├── .gitignore
├── IPCExample
├── IPCExample.csproj
├── Program.cs
└── Properties
│ └── AssemblyInfo.cs
├── InjectTest
├── InjectTest.csproj
├── Program.cs
├── Properties
│ └── AssemblyInfo.cs
├── app.config
└── bin
│ └── Release
│ ├── EasyHook.dll
│ ├── EasyHook32.dll
│ ├── EasyLoad32.dll
│ ├── InjectTest.exe
│ ├── TestDLL.dll
│ ├── VinjEx.dll
│ └── VinjEx.xml
├── LICENSE
├── TestDLL
├── Main2.cs
├── Properties
│ └── AssemblyInfo.cs
└── TestDLL.csproj
├── VinjEx.sln
├── VinjEx
├── EasierHook.cs
├── EventWrapper.cs
├── InjectInterface.cs
├── Injectable.cs
├── InjectableProcess.cs
├── Properties
│ └── AssemblyInfo.cs
└── VinjEx.csproj
└── readme.md
/.gitignore:
--------------------------------------------------------------------------------
1 | ## Ignore Visual Studio temporary files, build results, and
2 | ## files generated by popular Visual Studio add-ons.
3 |
4 | # User-specific files
5 | *.suo
6 | *.user
7 | *.userosscache
8 | *.sln.docstates
9 |
10 | # Build results
11 | [Dd]ebug/
12 | [Dd]ebugPublic/
13 | [Rr]elease/
14 | [Rr]eleases/
15 | x64/
16 | x86/
17 | build/
18 | bld/
19 | [Bb]in/
20 | [Oo]bj/
21 |
22 | # Roslyn cache directories
23 | *.ide/
24 |
25 | # MSTest test Results
26 | [Tt]est[Rr]esult*/
27 | [Bb]uild[Ll]og.*
28 |
29 | #NUNIT
30 | *.VisualState.xml
31 | TestResult.xml
32 |
33 | # Build Results of an ATL Project
34 | [Dd]ebugPS/
35 | [Rr]eleasePS/
36 | dlldata.c
37 |
38 | *_i.c
39 | *_p.c
40 | *_i.h
41 | *.ilk
42 | *.meta
43 | *.obj
44 | *.pch
45 | *.pdb
46 | *.pgc
47 | *.pgd
48 | *.rsp
49 | *.sbr
50 | *.tlb
51 | *.tli
52 | *.tlh
53 | *.tmp
54 | *.tmp_proj
55 | *.log
56 | *.vspscc
57 | *.vssscc
58 | .builds
59 | *.pidb
60 | *.svclog
61 | *.scc
62 |
63 | # Chutzpah Test files
64 | _Chutzpah*
65 |
66 | # Visual C++ cache files
67 | ipch/
68 | *.aps
69 | *.ncb
70 | *.opensdf
71 | *.sdf
72 | *.cachefile
73 |
74 | # Visual Studio profiler
75 | *.psess
76 | *.vsp
77 | *.vspx
78 |
79 | # TFS 2012 Local Workspace
80 | $tf/
81 |
82 | # Guidance Automation Toolkit
83 | *.gpState
84 |
85 | # ReSharper is a .NET coding add-in
86 | _ReSharper*/
87 | *.[Rr]e[Ss]harper
88 | *.DotSettings.user
89 |
90 | # JustCode is a .NET coding addin-in
91 | .JustCode
92 |
93 | # TeamCity is a build add-in
94 | _TeamCity*
95 |
96 | # DotCover is a Code Coverage Tool
97 | *.dotCover
98 |
99 | # NCrunch
100 | _NCrunch_*
101 | .*crunch*.local.xml
102 |
103 | # MightyMoose
104 | *.mm.*
105 | AutoTest.Net/
106 |
107 | # Web workbench (sass)
108 | .sass-cache/
109 |
110 | # Installshield output folder
111 | [Ee]xpress/
112 |
113 | # DocProject is a documentation generator add-in
114 | DocProject/buildhelp/
115 | DocProject/Help/*.HxT
116 | DocProject/Help/*.HxC
117 | DocProject/Help/*.hhc
118 | DocProject/Help/*.hhk
119 | DocProject/Help/*.hhp
120 | DocProject/Help/Html2
121 | DocProject/Help/html
122 |
123 | # Click-Once directory
124 | publish/
125 |
126 | # Publish Web Output
127 | *.[Pp]ublish.xml
128 | *.azurePubxml
129 | # TODO: Comment the next line if you want to checkin your web deploy settings
130 | # but database connection strings (with potential passwords) will be unencrypted
131 | *.pubxml
132 | *.publishproj
133 |
134 | # NuGet Packages
135 | *.nupkg
136 | # The packages folder can be ignored because of Package Restore
137 | **/packages/*
138 | # except build/, which is used as an MSBuild target.
139 | !**/packages/build/
140 | # If using the old MSBuild-Integrated Package Restore, uncomment this:
141 | #!**/packages/repositories.config
142 |
143 | # Windows Azure Build Output
144 | csx/
145 | *.build.csdef
146 |
147 | # Windows Store app package directory
148 | AppPackages/
149 |
150 | # Others
151 | sql/
152 | *.Cache
153 | ClientBin/
154 | [Ss]tyle[Cc]op.*
155 | ~$*
156 | *~
157 | *.dbmdl
158 | *.dbproj.schemaview
159 | *.pfx
160 | *.publishsettings
161 | node_modules/
162 |
163 | # RIA/Silverlight projects
164 | Generated_Code/
165 |
166 | # Backup & report files from converting an old project file
167 | # to a newer Visual Studio version. Backup files are not needed,
168 | # because we have git ;-)
169 | _UpgradeReport_Files/
170 | Backup*/
171 | UpgradeLog*.XML
172 | UpgradeLog*.htm
173 |
174 | # SQL Server files
175 | *.mdf
176 | *.ldf
177 |
178 | # Business Intelligence projects
179 | *.rdl.data
180 | *.bim.layout
181 | *.bim_*.settings
182 |
183 | # Microsoft Fakes
184 | FakesAssemblies/
185 |
186 | # =========================
187 | # Operating System Files
188 | # =========================
189 |
190 | # OSX
191 | # =========================
192 |
193 | .DS_Store
194 | .AppleDouble
195 | .LSOverride
196 |
197 | # Thumbnails
198 | ._*
199 |
200 | # Files that might appear on external disk
201 | .Spotlight-V100
202 | .Trashes
203 |
204 | # Directories potentially created on remote AFP share
205 | .AppleDB
206 | .AppleDesktop
207 | Network Trash Folder
208 | Temporary Items
209 | .apdisk
210 |
211 | # Windows
212 | # =========================
213 |
214 | # Windows image file caches
215 | Thumbs.db
216 | ehthumbs.db
217 |
218 | # Folder config file
219 | Desktop.ini
220 |
221 | # Recycle Bin used on file shares
222 | $RECYCLE.BIN/
223 |
224 | # Windows Installer files
225 | *.cab
226 | *.msi
227 | *.msm
228 | *.msp
229 |
230 | # Windows shortcuts
231 | *.lnk
232 | /VinjEx/EasyHook64Svc.exe
233 | /VinjEx/EasyLoad32.dll
234 | /VinjEx/EasyLoad64.dll
235 | /VinjEx/EasyHook32.dll
236 | /VinjEx/EasyHook32Svc.exe
237 | /VinjEx/EasyHook64.dll
238 |
--------------------------------------------------------------------------------
/IPCExample/IPCExample.csproj:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Debug
6 | AnyCPU
7 | {46B741BA-1823-4F70-9C46-4969E90EE2CB}
8 | Exe
9 | Properties
10 | IPCExample
11 | IPCExample
12 | v4.0
13 | 512
14 |
15 |
16 | AnyCPU
17 | true
18 | full
19 | false
20 | bin\Debug\
21 | DEBUG;TRACE
22 | prompt
23 | 4
24 |
25 |
26 | AnyCPU
27 | pdbonly
28 | true
29 | bin\Release\
30 | TRACE
31 | prompt
32 | 4
33 |
34 |
35 |
36 |
37 |
38 |
39 |
40 |
41 |
42 |
43 |
44 |
45 |
46 |
47 |
48 |
49 |
56 |
--------------------------------------------------------------------------------
/IPCExample/Program.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Runtime.Remoting.Channels.Ipc;
3 | using System.Runtime.Remoting.Channels;
4 | using System.Runtime.Remoting;
5 | using System.Reflection;
6 | using System.Collections;
7 |
8 | /*
9 | This Example is provided by Sowmy Srinivasan.
10 | URL: https://social.msdn.microsoft.com/Forums/en-US/b0b75d32-9ed8-404c-b8f3-d3cb4c3d241f/ipc-remoting-exception-with-events?forum=netfxremoting
11 | */
12 |
13 | namespace IpcCallbackSample
14 | {
15 | class Program : MarshalByRefObject
16 | {
17 | public void CallServer(Program client, string sender)
18 | {
19 | Console.WriteLine("Message from {0}", sender);
20 | client.CallbackClient("Server");
21 | }
22 |
23 | public void CallbackClient(string sender)
24 | {
25 | Console.WriteLine("Message from {0}", sender);
26 | }
27 |
28 | static void Main(string[] args)
29 | {
30 | if (args == null || args.Length == 0 || args[0].ToLower() == "-server")
31 | {
32 | RegisterChannel("Server");
33 | RemotingConfiguration.RegisterWellKnownServiceType(typeof(Program), "RemotingServer", WellKnownObjectMode.SingleCall);
34 | Console.WriteLine("Server Running. Start client by typing '{0} -client'", Assembly.GetEntryAssembly().Location);
35 | Console.ReadLine();
36 | }
37 | else
38 | {
39 | RegisterChannel("Client");
40 | Program proxy = (Program)Activator.GetObject(typeof(Program), "ipc://Server/RemotingServer");
41 | proxy.CallServer(new Program(), "Client");
42 | }
43 | }
44 |
45 | static void RegisterChannel(string name)
46 | {
47 | Hashtable properties = new Hashtable();
48 | properties.Add("name", name);
49 | properties.Add("portName", name);
50 | properties.Add("typeFilterLevel", "Full");
51 | IpcChannel channel = new IpcChannel(properties,
52 | new BinaryClientFormatterSinkProvider(properties, null),
53 | new BinaryServerFormatterSinkProvider(properties, null));
54 | ChannelServices.RegisterChannel(channel,false);
55 | }
56 | }
57 | }
58 |
--------------------------------------------------------------------------------
/IPCExample/Properties/AssemblyInfo.cs:
--------------------------------------------------------------------------------
1 | using System.Reflection;
2 | using System.Runtime.CompilerServices;
3 | using System.Runtime.InteropServices;
4 |
5 | // 有关程序集的一般信息由以下
6 | // 控制。更改这些特性值可修改
7 | // 与程序集关联的信息。
8 | [assembly: AssemblyTitle("IPCExample")]
9 | [assembly: AssemblyDescription("Just learn .NET Remoting.")]
10 | [assembly: AssemblyConfiguration("")]
11 | [assembly: AssemblyCompany("")]
12 | [assembly: AssemblyProduct("IPCExample")]
13 | [assembly: AssemblyCopyright("Copyright © Sowmy Srinivasan")]
14 | [assembly: AssemblyTrademark("")]
15 | [assembly: AssemblyCulture("")]
16 |
17 | //将 ComVisible 设置为 false 将使此程序集中的类型
18 | //对 COM 组件不可见。 如果需要从 COM 访问此程序集中的类型,
19 | //请将此类型的 ComVisible 特性设置为 true。
20 | [assembly: ComVisible(false)]
21 |
22 | // 如果此项目向 COM 公开,则下列 GUID 用于类型库的 ID
23 | [assembly: Guid("46b741ba-1823-4f70-9c46-4969e90ee2cb")]
24 |
25 | // 程序集的版本信息由下列四个值组成:
26 | //
27 | // 主版本
28 | // 次版本
29 | // 生成号
30 | // 修订号
31 | //
32 | //可以指定所有这些值,也可以使用“生成号”和“修订号”的默认值,
33 | // 方法是按如下所示使用“*”: :
34 | // [assembly: AssemblyVersion("1.0.*")]
35 | [assembly: AssemblyVersion("1.0.0.0")]
36 | [assembly: AssemblyFileVersion("1.0.0.0")]
37 |
--------------------------------------------------------------------------------
/InjectTest/InjectTest.csproj:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Debug
6 | AnyCPU
7 | {7F5D5041-E6B9-4E86-8D87-5A63A68ACC83}
8 | Exe
9 | Properties
10 | InjectTest
11 | InjectTest
12 | v4.0
13 | 512
14 |
15 |
16 |
17 | AnyCPU
18 | true
19 | full
20 | false
21 | bin\Debug\
22 | DEBUG;TRACE
23 | prompt
24 | 4
25 | true
26 |
27 |
28 | AnyCPU
29 | pdbonly
30 | true
31 | bin\Release\
32 | TRACE
33 | prompt
34 | 4
35 | true
36 |
37 |
38 |
39 | False
40 | ..\DLL\EasyHook.dll
41 |
42 |
43 |
44 |
45 |
46 |
47 |
48 |
49 |
50 |
51 |
52 |
53 |
54 |
55 |
56 |
57 | {687b7b6f-16d9-47d7-a364-60b28cfe3caa}
58 | TestDLL
59 |
60 |
61 | {fcc2c253-ca39-4352-8c3c-e7ad478b8c60}
62 | VinjEx
63 |
64 |
65 |
66 |
67 |
68 |
69 |
76 |
--------------------------------------------------------------------------------
/InjectTest/Program.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Windows.Forms;
3 | using VinjEx;
4 | using System.Diagnostics;
5 |
6 | namespace InjectTest
7 | {
8 | ///
9 | /// NOTE: if the client would call a method in host which would operate host's local vars, you have to add "MarshalByRefObject" for host class like below.
10 | /// And only non-static vars can be operate. Statics are always native.
11 | ///
12 | class Program : MarshalByRefObject
13 | {
14 | ///
15 | /// This var is changed indirectly by client
16 | ///
17 | public int TestChamber = 0;
18 |
19 | ///
20 | /// This method is called by client
21 | ///
22 | ///
23 | public void YouSavedScience(object subjectNameHere)
24 | {
25 | MessageBox.Show("[Host]Got a message from client:\n" + subjectNameHere.ToString(),
26 | Process.GetCurrentProcess().ProcessName);
27 | TestChamber++;
28 | }
29 |
30 | ///
31 | /// You can't register a method like in static methods.
32 | ///
33 | public void WakingUpToScience()
34 | {
35 | int pid = 0;
36 | Console.WriteLine("Input process name:");
37 | string processName = Console.ReadLine();
38 | //Get a process by name
39 | var ps = Process.GetProcessesByName(processName);
40 | bool getted = false;
41 | foreach (var process in ps)
42 | {
43 | //if (string.IsNullOrEmpty(process.MainWindowTitle))
44 | // continue;
45 | pid = process.Id;
46 | getted = true;
47 | break;
48 | }
49 | if (!getted)
50 | {
51 | Console.WriteLine("Can not find that process!");
52 | Console.ReadLine();
53 | return;
54 | }
55 | //pass through target PID
56 | InjectableProcess ip = new InjectableProcess(pid);
57 |
58 | //Good morning. You have been in suspension for nine nine nine... nine nine ni-
59 | ip.SleepInterval = 9999999; //Don't worry, since when we call Eject, the dll thread will be woke up immediately.
60 |
61 | //Register a method to handle DLL's response
62 | //Always register methods BEFORE DLL injection
63 | ip.OnClientResponse += YouSavedScience;
64 | //If a method would not associate with any local vars (like below), it is safe and can be registered even in static methods
65 | ip.OnClientExit += (s,e) => { MessageBox.Show("[Host]Got client offline message.\nNow I only Want You Gone-"); };
66 |
67 | //Inject method would return 0 If inject failed (same as VInjDn do)
68 | if (ip.Inject(@"TestDLL.dll",@"TestDLL.dll") == 0)
69 | {
70 | Console.WriteLine("Failed to inject!");
71 | Console.ReadLine();
72 | return;
73 | }
74 | //Commands To Test By
75 | ip.Command("This was a triumph.");
76 | Console.ReadLine();
77 | //Reconstructing More Science
78 | ip.Command(1); //Tell me something about your process!
79 | Console.ReadLine();
80 | //Use this to release DLL
81 | //ip.Eject();
82 | Console.WriteLine("Total Response:" + TestChamber);
83 | Console.ReadLine();
84 | }
85 |
86 | private static void Main(string[] args)
87 | {
88 | Program p = new Program();
89 | p.WakingUpToScience();
90 | }
91 | }
92 |
93 | }
94 |
--------------------------------------------------------------------------------
/InjectTest/Properties/AssemblyInfo.cs:
--------------------------------------------------------------------------------
1 | using System.Reflection;
2 | using System.Runtime.CompilerServices;
3 | using System.Runtime.InteropServices;
4 |
5 | // 有关程序集的常规信息通过以下
6 | // 特性集控制。更改这些特性值可修改
7 | // 与程序集关联的信息。
8 | [assembly: AssemblyTitle("InjectTest")]
9 | [assembly: AssemblyDescription("DEMO for VinjEx.")]
10 | [assembly: AssemblyConfiguration("")]
11 | [assembly: AssemblyCompany("Ulysses")]
12 | [assembly: AssemblyProduct("VinjEx")]
13 | [assembly: AssemblyCopyright("Copyright © Ulysses 2015")]
14 | [assembly: AssemblyTrademark("")]
15 | [assembly: AssemblyCulture("")]
16 |
17 | // 将 ComVisible 设置为 false 使此程序集中的类型
18 | // 对 COM 组件不可见。 如果需要从 COM 访问此程序集中的类型,
19 | // 则将该类型上的 ComVisible 特性设置为 true。
20 | [assembly: ComVisible(false)]
21 |
22 | // 如果此项目向 COM 公开,则下列 GUID 用于类型库的 ID
23 | [assembly: Guid("cb6454e5-e328-4cb1-ba2c-6a5e4cb4b5a8")]
24 |
25 | // 程序集的版本信息由下面四个值组成:
26 | //
27 | // 主版本
28 | // 次版本
29 | // 生成号
30 | // 修订号
31 | //
32 | // 可以指定所有这些值,也可以使用“生成号”和“修订号”的默认值,
33 | // 方法是按如下所示使用“*”:
34 | // [assembly: AssemblyVersion("1.0.*")]
35 | [assembly: AssemblyVersion("1.0.0.0")]
36 | [assembly: AssemblyFileVersion("1.0.0.0")]
37 |
--------------------------------------------------------------------------------
/InjectTest/app.config:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
--------------------------------------------------------------------------------
/InjectTest/bin/Release/EasyHook.dll:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/UlyssesWu/VinjEx/b2e0511fa6fa9def6342adf259badfbf4e12387d/InjectTest/bin/Release/EasyHook.dll
--------------------------------------------------------------------------------
/InjectTest/bin/Release/EasyHook32.dll:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/UlyssesWu/VinjEx/b2e0511fa6fa9def6342adf259badfbf4e12387d/InjectTest/bin/Release/EasyHook32.dll
--------------------------------------------------------------------------------
/InjectTest/bin/Release/EasyLoad32.dll:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/UlyssesWu/VinjEx/b2e0511fa6fa9def6342adf259badfbf4e12387d/InjectTest/bin/Release/EasyLoad32.dll
--------------------------------------------------------------------------------
/InjectTest/bin/Release/InjectTest.exe:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/UlyssesWu/VinjEx/b2e0511fa6fa9def6342adf259badfbf4e12387d/InjectTest/bin/Release/InjectTest.exe
--------------------------------------------------------------------------------
/InjectTest/bin/Release/TestDLL.dll:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/UlyssesWu/VinjEx/b2e0511fa6fa9def6342adf259badfbf4e12387d/InjectTest/bin/Release/TestDLL.dll
--------------------------------------------------------------------------------
/InjectTest/bin/Release/VinjEx.dll:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/UlyssesWu/VinjEx/b2e0511fa6fa9def6342adf259badfbf4e12387d/InjectTest/bin/Release/VinjEx.dll
--------------------------------------------------------------------------------
/InjectTest/bin/Release/VinjEx.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | VinjEx
5 |
6 |
7 |
8 |
9 | EventWrapper used for two-way communication.
10 | No need to use it manually.
11 |
12 |
13 |
14 |
15 | Injection Entry
16 | You should create such a constructor:
17 | public ClassNameHere( inContext, channelName) : base(inContext, channelName)
18 |
19 |
20 |
21 |
22 | Get interface object from host.
23 | Fixed method from Easyhook for two-way communication.
24 |
25 |
26 |
27 |
28 |
29 | In order to save resources, we make it sleep.
30 |
31 |
32 |
33 | Stop the Inject DLL. Will call OnUnload after Exit
34 |
35 |
36 |
37 |
38 | Call when the Inject DLL is loaded, before the target remuse.
39 |
40 |
41 |
42 |
43 | Called when host send a command.
44 |
45 |
46 |
47 |
48 |
49 | Send a message to host.
50 |
51 |
52 |
53 |
54 |
55 | Called when the inject dll is going to exit.
56 | Will be called after Exit. Be careful if you call Exit manually.
57 |
58 |
59 |
60 |
61 | Injectable Process
62 |
63 |
64 |
65 |
66 | default thread sleep time
67 |
68 |
69 |
70 |
71 | Register by host. Fired when client send response.
72 |
73 |
74 |
75 |
76 | Register by host. Fired after client unload.
77 |
78 |
79 |
80 |
81 | How much time(ms) dll thread will sleep once when idle.
82 | Will pass to dll thread when call . Would be useless after that.
83 |
84 |
85 |
86 |
87 | Injectable Process
88 |
89 | target PID
90 | how much time dll thread will sleep once when idle
91 |
92 |
93 |
94 | [For Compatibility] Create a .
95 |
96 |
97 |
98 |
99 |
100 |
101 | Send command to Injection DLL
102 |
103 |
104 |
105 |
106 |
107 |
108 | Inject a DLL to target
109 |
110 | x86 DLL
111 | x64 DLL, if your target is 64bit program
112 |
113 |
114 |
115 |
116 | Eject the DLL
117 |
118 |
119 |
120 |
121 | used to stop dll thread
122 |
123 |
124 |
125 |
126 |
--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
1 | MIT License
2 |
3 | Copyright (c) 2015-2020 Ulysses Wu
4 |
5 | Permission is hereby granted, free of charge, to any person obtaining a copy
6 | of this software and associated documentation files (the "Software"), to deal
7 | in the Software without restriction, including without limitation the rights
8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 |
12 | The above copyright notice and this permission notice shall be included in all
13 | copies or substantial portions of the Software.
14 |
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21 | SOFTWARE.
22 |
--------------------------------------------------------------------------------
/TestDLL/Main2.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Diagnostics;
3 | using System.Text;
4 | using System.Windows.Forms;
5 | using EasyHook;
6 | using Timer = System.Threading.Timer;
7 |
8 | namespace TestDLL
9 | {
10 | public class Main2 : VinjEx.Injectable
11 | {
12 | public int CooperationPoints = 0;
13 | //To test if dll can run after injector exited
14 | //private Timer _timer = new Timer(Tick,null,3000,10000);
15 |
16 | //private static void Tick(object state)
17 | //{
18 | // MessageBox.Show("Tick");
19 | //}
20 |
21 | public Main2(RemoteHooking.IContext inContext, string channel) : base(inContext, channel)
22 | {
23 | }
24 |
25 | public override void OnLoad()
26 | {
27 | MessageBox.Show("[Client]DLL Injected\nOh, it's you!");
28 | }
29 |
30 | public override void OnCommand(object command)
31 | {
32 | CooperationPoints++;
33 | Process p = Process.GetCurrentProcess();
34 |
35 | if (command is string)
36 | {
37 | MessageBox.Show("[Client]Got a message from host:\n" + (string)command,p.ProcessName);
38 | SendResponse("I'm making a note here: HUGE SUCCESS");
39 | }
40 | else if(command is int)
41 | {
42 | StringBuilder reconstructor = new StringBuilder();
43 | foreach (var assembly in AppDomain.CurrentDomain.GetAssemblies())
44 | {
45 | reconstructor.AppendLine(assembly.FullName);
46 | }
47 | MessageBox.Show("[Client]I'm a spy!\n", p.ProcessName);
48 | MessageBox.Show(reconstructor.ToString(), AppDomain.CurrentDomain.FriendlyName);
49 |
50 | reconstructor.Clear();
51 | reconstructor.AppendLine("FileName:\t" + p.MainModule.FileName);
52 | reconstructor.AppendLine("Version:\t\n" + p.MainModule.FileVersionInfo);
53 | reconstructor.AppendLine("ID:\t" + p.Id);
54 | reconstructor.AppendLine("RAM:\t" + p.PagedSystemMemorySize64);
55 | SendResponse(reconstructor.ToString());
56 | }
57 | }
58 |
59 | public override void OnUnload()
60 | {
61 | MessageBox.Show("[Client]DLL Ejected\nAnd when you're dead I will be Still Alive...\nTotal Command:"+CooperationPoints.ToString());
62 | base.OnUnload();
63 | }
64 |
65 | //public void GetNames()
66 | //{
67 | // string lastname = "";
68 | // string name;
69 | // while (true)
70 | // {
71 | // name = Process.GetCurrentProcess().MainWindowTitle;
72 | // if (!string.IsNullOrEmpty(name) && name != lastname)
73 | // {
74 | // Console.WriteLine(name);
75 | // SendResponse(name);
76 | // lastname = name;
77 | // }
78 | // Thread.Sleep(1000);
79 | // }
80 | //}
81 | }
82 | }
83 |
--------------------------------------------------------------------------------
/TestDLL/Properties/AssemblyInfo.cs:
--------------------------------------------------------------------------------
1 | using System.Reflection;
2 | using System.Runtime.CompilerServices;
3 | using System.Runtime.InteropServices;
4 |
5 | // 有关程序集的常规信息通过以下
6 | // 特性集控制。更改这些特性值可修改
7 | // 与程序集关联的信息。
8 | [assembly: AssemblyTitle("TestDLL")]
9 | [assembly: AssemblyDescription("A DEMO Injection DLL for VinjEx.")]
10 | [assembly: AssemblyConfiguration("")]
11 | [assembly: AssemblyCompany("Ulysses")]
12 | [assembly: AssemblyProduct("VinjEx")]
13 | [assembly: AssemblyCopyright("Copyright © Ulysses 2015")]
14 | [assembly: AssemblyTrademark("")]
15 | [assembly: AssemblyCulture("")]
16 |
17 | // 将 ComVisible 设置为 false 使此程序集中的类型
18 | // 对 COM 组件不可见。 如果需要从 COM 访问此程序集中的类型,
19 | // 则将该类型上的 ComVisible 特性设置为 true。
20 | [assembly: ComVisible(false)]
21 |
22 | // 如果此项目向 COM 公开,则下列 GUID 用于类型库的 ID
23 | [assembly: Guid("318257d6-a985-4d6f-8fc3-7ba22e6be01f")]
24 |
25 | // 程序集的版本信息由下面四个值组成:
26 | //
27 | // 主版本
28 | // 次版本
29 | // 生成号
30 | // 修订号
31 | //
32 | // 可以指定所有这些值,也可以使用“生成号”和“修订号”的默认值,
33 | // 方法是按如下所示使用“*”:
34 | // [assembly: AssemblyVersion("1.0.*")]
35 | [assembly: AssemblyVersion("1.0.0.0")]
36 | [assembly: AssemblyFileVersion("1.0.0.0")]
37 |
--------------------------------------------------------------------------------
/TestDLL/TestDLL.csproj:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Debug
6 | AnyCPU
7 | {687B7B6F-16D9-47D7-A364-60B28CFE3CAA}
8 | Library
9 | Properties
10 | TestDLL
11 | TestDLL
12 | v4.0
13 | 512
14 |
15 |
16 |
17 | true
18 | full
19 | false
20 | ..\InjectTest\bin\Debug\
21 | DEBUG;TRACE
22 | prompt
23 | 4
24 | true
25 | AnyCPU
26 |
27 |
28 | pdbonly
29 | true
30 | ..\InjectTest\bin\Release\
31 | TRACE
32 | prompt
33 | 4
34 | true
35 | AnyCPU
36 |
37 |
38 |
39 | False
40 | ..\DLL\EasyHook.dll
41 |
42 |
43 |
44 |
45 |
46 |
47 |
48 |
49 |
50 |
51 |
52 |
53 |
54 |
55 |
56 | {fcc2c253-ca39-4352-8c3c-e7ad478b8c60}
57 | VinjEx
58 |
59 |
60 |
61 |
68 |
--------------------------------------------------------------------------------
/VinjEx.sln:
--------------------------------------------------------------------------------
1 |
2 | Microsoft Visual Studio Solution File, Format Version 12.00
3 | # Visual Studio 14
4 | VisualStudioVersion = 14.0.23107.0
5 | MinimumVisualStudioVersion = 10.0.40219.1
6 | Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "VinjEx", "VinjEx\VinjEx.csproj", "{FCC2C253-CA39-4352-8C3C-E7AD478B8C60}"
7 | EndProject
8 | Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "InjectTest", "InjectTest\InjectTest.csproj", "{7F5D5041-E6B9-4E86-8D87-5A63A68ACC83}"
9 | EndProject
10 | Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "TestDLL", "TestDLL\TestDLL.csproj", "{687B7B6F-16D9-47D7-A364-60B28CFE3CAA}"
11 | EndProject
12 | Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "IPCExample", "IPCExample\IPCExample.csproj", "{46B741BA-1823-4F70-9C46-4969E90EE2CB}"
13 | EndProject
14 | Global
15 | GlobalSection(SolutionConfigurationPlatforms) = preSolution
16 | Debug|Any CPU = Debug|Any CPU
17 | Release|Any CPU = Release|Any CPU
18 | EndGlobalSection
19 | GlobalSection(ProjectConfigurationPlatforms) = postSolution
20 | {FCC2C253-CA39-4352-8C3C-E7AD478B8C60}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
21 | {FCC2C253-CA39-4352-8C3C-E7AD478B8C60}.Debug|Any CPU.Build.0 = Debug|Any CPU
22 | {FCC2C253-CA39-4352-8C3C-E7AD478B8C60}.Release|Any CPU.ActiveCfg = Release|Any CPU
23 | {FCC2C253-CA39-4352-8C3C-E7AD478B8C60}.Release|Any CPU.Build.0 = Release|Any CPU
24 | {7F5D5041-E6B9-4E86-8D87-5A63A68ACC83}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
25 | {7F5D5041-E6B9-4E86-8D87-5A63A68ACC83}.Debug|Any CPU.Build.0 = Debug|Any CPU
26 | {7F5D5041-E6B9-4E86-8D87-5A63A68ACC83}.Release|Any CPU.ActiveCfg = Release|Any CPU
27 | {7F5D5041-E6B9-4E86-8D87-5A63A68ACC83}.Release|Any CPU.Build.0 = Release|Any CPU
28 | {687B7B6F-16D9-47D7-A364-60B28CFE3CAA}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
29 | {687B7B6F-16D9-47D7-A364-60B28CFE3CAA}.Debug|Any CPU.Build.0 = Debug|Any CPU
30 | {687B7B6F-16D9-47D7-A364-60B28CFE3CAA}.Release|Any CPU.ActiveCfg = Release|Any CPU
31 | {687B7B6F-16D9-47D7-A364-60B28CFE3CAA}.Release|Any CPU.Build.0 = Release|Any CPU
32 | {46B741BA-1823-4F70-9C46-4969E90EE2CB}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
33 | {46B741BA-1823-4F70-9C46-4969E90EE2CB}.Debug|Any CPU.Build.0 = Debug|Any CPU
34 | {46B741BA-1823-4F70-9C46-4969E90EE2CB}.Release|Any CPU.ActiveCfg = Release|Any CPU
35 | {46B741BA-1823-4F70-9C46-4969E90EE2CB}.Release|Any CPU.Build.0 = Release|Any CPU
36 | EndGlobalSection
37 | GlobalSection(SolutionProperties) = preSolution
38 | HideSolutionNode = FALSE
39 | EndGlobalSection
40 | EndGlobal
41 |
--------------------------------------------------------------------------------
/VinjEx/EasierHook.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Collections.Generic;
3 | using System.Linq;
4 | using System.Runtime.Remoting;
5 | using System.Runtime.Remoting.Channels;
6 | using System.Runtime.Remoting.Channels.Ipc;
7 | using System.Runtime.Serialization.Formatters;
8 | using System.Security.AccessControl;
9 | using System.Security.Cryptography;
10 | using System.Security.Principal;
11 | using System.Text;
12 |
13 | namespace VinjEx
14 | {
15 | class Util
16 | {
17 | #region Fixed methods from Easyhook for two-way communication
18 |
19 | internal static IpcChannel IpcCreateServer(
20 | ref String RefChannelName,
21 | WellKnownObjectMode InObjectMode,
22 | TRemoteObject ipcInterface,
23 | params WellKnownSidType[] InAllowedClientSIDs) where TRemoteObject : MarshalByRefObject
24 | {
25 | String ChannelName = RefChannelName ?? GenerateName();
26 |
27 | ///////////////////////////////////////////////////////////////////
28 | // create security descriptor for IpcChannel...
29 | System.Collections.IDictionary Properties = new System.Collections.Hashtable();
30 |
31 | Properties["name"] = ChannelName;
32 | Properties["portName"] = ChannelName;
33 |
34 | DiscretionaryAcl DACL = new DiscretionaryAcl(false, false, 1);
35 |
36 | if (InAllowedClientSIDs.Length == 0)
37 | {
38 | if (RefChannelName != null)
39 | throw new System.Security.HostProtectionException("If no random channel name is being used, you shall specify all allowed SIDs.");
40 |
41 | // allow access from all users... Channel is protected by random path name!
42 | DACL.AddAccess(
43 | AccessControlType.Allow,
44 | new SecurityIdentifier(
45 | WellKnownSidType.WorldSid,
46 | null),
47 | -1,
48 | InheritanceFlags.None,
49 | PropagationFlags.None);
50 | }
51 | else
52 | {
53 | for (int i = 0; i < InAllowedClientSIDs.Length; i++)
54 | {
55 | DACL.AddAccess(
56 | AccessControlType.Allow,
57 | new SecurityIdentifier(
58 | InAllowedClientSIDs[i],
59 | null),
60 | -1,
61 | InheritanceFlags.None,
62 | PropagationFlags.None);
63 | }
64 | }
65 |
66 | CommonSecurityDescriptor SecDescr = new CommonSecurityDescriptor(false, false,
67 | ControlFlags.GroupDefaulted |
68 | ControlFlags.OwnerDefaulted |
69 | ControlFlags.DiscretionaryAclPresent,
70 | null, null, null,
71 | DACL);
72 |
73 | //////////////////////////////////////////////////////////
74 | // create IpcChannel...
75 | BinaryClientFormatterSinkProvider BinaryClient = new BinaryClientFormatterSinkProvider();
76 | BinaryServerFormatterSinkProvider BinaryProv = new BinaryServerFormatterSinkProvider();
77 | BinaryProv.TypeFilterLevel = TypeFilterLevel.Full;
78 |
79 | IpcChannel Result = new IpcChannel(Properties, BinaryClient, BinaryProv);
80 |
81 | ChannelServices.RegisterChannel(Result, false);
82 |
83 | if (ipcInterface == null)
84 | {
85 | RemotingConfiguration.RegisterWellKnownServiceType(
86 | typeof(TRemoteObject),
87 | ChannelName,
88 | InObjectMode);
89 | }
90 | else
91 | {
92 | RemotingServices.Marshal(ipcInterface, ChannelName);
93 | }
94 |
95 | RefChannelName = ChannelName;
96 |
97 | return Result;
98 | }
99 |
100 | internal static String GenerateName()
101 | {
102 | RNGCryptoServiceProvider Rnd = new RNGCryptoServiceProvider();
103 | Byte[] Data = new Byte[30];
104 | StringBuilder Builder = new StringBuilder();
105 |
106 | Rnd.GetBytes(Data);
107 |
108 | for (int i = 0; i < (20 + (Data[0] % 10)); i++)
109 | {
110 | Byte b = (Byte)(Data[i] % 62);
111 |
112 | if ((b >= 0) && (b <= 9))
113 | Builder.Append((Char)('0' + b));
114 | if ((b >= 10) && (b <= 35))
115 | Builder.Append((Char)('A' + (b - 10)));
116 | if ((b >= 36) && (b <= 61))
117 | Builder.Append((Char)('a' + (b - 36)));
118 | }
119 |
120 | return Builder.ToString();
121 | }
122 | #endregion
123 |
124 | }
125 | }
126 |
--------------------------------------------------------------------------------
/VinjEx/EventWrapper.cs:
--------------------------------------------------------------------------------
1 | using System;
2 |
3 | namespace VinjEx
4 | {
5 | public delegate void CommandHandler(object command);
6 |
7 | ///
8 | /// EventWrapper used for two-way communication.
9 | /// No need to use it manually.
10 | ///
11 | internal sealed class EventWrapper : MarshalByRefObject
12 | {
13 | public event CommandHandler OnCommand;
14 | public event CommandHandler OnResponse;
15 | public event EventHandler OnExit;
16 |
17 | public void FireCommand(object command)
18 | {
19 | OnCommand?.Invoke(command);
20 | }
21 |
22 | public void FireResponse(object response)
23 | {
24 | OnResponse?.Invoke(response);
25 | }
26 |
27 | public void FireExit(object sender,EventArgs e)
28 | {
29 | OnExit?.Invoke(sender,e);
30 | }
31 |
32 | public override object InitializeLifetimeService()
33 | {
34 | return null;
35 | }
36 | }
37 | }
38 |
--------------------------------------------------------------------------------
/VinjEx/InjectInterface.cs:
--------------------------------------------------------------------------------
1 | using System;
2 |
3 | namespace VinjEx
4 | {
5 |
6 | internal class InjectInterface : MarshalByRefObject
7 | {
8 | public event CommandHandler OnCommand;
9 | public event CommandHandler OnResponse;
10 | public event EventHandler OnExit;
11 | ///
12 | /// used to stop dll thread
13 | ///
14 | public event EventHandler OnClientExit;
15 | public object Data = null;
16 | public EventWrapper Wrapper;
17 | public bool IsBackgroundThread = true;
18 | public int SleepInterval = InjectableProcess.SLEEP_TIME;
19 | public bool Connected { get; private set; } = false;
20 |
21 | public InjectInterface()
22 | {
23 | }
24 |
25 | public override object InitializeLifetimeService()
26 | {
27 | //return base.InitializeLifetimeService();
28 | return null;
29 | }
30 |
31 | public bool SendCommand(object command)
32 | {
33 | if (OnCommand == null) return false;
34 | OnCommand(command);
35 | return true;
36 | }
37 |
38 | public bool SendResponse(object response)
39 | {
40 | if (OnResponse == null) return false;
41 | OnResponse(response);
42 | return true;
43 | }
44 |
45 | public void Ping()
46 | {
47 | Connected = true;
48 | //MessageBox.Show("Ping from" + Process.GetCurrentProcess().MainWindowTitle);
49 | }
50 |
51 | public void Destory()
52 | {
53 | try
54 | {
55 | OnClientExit?.Invoke(null, null); //May not execute in some force close condition?
56 | }
57 | catch (Exception)
58 | {
59 | //throw;
60 | }
61 | }
62 | }
63 | }
64 |
--------------------------------------------------------------------------------
/VinjEx/Injectable.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Collections;
3 | using System.Diagnostics;
4 | using System.Runtime.Remoting;
5 | using System.Runtime.Remoting.Channels;
6 | using System.Runtime.Remoting.Channels.Ipc;
7 | using System.Runtime.Serialization.Formatters;
8 | using System.Threading;
9 | using EasyHook;
10 |
11 | namespace VinjEx
12 | {
13 | ///
14 | /// Injection Entry
15 | /// You should create such a constructor:
16 | /// public ClassNameHere( inContext, channelName) : base(inContext, channelName)
17 | ///
18 | public abstract class Injectable : MarshalByRefObject, IEntryPoint
19 | {
20 | public readonly string ChannelName;
21 | private readonly InjectInterface _interface;
22 | private bool _shouldExit = false;
23 | private bool _unloaded = false;
24 | private static IpcServerChannel _channel;
25 | private Thread _thread;
26 | private int _sleepInterval = InjectableProcess.SLEEP_TIME;
27 |
28 | public override object InitializeLifetimeService()
29 | {
30 | return null;
31 | }
32 |
33 | ///
34 | /// Get interface object from host.
35 | /// Fixed method from Easyhook for two-way communication.
36 | ///
37 | ///
38 | ///
39 | private InjectInterface IpcConnectClient(string channel)
40 | {
41 | IDictionary props = new Hashtable();
42 | props["name"] = Util.GenerateName();
43 | props["port"] = 0;
44 | props["portName"] = props["name"];
45 | BinaryServerFormatterSinkProvider serverProvider = new BinaryServerFormatterSinkProvider(props, null);
46 | //BinaryClientFormatterSinkProvider clientProvider = new BinaryClientFormatterSinkProvider();
47 | serverProvider.TypeFilterLevel = TypeFilterLevel.Full;
48 |
49 | _channel = new IpcServerChannel(props, serverProvider);
50 | ChannelServices.RegisterChannel(_channel, false);
51 |
52 | InjectInterface Interface =
53 | (InjectInterface)Activator.GetObject(typeof(InjectInterface), "ipc://" + channel + "/" + channel);
54 |
55 | if (Interface == null)
56 | throw new ArgumentException("Unable to create remote interface.");
57 |
58 | return Interface;
59 | }
60 |
61 | public Injectable(RemoteHooking.IContext inContext, String inChannelName)
62 | {
63 | ChannelName = inChannelName;
64 |
65 | _interface = IpcConnectClient(ChannelName);
66 | _interface.Ping();
67 |
68 | _sleepInterval = _interface.SleepInterval;
69 | _interface.Wrapper = new EventWrapper();
70 | _interface.Wrapper.OnCommand += OnCommand;
71 | _interface.OnResponse += _interface.Wrapper.FireResponse;
72 | _interface.OnExit += _interface.Wrapper.FireExit;
73 | }
74 |
75 | /// In order to save resources, we make it sleep.
76 | public void Run(object inContext, String inChannelName)
77 | {
78 | OnLoad();
79 | _thread = Thread.CurrentThread;
80 | AppDomain.CurrentDomain.ProcessExit += (sender, args) =>
81 | {
82 | if (!_unloaded)
83 | {
84 | OnUnload();
85 | _interface.Wrapper.FireExit(null, null);
86 | _unloaded = true;
87 | }
88 | };
89 | _thread.IsBackground = _interface.IsBackgroundThread;
90 | _interface.OnClientExit += Exit; //Only at this time can we make sure the dll thread is interruptable
91 | RemoteHooking.WakeUpProcess();
92 | while (!_shouldExit)
93 | {
94 | try
95 | {
96 | Thread.Sleep(_sleepInterval); //Would it be more efficient?
97 | }
98 | catch (ThreadInterruptedException)
99 | {
100 | //帅醒!
101 | }
102 | catch(RemotingException)
103 | { }
104 | }
105 | if (!_unloaded)
106 | {
107 | OnUnload();
108 | _interface.Wrapper.FireExit(null, null);
109 | _unloaded = true;
110 | }
111 | }
112 |
113 | ///
114 | /// Stop the Inject DLL. Will call OnUnload after Exit
115 | ///
116 | public void Exit(object sender,EventArgs e)
117 | {
118 | _shouldExit = true;
119 | _thread?.Interrupt();
120 | }
121 |
122 | ///
123 | /// Call when the Inject DLL is loaded, before the target remuse.
124 | ///
125 | public virtual void OnLoad()
126 | {
127 | }
128 |
129 | ///
130 | /// Called when host send a command.
131 | ///
132 | ///
133 | public virtual void OnCommand(object command)
134 | {
135 | Console.WriteLine(command);
136 | }
137 |
138 | ///
139 | /// Send a message to host.
140 | ///
141 | ///
142 | public void SendResponse(object command)
143 | {
144 | try
145 | {
146 | _interface.SendResponse(command);
147 | }
148 | catch (RemotingException)
149 | {
150 | //throw;
151 | }
152 |
153 | }
154 |
155 | ///
156 | /// Called when the inject dll is going to exit.
157 | /// Will be called after Exit. Be careful if you call Exit manually.
158 | ///
159 | public virtual void OnUnload()
160 | {
161 | }
162 |
163 |
164 | }
165 | }
166 |
--------------------------------------------------------------------------------
/VinjEx/InjectableProcess.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Runtime.Remoting;
3 | using System.Runtime.Remoting.Channels.Ipc;
4 | using EasyHook;
5 |
6 | namespace VinjEx
7 | {
8 | ///
9 | /// Injectable Process
10 | ///
11 | public class InjectableProcess
12 | {
13 | ///
14 | /// default thread sleep time
15 | ///
16 | public const int SLEEP_TIME = 1000;
17 |
18 | private readonly int _pid;
19 | private readonly string _channelName;
20 | private InjectInterface _interface;
21 | //Although we never use it, it should be kept until you finish this dll injection.
22 | private static IpcChannel _channel;
23 | ///
24 | /// Register by host. Fired when client send response. MUST be public non-static method!!
25 | ///
26 | public event CommandHandler OnClientResponse;
27 | ///
28 | /// Register by host. Fired after client unload.
29 | ///
30 | public event EventHandler OnClientExit;
31 |
32 | ///
33 | /// How much time(ms) dll thread will sleep once when idle.
34 | /// Will pass to dll thread when call . Would be useless after that.
35 | ///
36 | public int SleepInterval
37 | {
38 | get
39 | {
40 | return _interface?.SleepInterval ?? SLEEP_TIME;
41 | }
42 | set
43 | {
44 | if (_interface != null)
45 | {
46 | _interface.SleepInterval = value;
47 | }
48 | }
49 | }
50 |
51 | public bool IsBackgroundThread = true;
52 |
53 | internal event CommandHandler OnHostCommand;
54 |
55 | ///
56 | /// Injectable Process
57 | ///
58 | /// target PID
59 | /// how much time dll thread will sleep once when idle
60 | public InjectableProcess(int pid, int sleepInterval = SLEEP_TIME)
61 | {
62 | _pid = pid;
63 | _interface = new InjectInterface();
64 | SleepInterval = sleepInterval;
65 | //MARK:An IpcChannel that shall be keept alive until the server is not needed anymore.
66 | _channel = Util.IpcCreateServer(ref _channelName, WellKnownObjectMode.Singleton, _interface);//MARK:注意第三个参数
67 | }
68 |
69 | ///
70 | /// [For Compatibility] Create a .
71 | ///
72 | ///
73 | ///
74 | public static InjectableProcess Create(int pid)
75 | {
76 | InjectableProcess ip = new InjectableProcess(pid);
77 | return ip;
78 | }
79 |
80 | private void RegisterEvents()
81 | {
82 | try
83 | {
84 | //Methods that will be called by host
85 | _interface.Wrapper.OnResponse += OnClientResponse;
86 | _interface.Wrapper.OnExit += OnClientExit;
87 | //Methods that will be called by client
88 | OnHostCommand += _interface.Wrapper.FireCommand;
89 | }
90 | catch (Exception ex)
91 | {
92 | throw new Exception("[VinjEx] Error when trying to register events.", ex);
93 | }
94 | }
95 |
96 | ///
97 | /// Send command to Injection DLL
98 | ///
99 | ///
100 | ///
101 | public bool Command(object command)
102 | {
103 | if (OnHostCommand != null)
104 | {
105 | try
106 | {
107 | OnHostCommand(command);
108 | return true;
109 | }
110 | catch (RemotingException)
111 | {
112 | return false;
113 | }
114 |
115 | }
116 | return false;
117 | }
118 |
119 | ///
120 | /// Inject a DLL to target
121 | ///
122 | /// x86 DLL
123 | /// x64 DLL, if your target is 64bit program
124 | ///
125 | public int Inject(string assemblyFile, string assemblyFile64 = null)
126 | {
127 | try
128 | {
129 | _interface.SleepInterval = SleepInterval;
130 | _interface.IsBackgroundThread = IsBackgroundThread;
131 | if (RemoteHooking.IsX64Process(_pid))
132 | {
133 | //Console.WriteLine("64bit program!");
134 | }
135 | RemoteHooking.Inject(_pid, assemblyFile, assemblyFile64, _channelName);
136 |
137 | RegisterEvents();
138 | return _pid;
139 | }
140 | catch (Exception)
141 | {
142 | //FIXED: The Part Where He Kills You
143 | Eject();
144 | return 0;
145 | }
146 | }
147 |
148 | ///
149 | /// Eject the DLL
150 | ///
151 | public void Eject()
152 | {
153 | _interface?.Destory();
154 | }
155 | }
156 | }
157 |
--------------------------------------------------------------------------------
/VinjEx/Properties/AssemblyInfo.cs:
--------------------------------------------------------------------------------
1 | using System.Reflection;
2 | using System.Runtime.CompilerServices;
3 | using System.Runtime.InteropServices;
4 |
5 | // 有关程序集的常规信息通过以下
6 | // 特性集控制。更改这些特性值可修改
7 | // 与程序集关联的信息。
8 | [assembly: AssemblyTitle("VinjEx")]
9 | [assembly: AssemblyDescription("Simple DLL Inject Lib using Easyhook.")]
10 | [assembly: AssemblyConfiguration("")]
11 | [assembly: AssemblyCompany("Ulysses")]
12 | [assembly: AssemblyProduct("VinjEx")]
13 | [assembly: AssemblyCopyright("Copyright © Ulysses 2015")]
14 | [assembly: AssemblyTrademark("")]
15 | [assembly: AssemblyCulture("")]
16 |
17 | // 将 ComVisible 设置为 false 使此程序集中的类型
18 | // 对 COM 组件不可见。 如果需要从 COM 访问此程序集中的类型,
19 | // 则将该类型上的 ComVisible 特性设置为 true。
20 | [assembly: ComVisible(false)]
21 |
22 | // 如果此项目向 COM 公开,则下列 GUID 用于类型库的 ID
23 | [assembly: Guid("5e3f85ec-05fc-4882-b8cf-4533634f7f4e")]
24 |
25 | // 程序集的版本信息由下面四个值组成:
26 | //
27 | // 主版本
28 | // 次版本
29 | // 生成号
30 | // 修订号
31 | //
32 | // 可以指定所有这些值,也可以使用“生成号”和“修订号”的默认值,
33 | // 方法是按如下所示使用“*”:
34 | // [assembly: AssemblyVersion("1.0.*")]
35 | [assembly: AssemblyVersion("1.0.1.0")]
36 | [assembly: AssemblyFileVersion("1.0.2.0")]
37 |
--------------------------------------------------------------------------------
/VinjEx/VinjEx.csproj:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Debug
6 | AnyCPU
7 | {FCC2C253-CA39-4352-8C3C-E7AD478B8C60}
8 | Library
9 | Properties
10 | VinjEx
11 | VinjEx
12 | v4.7.2
13 | 512
14 |
15 |
16 |
17 | true
18 | full
19 | false
20 | bin\Debug\
21 | DEBUG;TRACE
22 | prompt
23 | 4
24 | true
25 | AnyCPU
26 | false
27 |
28 |
29 | pdbonly
30 | true
31 | bin\Release\
32 | TRACE
33 | prompt
34 | 4
35 | true
36 | bin\Release\VinjEx.XML
37 | false
38 |
39 |
40 |
41 |
42 |
43 |
44 |
45 |
46 |
47 |
48 |
49 |
50 |
51 |
52 |
53 |
54 | 2.7.7097
55 |
56 |
57 |
58 |
65 |
--------------------------------------------------------------------------------
/readme.md:
--------------------------------------------------------------------------------
1 | # VinjEx
2 |
3 | A *simple* lib for DLL Injection, using [Easyhook](https://easyhook.github.io/).
4 |
5 | ### VinjEx is inspired by `VInj` & `VInjDn`.
6 |
7 | (Sorry but I can not find the author. Anyway, thank him/her! )
8 |
9 | I used to use VInjDn in my projects, but VInjDn is old and sometimes unstable.
10 |
11 | When using Easyhook, I find it is inconvenient for two-way communication.
12 |
13 | So I made `VinjEx`. It has similar syntax as VInjDn, easy to use, and more stable.
14 |
15 | ### LICENSE
16 |
17 | MIT
18 |
19 |
20 | ---
21 |
22 | by Ulysses , wdwxy12345@gmail.com
23 |
--------------------------------------------------------------------------------