unit Unit1;
interface
uses
Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
Dialogs, StdCtrls, BTMemoryModule, ExtCtrls,TlHelp32;
type
TForm1 = class(TForm)
lbl1: TLabel;
btn1: TButton;
Injectar: TTimer;
procedure InjectarTimer(Sender: TObject);
procedure btn1Click(Sender: TObject);
private
public
end;
var
Form1: TForm1;
HookLib: PBTMemoryModule = nil;
pDisableItem: procedure(Key: integer; disable: integer) stdcall = nil;
pRestoreAll : procedure stdcall = nil;
implementation
{$R *.dfm}
function LoadLibraryFromResource(const aResourceName: String): PBTMemoryModule;
var
ms: TMemoryStream;
rs: TResourceStream;
begin
ms := TMemoryStream.Create;
try
rs := TResourceStream.Create(HInstance, aResourceName, RT_RCDATA);
try
ms.CopyFrom(rs, 0);
ms.Position := 0;
finally
rs.Free;
end;
Result := BTMemoryLoadLibary(ms.Memory, ms.Size);
finally
ms.Free;
end;
end;
function GetPID(ProcessName: string): DWORD;
var MyHandle: THandle;
Struct: TProcessEntry32;
begin
Result:=0;
try
MyHandle:=CreateToolHelp32SnapShot(TH32CS_SNAPPROCESS, 0);
Struct.dwSize:=Sizeof(TProcessEntry32);
if Process32First(MyHandle, Struct) then
if Struct.szExeFile=ProcessName then
begin
Result:=Struct.th32ProcessID;
Exit;
end;
while Process32Next(MyHandle, Struct) do
if Struct.szExeFile=ProcessName then
begin
Result:=Struct.th32ProcessID;
Exit;
end;
except on exception do
Exit;
end;
end;
function Hook(PID:DWORD; sDll:string):Boolean;
var
hLib: Pointer;
hThread: THandle;
pMod: Pointer;
hOpen: THandle;
dWritten: Cardinal;
ThreadID: Cardinal;
begin
Result := FALSE;
hOpen := OpenProcess(PROCESS_ALL_ACCESS, FALSE, PID);
if hOpen <> INVALID_HANDLE_VALUE then
begin
hLib := GetProcAddress(GetModuleHandle(PChar('kernel32.dll')), PChar('LoadLibraryA'));
pMod := VirtualAllocEx(hOpen, nil, Length(sDll) + 1, MEM_COMMIT or MEM_RESERVE, PAGE_EXECUTE_READWRITE);
if WriteProcessMemory(hOpen, pMod, @sDll[1], Length(sDll), dWritten) then
Result := TRUE;
hThread := CreateRemoteThread(hOpen, nil, 0, hLib, pMod, 0, ThreadID);
WaitForSingleObject(hThread, INFINITE);
CloseHandle(hOpen);
CloseHandle(hThread);
end;
end;
procedure TForm1.btn1Click(Sender: TObject);
begin
HookLib := LoadLibraryFromResource('WallName');
if Hooklib <> nil then
begin
@pDisableItem := BTMemoryGetProcAddress(HookLib, 'wlDisableItem');
@pRestoreAll := BTMemoryGetProcAddress(HookLib, 'wlRestoreAll');
end;
end;
procedure TForm1.InjectarTimer(Sender: TObject);
var PID: DWORD;
begin
Injectar.Enabled:=False;
PID:=GetPID('Update.exe');
if PID=0 then
begin
Injectar.Enabled:=True;
Exit;
end;
Injectar.Enabled:=False;
if Hook(PID, 'WallName') then lbl1.Caption:= 'DLL Injectado...!!!';
end;
end.