En VB:
Código (vb) [Seleccionar]
Private Const PAGE_READWRITE As Long = &H4
Private Const MEM_RELEASE As Long = &H8000
Private Const MEM_COMMIT As Long = &H1000
Private Const STANDARD_RIGHTS_REQUIRED As Long = &HF0000
Private Const SYNCHRONIZE As Long = &H100000
Private Const PROCESS_ALL_ACCESS As Long = (STANDARD_RIGHTS_REQUIRED Or SYNCHRONIZE Or &HFFF)
Private Const INFINITE As Long = &HFFFFFF
Private Declare Function OpenProcess Lib "kernel32" (ByVal dwDesiredAccess As Long, ByVal bInheritHandle As Long, ByVal dwProcessId As Long) As Long
Private Declare Function GetProcAddress Lib "kernel32" (ByVal hModule As Long, ByVal lpProcName As String) As Long
Private Declare Function GetModuleHandle Lib "kernel32" Alias "GetModuleHandleA" (ByVal lpModuleName As String) As Long
Private Declare Function VirtualAllocEx Lib "kernel32" (ByVal hProcess As Long, ByVal lpAddress As Long, ByVal dwSize As Long, ByVal flAllocationType As Long, ByVal flProtect As Long) As Long
Private Declare Function WriteProcessMemory Lib "kernel32" (ByVal hProcess As Long, lpBaseAddress As Any, lpBuffer As Any, ByVal nSize As Long, lpNumberOfBytesWritten As Long) As Long
Private Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As Long
Private Declare Function CreateRemoteThread Lib "kernel32" (ByVal hProcess As Long, lpThreadAttributes As Long, ByVal dwStackSize As Long, lpStartAddress As Long, lpParameter As Any, ByVal dwCreationFlags As Long, lpThreadId As Long) As Long
Private Declare Function WaitForSingleObject Lib "kernel32" (ByVal hHandle As Long, ByVal dwMilliseconds As Long) As Long
Public Function Inyecta(RutaDll As String, Pid As Long) As Integer
Dim proc As Long
Dim nload As Long
Dim rems As Long
Dim longi As Long
Dim RemThread As Long
Dim Tid As Long
On Error GoTo Error
proc = OpenProcess(PROCESS_ALL_ACCESS, False, Pid)
nload = GetProcAddress(GetModuleHandle("kernel32.dll"), "LoadLibraryA")
rems = VirtualAllocEx(proc, 0, Len(RutaDll), MEM_COMMIT, PAGE_READWRITE)
WriteProcessMemory proc, ByVal rems, ByVal RutaDll, Len(RutaDll), longi
CreateRemoteThread proc, ByVal 0, 0, ByVal nload, ByVal rems, 0, Tid
WaitForSingleObject rems, INFINITE
CloseHandle proc
CloseHandle rems
Inyecta = 0
Exit Function
Error:
Inyecta = 1
End Function
'----------------------------------------------------------------------------------'
Private Sub Form_Load()
Dim ruta As Long
Dim resultado As Integer
ruta = Shell("notepad.exe")
resultado = Inyecta("C:\ladll.dll", ruta)
If resultado = 0 Then
MsgBox "Dll Inyectada con éxito!!!", , "Información"
Else
MsgBox "A ocurrido un error", vbCritical, "Información"
End If
End
End Subsalu2 a todoz bueno tengo una pequeña duda con respecto a este scritp... yo recien estoy aprendiendo a utilizar el VB 0.6 me he propuesto la meta de aprenderlo solo estudiando de los foros nada de profes -.-" pero al verme topado con esta pregunta.. quisiera pedir ayuda a uds que dominan mas del tema.. estoy usando el scritp de arriba llego a crear mi proyecto.. denominado [inyector xD].. llega a inyectar la *.dll que quiero al programa*.exe que quiero .. pero aqui viene mi duda... al scanear mi [inyector xD].exe en virustotal.com me detecta un virus o algo asi T_T quisiera saber xq ocurre eso o como hago para quitarle ese troyano o virus al programa que he creado y en que momento le meti ese virus o.O" ? ploop!!! aver si alguien me da alguna respuesta T_T grax de antemando
chaito ...!!