digitalmars.D.learn - D Dll injection problem
- "Gyron" <Threk web.de> Mar 27 2012
- maarten van damme <maartenvd1994 gmail.com> Mar 27 2012
- "Gyron" <Threk web.de> Mar 27 2012
- Trass3r <un known.com> Mar 27 2012
- "Gyron" <Threk web.de> Mar 27 2012
- Trass3r <un known.com> Mar 27 2012
- "Gyron" <Threk web.de> Mar 27 2012
- maarten van damme <maartenvd1994 gmail.com> Mar 28 2012
- Trass3r <un known.com> Mar 28 2012
- maarten van damme <maartenvd1994 gmail.com> Apr 11 2012
- "Kagamin" <spam here.lot> Apr 11 2012
- "Kagamin" <spam here.lot> Apr 11 2012
- maarten van damme <maartenvd1994 gmail.com> Apr 11 2012
- maarten van damme <maartenvd1994 gmail.com> Apr 12 2012
- "Kagamin" <spam here.lot> Apr 12 2012
- maarten van damme <maartenvd1994 gmail.com> Apr 12 2012
- "Gyron" <Threk web.de> May 12 2012
- maarten van damme <maartenvd1994 gmail.com> May 13 2012
- "Kagamin" <spam here.lot> May 14 2012
- "Gyron" <Threk web.de> May 15 2012
- "Kagamin" <spam here.lot> May 16 2012
Hey there, I want to inject a dll which was created in D into a c
Program.
Informations:
DMD vs. 2.058
IDE: MonoDevelop with Mono-D
System: Windows 7 64bit
Program Informations:
32-bit
written in c
The Injector is working for sure, so thats not the Problem.
the Source of the DLL:
import std.c.windows.windows;
import core.sys.windows.dll;
__gshared HINSTANCE g_hInst;
extern (Windows)
BOOL DllMain(HINSTANCE hInstance, ULONG ulReason, LPVOID
pvReserved)
{
final switch (ulReason)
{
case DLL_PROCESS_ATTACH:
g_hInst = hInstance;
dll_process_attach( hInstance, true );
break;
case DLL_PROCESS_DETACH:
dll_process_detach( hInstance, true );
break;
case DLL_THREAD_ATTACH:
dll_thread_attach( true, true );
break;
case DLL_THREAD_DETACH:
dll_thread_detach( true, true );
break;
}
return true;
}
It builds fine, but If I inject it, the program (where the dll is
injected) says that the dll is not a valid image.
screenshot: http://imagr.eu/up/4f72240329a846_Unbenannt.png
Maybe it's because I have no def file.
But i dont know how to link it with Mono-D.
Mar 27 2012
maarten van damme <maartenvd1994 gmail.com> --14dae93409a9dd58b504bc3f9209 Content-Type: text/plain; charset=ISO-8859-1 when I tried the previous dmd compiler (have yet to try the curent one on this problem) I got the same problems while trying to compile a dll and use it. I have no clue as to why this is happening. worked in 2.54 I thought --14dae93409a9dd58b504bc3f9209 Content-Type: text/html; charset=ISO-8859-1 when I tried the previous dmd compiler (have yet to try the curent one on this problem) I got the same problems while trying to compile a dll and use it. I have no clue as to why this is happening. worked in 2.54 I thought<br> --14dae93409a9dd58b504bc3f9209--
Mar 27 2012
On Tuesday, 27 March 2012 at 20:45:52 UTC, maarten van damme wrote:when I tried the previous dmd compiler (have yet to try the curent one on this problem) I got the same problems while trying to compile a dll and use it. I have no clue as to why this is happening. worked in 2.54 I thought
I thought D would be a good alternative for c++, but as it seems I need to stay with c++ :/ Thats really bad, a minus point on my "Why choose D" list.
Mar 27 2012
Maybe it's because I have no def file.
Very possible. Just pass it to dmd like the other files. Or try the new -shared flag.
Mar 27 2012
On Tuesday, 27 March 2012 at 21:12:59 UTC, Trass3r wrote:Maybe it's because I have no def file.
Very possible. Just pass it to dmd like the other files. Or try the new -shared flag.
I have tried both now (shared and def file linking), but know it's crashing my App, lol. I inject it but it returns nothing and the App(where the dll is injected) is hanging( not responding). Could you try it maybe? I would like to know whether it's a Problem with D or with me.
Mar 27 2012
I inject it but it returns nothing and the App(where the dll is injected) is hanging( not responding). Could you try it maybe? I would like to know whether it's a Problem with D or with me.
Are dlls without injection working?
Mar 27 2012
On Tuesday, 27 March 2012 at 21:46:23 UTC, Trass3r wrote:I inject it but it returns nothing and the App(where the dll is injected) is hanging( not responding). Could you try it maybe? I would like to know whether it's a Problem with D or with me.
Are dlls without injection working?
I don't know, haven't tested it. Will test it when I'm back home, but I think they work( not sure).
Mar 27 2012
--14dae9340ff571268304bc4b5438 Content-Type: text/plain; charset=ISO-8859-1 I wrote my own injector and this makes the target exe call loadlibrary. this works on every dll I try to inject apart from dll's written in D (starting with dmd version 2,054 or something like that). I'll try with D calling loadlibrary on D dll's this evening. --14dae9340ff571268304bc4b5438 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable I wrote my own injector and this makes the target exe call loadlibrary. thi= s works on every dll I try to inject apart from dll's written in D (sta= rting with dmd version 2,054 or something like that).<div>I'll try with= D calling loadlibrary on D dll's this evening.<br> <div><div><br></div></div></div> --14dae9340ff571268304bc4b5438--
Mar 28 2012
this works on every dll I try to inject apart from dll's written in D (starting with dmd version 2,054 or something like that).
If this is a regression, please narrow it down to the exact version.
Mar 28 2012
--20cf301d3a20d4932804bd672ee1
Content-Type: text/plain; charset=ISO-8859-1
I went ahead and went back to as far as 2.045 and I still couldn't get a
working dll. This would suggest something is wrong with my dll injection
code but I've tested with a few other random dll's and that appears to
work. according to my debugger the problem is an access violation while
executing the main function of the D dll.
the code I use for injecting is
/**
* injectDLL injects a dll in a given process using the CreateRemoteThread
function.
*
* arguments:
* HANDLE proc = A HANDLE to the process
* string dllName = A string containting the name of the dll
**/
void injectDLL(HANDLE proc,string dllName)
{
//first we need to get a pointer to the loadlibrary function
LPVOID LoadLibAddy =
cast(LPVOID)GetProcAddress(GetModuleHandle("kernel32.dll"), "LoadLibraryA");
//The problem is that we need to pass an argument(string) but that string
is in our memory space
//so we have to allocate space to write our dllName to using
writeprocessmemory
LPVOID RemoteString = VirtualAllocEx(proc,null,dllName.length,MEM_COMMIT |
MEM_RESERVE,PAGE_READWRITE);
//write the dllName
WriteProcessMemory(proc,RemoteString,toStringz(dllName),dllName.length,null);
//create a thread in the remote process loading the dll
CreateRemoteThread(proc, null, 0, cast(LPTHREAD_START_ROUTINE)LoadLibAddy,
cast(LPVOID)RemoteString, 0, null);
}
Op 28 maart 2012 13:13 schreef Trass3r <un known.com> het volgende:
this works on every dll I try to inject apart from dll's written in D
(starting with dmd version 2,054 or something like that).
If this is a regression, please narrow it down to the exact version.
--20cf301d3a20d4932804bd672ee1
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
I went ahead and went back to as far as 2.045 and I still couldn't get =
a working dll. This would suggest something is wrong with my dll injection =
code but I've tested with a few other random dll's and that appears=
to work. according to my debugger the problem is an access violation while=
executing the main function of the D dll.<div>
the code I use for injecting is=A0</div><div><div><br></div><div>/**</div><=
div>* injectDLL injects a dll in a given process using the CreateRemoteThre=
ad function.</div><div>*=A0</div><div>* arguments:</div><div>* =A0HANDLE pr=
oc =3D A HANDLE to the process</div>
<div>* =A0string dllName =3D<span class=3D"Apple-tab-span" style=3D"white-s=
pace:pre"> </span>A string containting the name of the dll</div><div>**/</d=
iv><div>void injectDLL(HANDLE proc,string =A0dllName)</div><div>{</div><div=
<span class=3D"Apple-tab-span" style=3D"white-space:pre"> </span>//first w=
<div><span class=3D"Apple-tab-span" style=3D"white-space:pre"> </span>LPVOI=
D LoadLibAddy =3D cast(LPVOID)GetProcAddress(GetModuleHandle("kernel32=
.dll"), "LoadLibraryA");</div><div><span class=3D"Apple-tab-=
span" style=3D"white-space:pre"> </span></div>
<div><span class=3D"Apple-tab-span" style=3D"white-space:pre"> </span>//The=
problem is that we need to pass an argument(string) but that string is in =
our memory space</div><div><span class=3D"Apple-tab-span" style=3D"white-sp=
ace:pre"> </span>//so we have to allocate space to write our dllName to usi=
ng writeprocessmemory</div>
<div><span class=3D"Apple-tab-span" style=3D"white-space:pre"> </span>LPVOI=
D RemoteString =3D VirtualAllocEx(proc,null,dllName.length,MEM_COMMIT | MEM=
_RESERVE,PAGE_READWRITE);</div><div><span class=3D"Apple-tab-span" style=3D=
"white-space:pre"> </span></div>
<div><span class=3D"Apple-tab-span" style=3D"white-space:pre"> </span>//wri=
te the dllName</div><div><span class=3D"Apple-tab-span" style=3D"white-spac=
e:pre"> </span>WriteProcessMemory(proc,RemoteString,toStringz(dllName),dllN=
ame.length,null);</div>
<div><span class=3D"Apple-tab-span" style=3D"white-space:pre"> </span></div=
<div><span class=3D"Apple-tab-span" style=3D"white-space:pre"> </span>//cr=
=3D"Apple-tab-span" style=3D"white-space:pre"> </span>CreateRemoteThread(pr=
oc, null, 0, cast(LPTHREAD_START_ROUTINE)LoadLibAddy, cast(LPVOID)RemoteStr=
ing, 0, null);=A0</div>
<div>}</div><br><div class=3D"gmail_quote">Op 28 maart 2012 13:13 schreef T=
rass3r <span dir=3D"ltr"><<a href=3D"mailto:un known.com">un known.com</=
a>></span> het volgende:<br><blockquote class=3D"gmail_quote" style=3D"m=
argin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div class=3D"im"><blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .=
8ex;border-left:1px #ccc solid;padding-left:1ex">
this works on every dll I try to inject apart from dll's written in D<b=
r>
(starting with dmd version 2,054 or something like that).<br>
</blockquote>
<br></div>
If this is a regression, please narrow it down to the exact version.<br>
</blockquote></div><br></div>
--20cf301d3a20d4932804bd672ee1--
Apr 11 2012
On Wednesday, 11 April 2012 at 13:26:23 UTC, maarten van damme wrote:I went ahead and went back to as far as 2.045 and I still couldn't get a working dll. This would suggest something is wrong with my dll injection code but I've tested with a few other random dll's and that appears to work. according to my debugger the problem is an access violation while executing the main function of the D dll.
How do you initialize runtime and GC?
Apr 11 2012
On Wednesday, 11 April 2012 at 13:26:23 UTC, maarten van damme wrote:the code I use for injecting is /** * injectDLL injects a dll in a given process using the CreateRemoteThread function. * * arguments: * HANDLE proc = A HANDLE to the process * string dllName = A string containting the name of the dll **/ void injectDLL(HANDLE proc,string dllName) { //first we need to get a pointer to the loadlibrary function LPVOID LoadLibAddy = cast(LPVOID)GetProcAddress(GetModuleHandle("kernel32.dll"), "LoadLibraryA"); //The problem is that we need to pass an argument(string) but that string is in our memory space //so we have to allocate space to write our dllName to using writeprocessmemory LPVOID RemoteString = VirtualAllocEx(proc,null,dllName.length,MEM_COMMIT | MEM_RESERVE,PAGE_READWRITE); //write the dllName WriteProcessMemory(proc,RemoteString,toStringz(dllName),dllName.length,null); //create a thread in the remote process loading the dll CreateRemoteThread(proc, null, 0, cast(LPTHREAD_START_ROUTINE)LoadLibAddy, cast(LPVOID)RemoteString, 0, null); }
Try to run a simple C program like --- #include <windows.h> void main() { LoadLibraryA("mydll.dll"); } --- And check whether it fails and how.
Apr 11 2012
--14dae93410bb2ffce804bd6835e0 Content-Type: text/plain; charset=ISO-8859-1 "How do you initialize runtime and GC?" I don't... it should simply call loadlibraryA on the target dll. your C example works however. There must be something wrong with both my method and that injector. My example is used by a number of different sources and works for them. I don't know why it suddenly stopped working for me. it used to work in the past... --14dae93410bb2ffce804bd6835e0 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable <span style>"How do you initialize runtime and GC?"</span><div><s= pan style>I don't... it should simply call loadlibraryA on the target d= ll.<br>your C example works however.</span></div><div><font color=3D"#22222= 2" face=3D"arial, sans-serif">There must be something wrong with both my me= thod and that injector. My example is used by a number of different sources= and works for them. I don't know why it suddenly stopped working for m= e.</font></div> <div><font color=3D"#222222" face=3D"arial, sans-serif">it used to work in = the past...</font></div> --14dae93410bb2ffce804bd6835e0--
Apr 11 2012
--14dae9340bf57d5c0304bd799251 Content-Type: text/plain; charset=ISO-8859-1 I tried again with a few other random C dll's stolen around my system and they all work perfectly. it's only the D dll that gives me trouble. --14dae9340bf57d5c0304bd799251 Content-Type: text/html; charset=ISO-8859-1 <br>I tried again with a few other random C dll's stolen around my system and they all work perfectly. it's only the D dll that gives me trouble. --14dae9340bf57d5c0304bd799251--
Apr 12 2012
#include <windows.h>
void main()
{
LPTHREAD_START_ROUTINE LoadLibAddy =
(LPTHREAD_START_ROUTINE)GetProcAddress(GetModuleHandle("kernel32.dll"),
"LoadLibraryA");
CreateThread(NULL,0,LoadLibAddy,"mydll.dll",0,NULL);
}
?
Apr 12 2012
--20cf301d3a20aa16bf04bd7c5e27 Content-Type: text/plain; charset=ISO-8859-1 works and GetLastError() returns 0 in both cases. Op 12 april 2012 16:13 schreef Kagamin <spam here.lot> het volgende:#include <windows.h> void main() { LPTHREAD_START_ROUTINE LoadLibAddy = (LPTHREAD_START_ROUTINE)** GetProcAddress(**GetModuleHandle("kernel32.dll"**), "LoadLibraryA"); CreateThread(NULL,0,**LoadLibAddy,"mydll.dll",0,**NULL); } ?
--20cf301d3a20aa16bf04bd7c5e27 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable works and GetLastError() returns 0 in both cases.<br><br><div class=3D"gmai= l_quote">Op 12 april 2012 16:13 schreef Kagamin <span dir=3D"ltr"><spam = here.lot></span> het volgende:<br><blockquote class=3D"gmail_quote" styl= e=3D"margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"> #include <windows.h><br> void main()<br> {<br> =A0LPTHREAD_START_ROUTINE LoadLibAddy =3D (LPTHREAD_START_ROUTINE)<u></u>G= etProcAddress(<u></u>GetModuleHandle("kernel32.dll"<u></u>), &quo= t;LoadLibraryA");<br> =A0CreateThread(NULL,0,<u></u>LoadLibAddy,"mydll.dll",0,<u></u>N= ULL);<br> }<br> <br> ?<br> </blockquote></div><br> --20cf301d3a20aa16bf04bd7c5e27--
Apr 12 2012
On Thursday, 12 April 2012 at 14:43:01 UTC, maarten van damme wrote:works and GetLastError() returns 0 in both cases. Op 12 april 2012 16:13 schreef Kagamin <spam here.lot> het volgende:#include <windows.h> void main() { LPTHREAD_START_ROUTINE LoadLibAddy = (LPTHREAD_START_ROUTINE)** GetProcAddress(**GetModuleHandle("kernel32.dll"**), "LoadLibraryA"); CreateThread(NULL,0,**LoadLibAddy,"mydll.dll",0,**NULL); } ?
Any news about the Problem with D ? I really would like to use D for that.
May 12 2012
--20cf301d3a20fc4d2004bfedcd85 Content-Type: text/plain; charset=ISO-8859-1 I found a couple of errors in my code but couldn't get it to work. --20cf301d3a20fc4d2004bfedcd85 Content-Type: text/html; charset=ISO-8859-1 I found a couple of errors in my code but couldn't get it to work. <br> --20cf301d3a20fc4d2004bfedcd85--
May 13 2012
Try to make C dll, which loads D dll, and inject the C dll :)
May 14 2012
On Monday, 14 May 2012 at 09:53:55 UTC, Kagamin wrote:Try to make C dll, which loads D dll, and inject the C dll :)
I made a bootstrapper (a c DLL which loads the D Dll) and it works fine (the D entrypoint get called (a made a msgbox test) but then the Process freezes after it displayed the MsgBox. C Dll: #include <windows.h> bool _stdcall DllMain(_In_ void * _HDllHandle, _In_ unsigned _Reason, _In_opt_ void * _Reserved) { if(_Reason == DLL_PROCESS_ATTACH) { MessageBox(NULL,L"test",L"test",MB_OK); LPTHREAD_START_ROUTINE LoadLibAddy = (LPTHREAD_START_ROUTINE)GetProcAddress(GetModuleHandle(L"kernel32.dll"), "LoadLibraryA"); CreateThread(NULL,0,LoadLibAddy,"C:\\Users\\Moritz\\Documents\\Visual Studio 11\\Projects\\D_Projects\\D_BootStrapper\\Debug\\DAstral.dll",0,NULL); } return true; } D Dll: import std.c.windows.windows; import core.sys.windows.dll; __gshared HINSTANCE g_hInst; extern (Windows) BOOL DllMain(HINSTANCE hInstance, ULONG ulReason, LPVOID pvReserved) { final switch (ulReason) { case DLL_PROCESS_ATTACH: g_hInst = hInstance; MessageBoxA(null,"test2","test2",MB_OK); dll_process_attach( hInstance, true ); break; case DLL_PROCESS_DETACH: dll_process_detach( hInstance, true ); break; case DLL_THREAD_ATTACH: MessageBoxA(null,"test","test",MB_OK); dll_thread_attach( true, true ); break; case DLL_THREAD_DETACH: dll_thread_detach( true, true ); break; } return true; } Any help ?
May 15 2012
Hmm... It's probably confused by multiple threads. You can try to copy the source for dll_process_attach and insert debugging code there.
May 16 2012