Comments (7)
Broihon
commented on May 24, 2024
1
You can't call MessageBox from a DllMain. In fact basically all user32 functions don't work from a DllMain. Create a new thread instead.
Edit: the new thread will begin execution when the loader lock is released. So don't wait for execution in the DllMain either.
from gh-injector-library.
Broihon
commented on May 24, 2024
"GH Injector SM - x86.exe is missing"
Make sure that file is in the correct directory.
from gh-injector-library.
invlpga
commented on May 24, 2024
"GH Injector SM - x86.exe is missing"
Make sure that file is in the correct directory.
Ight I was able to fix that issue, thank you. but I encountered another issue
GH Injector V4.8 loaded
Imagebase = 00007FFECA420000
Launching PDB thread(s)
Launching import resolver thread
DllMain exit
SYMBOL_LOADER::Cleanup
SYMBOL_LOADER::Initialize called in thread 00004D38 (19768)
SYMBOL_LOADER::Cleanup
SYMBOL_LOADER::Initialize called in thread 00006588 (25992)
ResolveImports called
ResolveImports_WOW64 called
ntdll.dll loaded at 00007FFF66710000
kernel32.dll loaded at 00007FFF65D80000
OSVersion = 100
OSBuildVersion = 19045
Waiting for native symbol parser to finish initialization
SYMBOL_LOADER: ready to parse PE headers
SYMBOL_LOADER: x86 target identified
SYMBOL_LOADER: ready to parse PE headers
SYMBOL_LOADER: x64 target identified
SYMBOL_LOADER: sections mapped
SYMBOL_LOADER: PDB signature identified
SYMBOL_LOADER: PDB path = C:\Users\godiswithme\source\repos\testing-again\x64\Release\x86\wntdll.pdb
SYMBOL_LOADER::VerifyExistingPdb called
SYMBOL_LOADER: sections mapped
SYMBOL_LOADER: PDB signature identified
SYMBOL_LOADER: PDB path = C:\Users\godiswithme\source\repos\testing-again\x64\Release\x64\ntdll.pdb
SYMBOL_LOADER::VerifyExistingPdb called
SYMBOL_LOADER: PDB loaded into memory
SYMBOL_LOADER: PDB size validated
SYMBOL_LOADER: PDB size parsed
SYMBOL_LOADER: PDB loaded into memory
SYMBOL_LOADER: PDB size validated
SYMBOL_LOADER: guid match
SYMBOL_LOADER: PDB size parsed
SYMBOL_LOADER: PDB verified
SYMBOL_LOADER: guid match
SYMBOL_LOADER: PDB verified
Successfully spawned wow64 dummy process: 000024D8 (9432)
WOW64 kernel32.dll loaded at 77440000
LoadLibraryExW = 7745F9D0
GetLastError = 7745E640
Waiting for WOW64 symbol parser to finish initialization
WOW64 ntdll.dll loaded at 77540000
SYMBOL_LOADER::Initialize
SYMBOL_PARSER: initialization finished
LoadLibraryExW: 00007FFF65D9B550
Start loading native ntdll symbols
SYMBOL_PARSER: RVA 00016A10 -> LdrLoadDll
SYMBOL_PARSER: RVA 0000FBF0 -> LdrUnloadDll
SYMBOL_PARSER: RVA 0001733C -> LdrpLoadDll
SYMBOL_PARSER: RVA 000168A0 -> LdrGetDllHandleEx
SYMBOL_PARSER: RVA 00081C20 -> LdrGetProcedureAddress
SYMBOL_PARSER: RVA 0009D3C0 -> NtQueryInformationProcess
SYMBOL_PARSER: RVA 0009D760 -> NtQuerySystemInformation
SYMBOL_PARSER: RVA 0009D540 -> NtQueryInformationThread
SYMBOL_PARSER: RVA 000A3F00 -> memmove
SYMBOL_PARSER: RVA 00087E50 -> RtlZeroMemory
SYMBOL_PARSER: RVA 0002A9A0 -> RtlAllocateHeap
SYMBOL_PARSER: RVA 00024760 -> RtlFreeHeap
SYMBOL_PARSER: RVA 00019580 -> RtlAnsiStringToUnicodeString
SYMBOL_PARSER: RVA 00061360 -> RtlUnicodeStringToAnsiString
SYMBOL_PARSER: RVA 00016090 -> RtlCompareUnicodeString
SYMBOL_PARSER: RVA 0008B1E0 -> RtlCompareString
SYMBOL_PARSER: RVA 0009D700 -> NtOpenFile
SYMBOL_PARSER: RVA 0009D160 -> NtReadFile
SYMBOL_PARSER: RVA 0009D580 -> NtSetInformationFile
SYMBOL_PARSER: RVA 0009D2C0 -> NtQueryInformationFile
SYMBOL_PARSER: RVA 0009D280 -> NtClose
SYMBOL_PARSER: RVA 0009D3A0 -> NtAllocateVirtualMemory
SYMBOL_PARSER: RVA 0009D460 -> NtFreeVirtualMemory
SYMBOL_PARSER: RVA 0009DAA0 -> NtProtectVirtualMemory
SYMBOL_PARSER: RVA 0009D9E0 -> NtCreateSection
SYMBOL_PARSER: RVA 0009D5A0 -> NtMapViewOfSection
SYMBOL_PARSER: RVA 0009E8D0 -> NtCreateThreadEx
SYMBOL_PARSER: RVA 000DC1D0 -> RtlQueueApcWow64Thread
SYMBOL_PARSER: RVA 000108F0 -> RtlInsertInvertedFunctionTable
SYMBOL_PARSER: RVA 00047C64 -> LdrpHandleTlsData
SYMBOL_PARSER: RVA 0007D190 -> LdrLockLoaderLock
SYMBOL_PARSER: RVA 0007E000 -> LdrUnlockLoaderLock
SYMBOL_PARSER: RVA 000817D0 -> RtlAddVectoredExceptionHandler
SYMBOL_PARSER: RVA 000821D0 -> RtlRemoveVectoredExceptionHandler
SYMBOL_PARSER: RVA 0009D720 -> NtDelayExecution
SYMBOL_PARSER: RVA 0016C520 -> LdrpHeap
SYMBOL_PARSER: RVA 001813E8 -> LdrpVectorHandlerList
SYMBOL_PARSER: RVA 001665F0 -> LdrpTlsList
SYMBOL_PARSER: RVA 00181500 -> LdrpInvertedFunctionTable
SYMBOL_PARSER: RVA 00011450 -> LdrGetDllPath
SYMBOL_PARSER: RVA 0002A0A0 -> RtlRbRemoveNode
SYMBOL_PARSER: RVA 0016D4A8 -> LdrpModuleBaseAddressIndex
SYMBOL_PARSER: RVA 0016D4B8 -> LdrpMappingInfoIndex
SYMBOL_PARSER: RVA 00012224 -> LdrProtectMrdata
SYMBOL_PARSER: RVA 0001A360 -> LdrpPreprocessDllName
SYMBOL_PARSER: RVA 0001FA14 -> LdrpLoadDllInternal
SYMBOL_PARSER: RVA 000302E4 -> LdrpDereferenceModule
SYMBOL_PARSER: RVA 00067C20 -> RtlAddFunctionTable
SYMBOL_LOADER::Cleanup
Native ntdll symbols loaded
SYMBOL_LOADER::Initialize
SYMBOL_PARSER: initialization finished
Start loading WOW64 ntdll symbols
SYMBOL_PARSER: RVA 0004DE20 -> LdrLoadDll
SYMBOL_PARSER: RVA 0004CE00 -> LdrUnloadDll
SYMBOL_PARSER: RVA 00026B55 -> LdrpLoadDll
SYMBOL_PARSER: RVA 0004ACA0 -> LdrGetDllHandleEx
SYMBOL_PARSER: RVA 0002B840 -> LdrGetProcedureAddress
SYMBOL_PARSER: RVA 00078D00 -> memmove
SYMBOL_PARSER: RVA 000883C0 -> RtlZeroMemory
SYMBOL_PARSER: RVA 00045E10 -> RtlAllocateHeap
SYMBOL_PARSER: RVA 00043C40 -> RtlFreeHeap
SYMBOL_PARSER: RVA 0004C5E0 -> RtlAnsiStringToUnicodeString
SYMBOL_PARSER: RVA 00060D90 -> RtlUnicodeStringToAnsiString
SYMBOL_PARSER: RVA 00050540 -> RtlCompareUnicodeString
SYMBOL_PARSER: RVA 000CE490 -> RtlCompareString
SYMBOL_PARSER: RVA 00072DB0 -> NtOpenFile
SYMBOL_PARSER: RVA 00072AC0 -> NtReadFile
SYMBOL_PARSER: RVA 00072CF0 -> NtSetInformationFile
SYMBOL_PARSER: RVA 00072B70 -> NtQueryInformationFile
SYMBOL_PARSER: RVA 00072B50 -> NtClose
SYMBOL_PARSER: RVA 00072BE0 -> NtAllocateVirtualMemory
SYMBOL_PARSER: RVA 00072C60 -> NtFreeVirtualMemory
SYMBOL_PARSER: RVA 00072F80 -> NtProtectVirtualMemory
SYMBOL_PARSER: RVA 00072F20 -> NtCreateSection
SYMBOL_PARSER: RVA 00072D00 -> NtMapViewOfSection
SYMBOL_PARSER: RVA 00039DDA -> RtlInsertInvertedFunctionTable
SYMBOL_PARSER: RVA 00050D81 -> LdrpHandleTlsData
SYMBOL_PARSER: RVA 000686B0 -> LdrLockLoaderLock
SYMBOL_PARSER: RVA 0006A7A0 -> LdrUnlockLoaderLock
SYMBOL_PARSER: RVA 0002B0D0 -> RtlAddVectoredExceptionHandler
SYMBOL_PARSER: RVA 0002B270 -> RtlRemoveVectoredExceptionHandler
SYMBOL_PARSER: RVA 00072DC0 -> NtDelayExecution
SYMBOL_PARSER: RVA 00125D74 -> LdrpHeap
SYMBOL_PARSER: RVA 0012933C -> LdrpVectorHandlerList
SYMBOL_PARSER: RVA 00123410 -> LdrpTlsList
SYMBOL_PARSER: RVA 00129360 -> LdrpInvertedFunctionTable
SYMBOL_PARSER: RVA 00032880 -> LdrGetDllPath
SYMBOL_PARSER: RVA 00059BC0 -> RtlRbRemoveNode
SYMBOL_PARSER: RVA 001267B4 -> LdrpModuleBaseAddressIndex
SYMBOL_PARSER: RVA 001267BC -> LdrpMappingInfoIndex
SYMBOL_PARSER: RVA 00061E36 -> LdrProtectMrdata
SYMBOL_PARSER: RVA 0004B150 -> LdrpPreprocessDllName
SYMBOL_PARSER: RVA 0004E1B4 -> LdrpLoadDllInternal
SYMBOL_PARSER: RVA 0004D461 -> LdrpDereferenceModule
SYMBOL_LOADER::Cleanup
SYMBOL_PARSER::Cleanup
WOW64 ntdll symbols loaded
Beginning download(s)
All symbols loaded
Import handler finished
InjectA called with pData = 000000186593FA10
Inject_Internal called with pData = 000000186593F940
Import handler finished
Attached to target process
Target process name = example_win32_directx9.exe
Validating specified file
File validated and prepared for injection:
C:\Users\godiswithme\source\repos\testingrights\x64\Release\testdll.dll
Begin InjectDll
Forwarding call to ManualMap
Begin ManualMap
Shell data initialized
Shellsize = 00002550
Total size = 00002A38
pArg = 0000027071A80000
pShells = 0000027071A802F0
pFunctionTable = 0000027071A82840
Shelldata written to memory
Shells written to memory
Function table written to memory
Begin SR_NtCreateThreadEx
Creating ProcessInfo
ProcessInfo initialized
Codecave allocated at 0000027071AB0000
Creating thread with:
pRoutine = 0000027071AB0030
pArg = 0000027071AB0000
Thread created with TID = 001208 (004616)
Entering wait state
WaitForSingleObject failed: 00000102
Return from StartRoutine
StartRoutine failed: 10100009
Injection finished
GH Injector V4.8 detached
SYMBOL_PARSER::Cleanup
SYMBOL_LOADER::Cleanup
SYMBOL_LOADER::Cleanup
SYMBOL_LOADER::Cleanup
SYMBOL_LOADER::Cleanup
Time is not set to 0ms
from gh-injector-library.
Broihon
commented on May 24, 2024
What timeout value are you using? Does the target process crash? What manual mapping flags are you using?
from gh-injector-library.
invlpga
commented on May 24, 2024
The time out value is 1000.
The process does not crash, and for the manual mapping flags, I use the default
code:
int main() {
HINSTANCE hInjectionMod = LoadLibrary(GH_INJ_MOD_NAME);
auto InjectA = (f_InjectA)GetProcAddress(hInjectionMod, "InjectA");
auto GetSymbolState = (f_GetSymbolState)GetProcAddress(hInjectionMod, "GetSymbolState");
auto GetImportState = (f_GetSymbolState)GetProcAddress(hInjectionMod, "GetImportState");
auto StartDownload = (f_StartDownload)GetProcAddress(hInjectionMod, "StartDownload");
auto GetDownloadProgressEx = (f_GetDownloadProgressEx)GetProcAddress(hInjectionMod, "GetDownloadProgressEx");
//due to a minor bug in the current version you have to wait a bit before starting the download
//will be fixed in version 4.7
Sleep(500);
StartDownload();
//since GetSymbolState and GetImportState only return after the downloads are finished
//checking the download progress is not necessary
while (GetDownloadProgressEx(PDB_DOWNLOAD_INDEX_NTDLL, false) != 1.0f)
{
Sleep(10);
}
#ifdef _WIN64
while (GetDownloadProgressEx(PDB_DOWNLOAD_INDEX_NTDLL, true) != 1.0f)
{
Sleep(10);
}
#endif
while (GetSymbolState() != 0)
{
Sleep(10);
}
while (GetImportState() != 0)
{
Sleep(10);
}
HANDLE handle = acquire_process(L"example_win32_directx9.exe");
//HANDLE handle = acquire_process(L"Everything.exe");
DWORD TargetProcessId = GetProcessId(handle);
INJECTIONDATAA data =
{
"C:\\Users\\dan\\source\\repos\\testingrights\\x64\\Release\\testdll.dll",
TargetProcessId,
INJECTION_MODE::IM_ManualMap,
LAUNCH_METHOD::LM_NtCreateThreadEx,
MM_DEFAULT,
1000,
NULL,
NULL,
true
};
//strcpy(data.szDllPath, DllPathToInject);
InjectA(&data);
}from gh-injector-library.
Broihon
commented on May 24, 2024
Looks fine as far as I can tell. Are you doing funky stuff in your DllMain? If your DllMain deadlocks (with MM_DEFAULT the loader lock is locked) the thread will timeout.
from gh-injector-library.
invlpga
commented on May 24, 2024
Nah, the dll is fairly simple. I was using this to test GH Injector out
code:
#include "pch.h"
#include <Windows.h>
BOOL APIENTRY DllMain( HMODULE hModule,
DWORD ul_reason_for_call,
LPVOID lpReserved
)
{
switch (ul_reason_for_call)
{
case DLL_PROCESS_ATTACH:
MessageBox(NULL, L"Hello, world!", L"Hook test", MB_OK);
case DLL_THREAD_ATTACH:
case DLL_THREAD_DETACH:
case DLL_PROCESS_DETACH:
break;
}
return TRUE;
}from gh-injector-library.
Related Issues (20)
- injection keep failing HOT 4
- Cannot run the program HOT 1
- Won't run on Windows 11 HOT 2
- Shellcode Injector execution time exceeded SR_REMOTE_TIMEOUT HOT 1
- How do i get it to inject into a game called PolyGon HOT 1
- Feature Request, Manual Map from file in memory HOT 8
- support uwp apps
- How to handle Error code: 0x1010000C HOT 10
- This shit crashes with csgo now 😡😡😡😡 HOT 1
- My injector closes when I finish injecting. HOT 4
- Shell failed with 0x0040000A HOT 5
- GetDownloadProgress Doesn't work correctly... HOT 8
- Manual map injection keep failing HOT 3
- Don't know how to make it run HOT 4
- Error! HOT 5
- BUG??? HOT 1
- From memory mapping and handle hijacking not supported HOT 4
- Error code: 0x00000012 HOT 1
- Handle Hijacking often makes windows shut down to critical error in 1 minute. HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from gh-injector-library.