|
-
Mar 5th, 2009, 11:55 PM
#1
DLL Injection
I want to submit a DLL injection tutorial for VB6 (and a little C++) for hooking socket connections and monitoring packets or blocking them. And maybe for a few other API functions.
DLL injection gets a bad rep though, even though it is used legitimately in a lot of professional software.
Would I be wasting my time writing this tutorial? Or would it be allowed? It's just for hooking API functions. Something I learned not too long ago and wanted to write a good tutorial on.
(Basically, being able to inject your DLL inside a program, and intercept its calls to any API function, modifying any parameters and returning to the program).
-
Mar 6th, 2009, 08:10 AM
#2
Re: DLL Injection
 Originally Posted by DigiRev
DLL injection gets a bad rep though...
You shouldn't really care about that. 
Whether it will be allowed or not is for "power that be" to decide, however as you know this sort of information can and will be used to produce very malicious programs.
That's my only concern about it. But since we already have quite of few threads covering this topic will one more hurt?... 
... my 2c anyway ...
-
Mar 6th, 2009, 11:20 AM
#3
Re: DLL Injection
Moeur already posted a popular one on subclassing other programs with a c++ dll in codebank. Probably if its directed in a non-malicious way it should be fine.
VB/Office Guru™ (AKA: Gangsta Yoda™ ®)
I dont answer coding questions via PM. Please post a thread in the appropriate forum. 
Microsoft MVP 2006-2011
Office Development FAQ (C#, VB.NET, VB 6, VBA)
Senior Jedi Software Engineer MCP (VB 6 & .NET), BSEE, CET
If a post has helped you then Please Rate it! 
• Reps & Rating Posts • VS.NET on Vista • Multiple .NET Framework Versions • Office Primary Interop Assemblies • VB/Office Guru™ Word SpellChecker™.NET • VB/Office Guru™ Word SpellChecker™ VB6 • VB.NET Attributes Ex. • Outlook Global Address List • API Viewer utility • .NET API Viewer Utility •
System: Intel i7 6850K, Geforce GTX1060, Samsung M.2 1 TB & SATA 500 GB, 32 GBs DDR4 3300 Quad Channel RAM, 2 Viewsonic 24" LCDs, Windows 10, Office 2016, VS 2019, VB6 SP6 
-
Mar 6th, 2009, 11:22 AM
#4
Re: DLL Injection
My personal opinion is a little against it, due to the vast majority of uses we see being along the lines of "how can I hack this game?".
I'm sure there are valid reasons for doing it (otherwise you wouldn't have posted this!), but I for one can't think of any at the moment... could you give us a few examples?
Due the the obvious malicious purposes it can (and as said above, will) be used for, I can be sure that I won't be adding a link to it in the FAQs... but at the moment I don't know if one or more of the moderating team would have a problem with it being posted (for something like this, just one against it could be enough).
-
Mar 6th, 2009, 04:57 PM
#5
Re: DLL Injection
Thanks for the replies.
RobDogg - That's not really the same thing. That will let you receive Windows messages of other programs, but this is for actually intercepting calls to API functions (and even built-in functions inside the program, but that wouldn't be covered).
Microsoft wrote a library that does just this called Detours, but I don't know if you can use it from VB6, and most people hate it/don't want to use it anyway.
There are quite a few tutorials for it, but mine would be much simpler, less code, and would explain it a lot better.
Edit: Maybe to keep it as far away from "game hacking" as possible, it could monitor different API functions instead of sockets? Like logging a simple API call like MessageBoxA() or something?
Even though I think most of the interest would be in monitoring socket calls.
-
Mar 7th, 2009, 12:31 AM
#6
Re: DLL Injection
Moeurs "subclassing other programs" is what I was mentioning as a guide of how to present it as his could be in theory malicious too.
VB/Office Guru™ (AKA: Gangsta Yoda™ ®)
I dont answer coding questions via PM. Please post a thread in the appropriate forum. 
Microsoft MVP 2006-2011
Office Development FAQ (C#, VB.NET, VB 6, VBA)
Senior Jedi Software Engineer MCP (VB 6 & .NET), BSEE, CET
If a post has helped you then Please Rate it! 
• Reps & Rating Posts • VS.NET on Vista • Multiple .NET Framework Versions • Office Primary Interop Assemblies • VB/Office Guru™ Word SpellChecker™.NET • VB/Office Guru™ Word SpellChecker™ VB6 • VB.NET Attributes Ex. • Outlook Global Address List • API Viewer utility • .NET API Viewer Utility •
System: Intel i7 6850K, Geforce GTX1060, Samsung M.2 1 TB & SATA 500 GB, 32 GBs DDR4 3300 Quad Channel RAM, 2 Viewsonic 24" LCDs, Windows 10, Office 2016, VS 2019, VB6 SP6 
-
Mar 7th, 2009, 10:42 PM
#7
Re: DLL Injection
 Originally Posted by RobDog888
Moeurs "subclassing other programs" is what I was mentioning as a guide of how to present it as his could be in theory malicious too. 
Ah, ok.
-
Aug 14th, 2009, 05:14 PM
#8
Re: DLL Injection
I hate to bump this, but I'm writing an example for a member on this board (doing it through e-mail), and could submit the tutorial here.
Can I get a yes/no from moderators?
Honestly, the majority of people will want it to mess with multi-player games or send a million "nudges" on MSN or something lame like that.
But I would make my example for hooking something besides sockets, like MessageBox, or something like that.
-
Aug 16th, 2009, 05:51 AM
#9
Re: DLL Injection
My personal view is that it would be OK if you use a non-hacking example.
Due to the nature/interpretation of DLL injection, I would recommend keeping a backup of your tutorial - as there is a chance that one of the moderating team will decide later that it should be removed. Having a backup would mean that if the situation occurs, you could then re-post it elsewhere.
-
Aug 18th, 2009, 10:05 PM
#10
-
Aug 18th, 2009, 11:32 PM
#11
Re: DLL Injection
My opinion (and the usual consensus amongst the moderators) is that everything is okay unless either:
-- its only uses are malicious; or
-- the examples given, or the theme of the article, are malicious.
-
Aug 21st, 2009, 08:48 PM
#12
New Member
Re: DLL Injection
hi
i need this tutorial plz if u can send to me at r00tback at yahoo.com
thanks alot
-
Aug 22nd, 2009, 04:31 AM
#13
Re: DLL Injection
wow. his email has "root" in it. I wonder if he's got a legit reason to do this?
Anyway, if you were looking for a legitimate use of dll injecting, i have two:
One program i use on an older system convinces directx that i have higher graphics capabilities than i really have on that system so the game will actually launch.
the other one (playxpert) give a transparent overlay to any game you launch with it which gives you useful widgets to browse the web, or instant message, etc without exiting the game. Works kind of like Steam does.
-
Aug 22nd, 2009, 06:07 AM
#14
Re: DLL Injection
 Originally Posted by Lord Orwell
wow. his email has "root" in it. I wonder if he's got a legit reason to do this?
Anyway, if you were looking for a legitimate use of dll injecting, i have two:
One program i use on an older system convinces directx that i have higher graphics capabilities than i really have on that system so the game will actually launch.
the other one (playxpert) give a transparent overlay to any game you launch with it which gives you useful widgets to browse the web, or instant message, etc without exiting the game. Works kind of like Steam does.
There's also things like DxWnd which allows you to run almost any DirectX game in windowed mode.
I also patched an old game that the developers gave up on, and it had some pretty serious remote exploits.
And then there's things like Complete Uninstaller and other stuff which can let you monitor file/registry access...
Lots of uses.
Tutorial will be up soon with sample code.
-
Aug 28th, 2009, 12:19 AM
#15
Re: DLL Injection
 Originally Posted by ha1s
hi
i need this tutorial plz if u can send to me at r00tback at yahoo.com
thanks alot
No, but I will post it in the CodeBank when it's done...
Everything is working except my DLL injection method using CreateRemoteThread(). It's only working for certain programs for some reason... Once that's fixed then I can upload it.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
Click Here to Expand Forum to Full Width
|