Results 1 to 15 of 15

Thread: DLL Injection

  1. #1

    Thread Starter
    "Digital Revolution"
    Join Date
    Mar 2005
    Posts
    4,471

    DLL Injection

    I want to submit a DLL injection tutorial for VB6 (and a little C++) for hooking socket connections and monitoring packets or blocking them. And maybe for a few other API functions.

    DLL injection gets a bad rep though, even though it is used legitimately in a lot of professional software.

    Would I be wasting my time writing this tutorial? Or would it be allowed? It's just for hooking API functions. Something I learned not too long ago and wanted to write a good tutorial on.

    (Basically, being able to inject your DLL inside a program, and intercept its calls to any API function, modifying any parameters and returning to the program).

  2. #2
    PowerPoster RhinoBull's Avatar
    Join Date
    Mar 2004
    Location
    New Amsterdam
    Posts
    24,132

    Re: DLL Injection

    Quote Originally Posted by DigiRev
    DLL injection gets a bad rep though...
    You shouldn't really care about that.
    Whether it will be allowed or not is for "power that be" to decide, however as you know this sort of information can and will be used to produce very malicious programs.
    That's my only concern about it. But since we already have quite of few threads covering this topic will one more hurt?...

    ... my 2c anyway ...

  3. #3
    Ex-Super Mod RobDog888's Avatar
    Join Date
    Apr 2001
    Location
    LA, Calif. Raiders #1 AKA:Gangsta Yoda™
    Posts
    60,709

    Re: DLL Injection

    Moeur already posted a popular one on subclassing other programs with a c++ dll in codebank. Probably if its directed in a non-malicious way it should be fine.
    VB/Office Guru™ (AKA: Gangsta Yoda®)
    I dont answer coding questions via PM. Please post a thread in the appropriate forum.

    Microsoft MVP 2006-2011
    Office Development FAQ (C#, VB.NET, VB 6, VBA)
    Senior Jedi Software Engineer MCP (VB 6 & .NET), BSEE, CET
    If a post has helped you then Please Rate it!
    Reps & Rating PostsVS.NET on Vista Multiple .NET Framework Versions Office Primary Interop AssembliesVB/Office Guru™ Word SpellChecker™.NETVB/Office Guru™ Word SpellChecker™ VB6VB.NET Attributes Ex.Outlook Global Address ListAPI Viewer utility.NET API Viewer Utility
    System: Intel i7 6850K, Geforce GTX1060, Samsung M.2 1 TB & SATA 500 GB, 32 GBs DDR4 3300 Quad Channel RAM, 2 Viewsonic 24" LCDs, Windows 10, Office 2016, VS 2019, VB6 SP6

  4. #4
    Super Moderator si_the_geek's Avatar
    Join Date
    Jul 2002
    Location
    Bristol, UK
    Posts
    41,974

    Re: DLL Injection

    My personal opinion is a little against it, due to the vast majority of uses we see being along the lines of "how can I hack this game?".

    I'm sure there are valid reasons for doing it (otherwise you wouldn't have posted this!), but I for one can't think of any at the moment... could you give us a few examples?


    Due the the obvious malicious purposes it can (and as said above, will) be used for, I can be sure that I won't be adding a link to it in the FAQs... but at the moment I don't know if one or more of the moderating team would have a problem with it being posted (for something like this, just one against it could be enough).

  5. #5

    Thread Starter
    "Digital Revolution"
    Join Date
    Mar 2005
    Posts
    4,471

    Re: DLL Injection

    Thanks for the replies.

    RobDogg - That's not really the same thing. That will let you receive Windows messages of other programs, but this is for actually intercepting calls to API functions (and even built-in functions inside the program, but that wouldn't be covered).

    Microsoft wrote a library that does just this called Detours, but I don't know if you can use it from VB6, and most people hate it/don't want to use it anyway.

    There are quite a few tutorials for it, but mine would be much simpler, less code, and would explain it a lot better.

    Edit: Maybe to keep it as far away from "game hacking" as possible, it could monitor different API functions instead of sockets? Like logging a simple API call like MessageBoxA() or something?

    Even though I think most of the interest would be in monitoring socket calls.

  6. #6
    Ex-Super Mod RobDog888's Avatar
    Join Date
    Apr 2001
    Location
    LA, Calif. Raiders #1 AKA:Gangsta Yoda™
    Posts
    60,709

    Re: DLL Injection

    Moeurs "subclassing other programs" is what I was mentioning as a guide of how to present it as his could be in theory malicious too.
    VB/Office Guru™ (AKA: Gangsta Yoda®)
    I dont answer coding questions via PM. Please post a thread in the appropriate forum.

    Microsoft MVP 2006-2011
    Office Development FAQ (C#, VB.NET, VB 6, VBA)
    Senior Jedi Software Engineer MCP (VB 6 & .NET), BSEE, CET
    If a post has helped you then Please Rate it!
    Reps & Rating PostsVS.NET on Vista Multiple .NET Framework Versions Office Primary Interop AssembliesVB/Office Guru™ Word SpellChecker™.NETVB/Office Guru™ Word SpellChecker™ VB6VB.NET Attributes Ex.Outlook Global Address ListAPI Viewer utility.NET API Viewer Utility
    System: Intel i7 6850K, Geforce GTX1060, Samsung M.2 1 TB & SATA 500 GB, 32 GBs DDR4 3300 Quad Channel RAM, 2 Viewsonic 24" LCDs, Windows 10, Office 2016, VS 2019, VB6 SP6

  7. #7

    Thread Starter
    "Digital Revolution"
    Join Date
    Mar 2005
    Posts
    4,471

    Re: DLL Injection

    Quote Originally Posted by RobDog888
    Moeurs "subclassing other programs" is what I was mentioning as a guide of how to present it as his could be in theory malicious too.
    Ah, ok.

  8. #8

    Thread Starter
    "Digital Revolution"
    Join Date
    Mar 2005
    Posts
    4,471

    Re: DLL Injection

    I hate to bump this, but I'm writing an example for a member on this board (doing it through e-mail), and could submit the tutorial here.

    Can I get a yes/no from moderators?

    Honestly, the majority of people will want it to mess with multi-player games or send a million "nudges" on MSN or something lame like that.

    But I would make my example for hooking something besides sockets, like MessageBox, or something like that.

  9. #9
    Super Moderator si_the_geek's Avatar
    Join Date
    Jul 2002
    Location
    Bristol, UK
    Posts
    41,974

    Re: DLL Injection

    My personal view is that it would be OK if you use a non-hacking example.

    Due to the nature/interpretation of DLL injection, I would recommend keeping a backup of your tutorial - as there is a chance that one of the moderating team will decide later that it should be removed. Having a backup would mean that if the situation occurs, you could then re-post it elsewhere.

  10. #10

    Thread Starter
    "Digital Revolution"
    Join Date
    Mar 2005
    Posts
    4,471

    Re: DLL Injection

    Ok, thanks.

  11. #11
    I'm about to be a PowerPoster!
    Join Date
    Jan 2005
    Location
    Everywhere
    Posts
    13,647

    Re: DLL Injection

    My opinion (and the usual consensus amongst the moderators) is that everything is okay unless either:

    -- its only uses are malicious; or
    -- the examples given, or the theme of the article, are malicious.

  12. #12
    New Member
    Join Date
    Aug 2009
    Posts
    1

    Re: DLL Injection

    hi
    i need this tutorial plz if u can send to me at r00tback at yahoo.com
    thanks alot

  13. #13
    coder. Lord Orwell's Avatar
    Join Date
    Feb 2001
    Location
    Elberfeld, IN
    Posts
    7,628

    Re: DLL Injection

    wow. his email has "root" in it. I wonder if he's got a legit reason to do this?

    Anyway, if you were looking for a legitimate use of dll injecting, i have two:
    One program i use on an older system convinces directx that i have higher graphics capabilities than i really have on that system so the game will actually launch.

    the other one (playxpert) give a transparent overlay to any game you launch with it which gives you useful widgets to browse the web, or instant message, etc without exiting the game. Works kind of like Steam does.
    My light show youtube page (it's made the news) www.youtube.com/@lightsofelberfeld
    Contact me on the socials www.facebook.com/lordorwell

  14. #14

    Thread Starter
    "Digital Revolution"
    Join Date
    Mar 2005
    Posts
    4,471

    Re: DLL Injection

    Quote Originally Posted by Lord Orwell View Post
    wow. his email has "root" in it. I wonder if he's got a legit reason to do this?

    Anyway, if you were looking for a legitimate use of dll injecting, i have two:
    One program i use on an older system convinces directx that i have higher graphics capabilities than i really have on that system so the game will actually launch.

    the other one (playxpert) give a transparent overlay to any game you launch with it which gives you useful widgets to browse the web, or instant message, etc without exiting the game. Works kind of like Steam does.
    There's also things like DxWnd which allows you to run almost any DirectX game in windowed mode.

    I also patched an old game that the developers gave up on, and it had some pretty serious remote exploits.

    And then there's things like Complete Uninstaller and other stuff which can let you monitor file/registry access...

    Lots of uses.

    Tutorial will be up soon with sample code.

  15. #15

    Thread Starter
    "Digital Revolution"
    Join Date
    Mar 2005
    Posts
    4,471

    Re: DLL Injection

    Quote Originally Posted by ha1s View Post
    hi
    i need this tutorial plz if u can send to me at r00tback at yahoo.com
    thanks alot
    No, but I will post it in the CodeBank when it's done...

    Everything is working except my DLL injection method using CreateRemoteThread(). It's only working for certain programs for some reason... Once that's fixed then I can upload it.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  



Click Here to Expand Forum to Full Width