identified
 SYMBOL_LOADER: PDB path = C:\Users\godiswithme\source\repos\testing-again\x64\Release\x64\ntdll.pdb
  SYMBOL_LOADER::VerifyExistingPdb called
  SYMBOL_LOADER: PDB loaded into memory
  SYMBOL_LOADER: PDB size validated
  SYMBOL_LOADER: PDB size parsed
  SYMBOL_LOADER: guid match
  SYMBOL_LOADER: PDB loaded into memory
  SYMBOL_LOADER: PDB size validated
 SYMBOL_LOADER: PDB verified
  SYMBOL_LOADER: PDB size parsed
  SYMBOL_LOADER: guid match
 SYMBOL_LOADER: PDB verified
 SYMBOL_LOADER::Initialize
 SYMBOL_PARSER: initialization finished
 LoadLibraryExW: 00007FFF65D9B550
 Start loading native ntdll symbols
  SYMBOL_PARSER: RVA 00016A10 -> LdrLoadDll
  SYMBOL_PARSER: RVA 0000FBF0 -> LdrUnloadDll
  SYMBOL_PARSER: RVA 0001733C -> LdrpLoadDll
  SYMBOL_PARSER: RVA 000168A0 -> LdrGetDllHandleEx
  SYMBOL_PARSER: RVA 00081C20 -> LdrGetProcedureAddress
  SYMBOL_PARSER: RVA 0009D3C0 -> NtQueryInformationProcess
  SYMBOL_PARSER: RVA 0009D760 -> NtQuerySystemInformation
  SYMBOL_PARSER: RVA 0009D540 -> NtQueryInformationThread
  SYMBOL_PARSER: RVA 000A3F00 -> memmove
  SYMBOL_PARSER: RVA 00087E50 -> RtlZeroMemory
  SYMBOL_PARSER: RVA 0002A9A0 -> RtlAllocateHeap
  SYMBOL_PARSER: RVA 00024760 -> RtlFreeHeap
  SYMBOL_PARSER: RVA 00019580 -> RtlAnsiStringToUnicodeString
  SYMBOL_PARSER: RVA 00061360 -> RtlUnicodeStringToAnsiString
  SYMBOL_PARSER: RVA 00016090 -> RtlCompareUnicodeString
  SYMBOL_PARSER: RVA 0008B1E0 -> RtlCompareString
  SYMBOL_PARSER: RVA 0009D700 -> NtOpenFile
  SYMBOL_PARSER: RVA 0009D160 -> NtReadFile
  SYMBOL_PARSER: RVA 0009D580 -> NtSetInformationFile
  SYMBOL_PARSER: RVA 0009D2C0 -> NtQueryInformationFile
  SYMBOL_PARSER: RVA 0009D280 -> NtClose
  SYMBOL_PARSER: RVA 0009D3A0 -> NtAllocateVirtualMemory
  SYMBOL_PARSER: RVA 0009D460 -> NtFreeVirtualMemory
  SYMBOL_PARSER: RVA 0009DAA0 -> NtProtectVirtualMemory
  SYMBOL_PARSER: RVA 0009D9E0 -> NtCreateSection
  SYMBOL_PARSER: RVA 0009D5A0 -> NtMapViewOfSection
  SYMBOL_PARSER: RVA 0009E8D0 -> NtCreateThreadEx
  SYMBOL_PARSER: RVA 000DC1D0 -> RtlQueueApcWow64Thread
  SYMBOL_PARSER: RVA 000108F0 -> RtlInsertInvertedFunctionTable
  SYMBOL_PARSER: RVA 00047C64 -> LdrpHandleTlsData
  SYMBOL_PARSER: RVA 0007D190 -> LdrLockLoaderLock
  SYMBOL_PARSER: RVA 0007E000 -> LdrUnlockLoaderLock
  SYMBOL_PARSER: RVA 000817D0 -> RtlAddVectoredExceptionHandler
  SYMBOL_PARSER: RVA 000821D0 -> RtlRemoveVectoredExceptionHandler
  SYMBOL_PARSER: RVA 0009D720 -> NtDelayExecution
  SYMBOL_PARSER: RVA 0016C520 -> LdrpHeap
  SYMBOL_PARSER: RVA 001813E8 -> LdrpVectorHandlerList
  SYMBOL_PARSER: RVA 001665F0 -> LdrpTlsList
  SYMBOL_PARSER: RVA 00181500 -> LdrpInvertedFunctionTable
  SYMBOL_PARSER: RVA 00011450 -> LdrGetDllPath
  SYMBOL_PARSER: RVA 0002A0A0 -> RtlRbRemoveNode
  SYMBOL_PARSER: RVA 0016D4A8 -> LdrpModuleBaseAddressIndex
  SYMBOL_PARSER: RVA 0016D4B8 -> LdrpMappingInfoIndex
  SYMBOL_PARSER: RVA 00012224 -> LdrProtectMrdata
  SYMBOL_PARSER: RVA 0001A360 -> LdrpPreprocessDllName
  SYMBOL_PARSER: RVA 0001FA14 -> LdrpLoadDllInternal
  SYMBOL_PARSER: RVA 000302E4 -> LdrpDereferenceModule
  SYMBOL_PARSER: RVA 00067C20 -> RtlAddFunctionTable
 SYMBOL_LOADER::Cleanup
 Native ntdll symbols loaded
Beginning download(s)
All symbols loaded
Import handler (wow64) failed: 00000047
Import handler (wow64) failed: 00000047
Import handler (wow64) failed: 00000047
Import handler (wow64) failed: 00000047

is there any way to fix this?

after alot of tries trying to inject dll into uwp apps, i did a research and turns out the dll needs a permission or something like that.
maybe support uwp apps if possible?

Hello ,I want to use manual mapping injector my shellcode
I copy my test DLL shellCode and let it point to pRawData


Please tell me what I'm doing wrong？

Hello.
Can you tell me how to inject some dll into some process with that library ?

Is there anyway to get the DLL's name and path when using manual map injection and erase PE?

I understand that its by design so that it could hide the DLL, but maybe there are other methods to find it?

I'm using V4.4 and used the Kernel32's GetModuleFileName, with the DllMain's first argument as the hmodule and got an empty string as result.

Hello,
I first want to congratulate with you for this project. The community know this as the most powerful injector library. Congratulation!

1. I was wondering if there is a C# wrapper or if someone that has the pinvoke signatures to share.
2. I saw the Lunar project in C# from which this project is inspired, but it seems to lack most of the features. What you can tell me about this? Do you still recommend it?
3. Is this compatible with Net Core (version 5) ? I mean injecting in a .Net core process along with the new way to load and unload assemblies through AssemblyLoadContext.
4. Does it works with hooking a suspended process?
5. I comes from EasyHook and I like it, but development is stalled from very long time and I can only use it in .Net Framework projects while I abandoned this died technology long time ago in favour of .Net core and now the recent NET 5.
   Basically I would like to ask how it would compare and if it can perform at least the same tasks (which will me more than satisfying for me).
   Many thanks

Same error with every injection methods, with multiple different x86 DLLs and processes. This error occurs when building according to the directions here: https://github.com/multikill/GH_Injector_MSVC_2019_QT_5_15_0

Version            : GH Injector V3.4
OS                 : Windows 10 Home 2004 (Build 19041)
File               : (nullptr)
Target             : (undetermined)
Target PID         : 7452
Source             : Injection.cppr.cpp in InjectWImports at line 116

Errorcode          : 0x0000001D = #define INJ_ERR_SYMBOL_INIT_FAIL	0x0000001D	
//SYMBOL_PARSER::Initialize	: symbol error	: 
initialization failed (symbol error 0x40000001 - 0x40000014)

Advanced errorcode : 0x00000000
Injectionmode      : LoadLibraryExW
Launchmethod       : NtCreateThreadEx
Platform           : ---
HandleValue        : 0x00000000
Flags              : 0x00000000

Injection.cpp:

{
#pragma EXPORT_FUNCTION(__FUNCTION__, __FUNCDNAME__)

	LOG("InjectW called with pData = %p\n", pData);
	
	ERROR_DATA error_data{ 0 };
	DWORD RetVal = INJ_ERR_SUCCESS;

	if (!pData)
	{
		INIT_ERROR_DATA(error_data, INJ_ERR_ADVANCED_NOT_DEFINED);

		return InitErrorStruct(nullptr, pData, -1, INJ_ERR_NO_DATA, error_data);
	}

	RetVal = ResolveImports(error_data);
	if (RetVal != INJ_ERR_SUCCESS)
	{
		INIT_ERROR_DATA(error_data, INJ_ERR_ADVANCED_NOT_DEFINED); // <------ error here line 116

		return InitErrorStruct(nullptr, pData, -1, RetVal, error_data);
	}```

LoadLibrary works fine but Manual Map crashes the target process. Even with an minimal dllmain with only return TRUE; inside crashes for some reason.

Library/GUI Version: 4.4

Options

• NtCreateThread
• Erase PEH
• Run DllMain
• Resolve Delay Imports
• Execute TLS
• Set Page Protections
• Enable exceptions
• Initialize security cookie

OS

Edition: Windows 10 Home Single Language
Version: 21H2
OS build: 19044.1526

does Hijack handle need more work because it's not working?

Hi,

My test failed at finding function GetImportState. But ok with InjectA and GetSymbolState. Can somebody help?

auto InjectA = (f_InjectA)GetProcAddress(hInjectionMod, "InjectA");
if (InjectA == nullptr)
{
printf("[x] Cannot find the function InjectA!\n");
return -1;
}
auto GetSymbolState = (f_GetSymbolState)GetProcAddress(hInjectionMod, "GetSymbolState");
if (GetSymbolState == nullptr)
{
printf("[x] Cannot find the function GetSymbolState!\n");
return -1;
}
auto GetImportState = (f_GetImportState)GetProcAddress(hInjectionMod, "GetImportState");
if (GetImportState == nullptr)
{
printf("[x] Cannot find the function GetImportState!\n");
return -1;
}

title. this error seems to be reported previously but still happens very often on windows 10.

https://github.com/Broihon/GH-Injector-Library/blob/d8f3220c9476b4e88fa1a8ba7bc763e3ecf2cc0d/GH%20Injector%20Library/Manual%20Mapping.cpp#L957

time to write my own injector i guess 😐

This happens when i'm running the injector.

The injector requires PDB files for the ntdll.dll to work.
These files will be downloaded from the Microsoft Symbol Server
and will take up about 5MB.
Do you want to download the files now?
--> Clicked Yes
Download/import failure. Error code: 0x0000003d
The injector cannot function without the PDB files.
Please restart the injector.

Debug log:
Injection module loaded at 00007FFB385B0000
Set print callback: 00007FF7F76B2700
Creating DragDrop window
HWND = 00070106
Loading settings
Don't update check
Settings loaded successfully
Tooltips enabled
GH Injector V4.5
Initializing GUI
GUI initialized
Old index = -1
Dock = 0
SYMBOL_PARSER: RVA 00016A10 -> LdrLoadDll
SYMBOL_PARSER: RVA 0000FBF0 -> LdrUnloadDll
SYMBOL_PARSER: RVA 0001733C -> LdrpLoadDll
SYMBOL_PARSER: RVA 000168A0 -> LdrGetDllHandleEx
SYMBOL_PARSER: RVA 00081AD0 -> LdrGetProcedureAddress
SYMBOL_PARSER: RVA 0009D130 -> NtQueryInformationProcess
SYMBOL_PARSER: RVA 0009D4D0 -> NtQuerySystemInformation
SYMBOL_PARSER: RVA 0009D2B0 -> NtQueryInformationThread
SYMBOL_PARSER: RVA 000A3C00 -> memmove
SYMBOL_PARSER: RVA 00087D00 -> RtlZeroMemory
SYMBOL_PARSER: RVA 0002A9A0 -> RtlAllocateHeap
SYMBOL_PARSER: RVA 00024760 -> RtlFreeHeap
SYMBOL_PARSER: RVA 00019580 -> RtlAnsiStringToUnicodeString
SYMBOL_PARSER: RVA 0009D470 -> NtOpenFile
SYMBOL_PARSER: RVA 0009CED0 -> NtReadFile
SYMBOL_PARSER: RVA 0009D2F0 -> NtSetInformationFile
SYMBOL_PARSER: RVA 0009D030 -> NtQueryInformationFile
SYMBOL_PARSER: RVA 0009CFF0 -> NtClose
SYMBOL_PARSER: RVA 0009D110 -> NtAllocateVirtualMemory
SYMBOL_PARSER: RVA 0009D1D0 -> NtFreeVirtualMemory
SYMBOL_PARSER: RVA 0009D810 -> NtProtectVirtualMemory
SYMBOL_PARSER: RVA 0009D750 -> NtCreateSection
SYMBOL_PARSER: RVA 0009D310 -> NtMapViewOfSection
SYMBOL_PARSER: RVA 0009E620 -> NtCreateThreadEx
SYMBOL_PARSER: RVA 000DC010 -> RtlQueueApcWow64Thread
SYMBOL_PARSER: RVA 000108F0 -> RtlInsertInvertedFunctionTable
SYMBOL_PARSER: RVA 00047C14 -> LdrpHandleTlsData
SYMBOL_PARSER: RVA 0007D040 -> LdrLockLoaderLock
SYMBOL_PARSER: RVA 0007DEB0 -> LdrUnlockLoaderLock
SYMBOL_PARSER: RVA 00081680 -> RtlAddVectoredExceptionHandler
SYMBOL_PARSER: RVA 00082080 -> RtlRemoveVectoredExceptionHandler
SYMBOL_PARSER: RVA 0009D490 -> NtDelayExecution
SYMBOL_PARSER: RVA 0016A520 -> LdrpHeap
SYMBOL_PARSER: RVA 0017F500 -> LdrpInvertedFunctionTable
SYMBOL_PARSER: RVA 0017F3E8 -> LdrpVectorHandlerList
SYMBOL_PARSER: RVA 00164520 -> LdrpTlsList
SYMBOL_PARSER: RVA 0002A0A0 -> RtlRbRemoveNode
SYMBOL_PARSER: RVA 0016B468 -> LdrpModuleBaseAddressIndex
SYMBOL_PARSER: RVA 0016B478 -> LdrpMappingInfoIndex
SYMBOL_PARSER: RVA 00012224 -> LdrProtectMrdata
SYMBOL_PARSER: RVA 0001A360 -> LdrpPreprocessDllName
SYMBOL_PARSER: RVA 0001FA14 -> LdrpLoadDllInternal
SYMBOL_PARSER: RVA 00067AC0 -> RtlAddFunctionTable
SYMBOL_LOADER::Cleanup
Native ntdll symbols loaded
All symbols loaded
Import handler (wow64) failed: 0000003D
All symbols loaded
Import handler (wow64) failed: 0000003D
All symbols loaded
Import handler (wow64) failed: 0000003D
Processlist updated
Processlist updated
Beginning download(s)
All symbols loaded
All symbols loaded
Import handler (wow64) failed: 0000003D
Import handler (wow64) failed: 0000003D

built with qt5.15.2 + msvc v143 vs2022
running on win11 build 22000.527.0