Configurable Injector v3 | #1 | |
Join Date: Aug 2007 Posts: 8643 User-Rating: 199 positive
33 negative
|
======= Configurable Injector v3 ======= Hello members, thanks for picking up a copy of this software. I would first like to make it clear that you must read "LICENSE" to continue, and to please not use this software maliciously. Now that, that is over i can explain what this program does, it is a configurable injector with parameters set in the XML files to control its actions. You can attach your module to any process name, window name or window class name you wish, with three modes (which are very different). Method "FILE": Classic remote-code allocation stub to call LoadLibraryW ... simple and effective, this is the way most normal injectors you're familiar with work, such as Winject. Method "FILE_MAP": "Manual mapping" they call it, but this is a cleaned up version of any previous code, this manually maps your file by reading it, then mapping the buffer into the executable's memory space, after which it manually fixes relocations, imports, etc, and nearly nothing can stop you, a special warning however, this module has a chance of being injected multiple times if not controlled. This is like DLL injection with PEB/LDR and NtQueryVirtualMemory hiding all in one. Method "FILE_MAP_NOPE": Just like the above "FILE_MAP", except your PE header is wiped clean. There will be no PE header. Relocations are also destroyed. ======= Explaination of configuration file (XML) ======= <target>: This is the target you'll be injecting into, the <mode> tag and <data> tag must be filled with different things, for example, <mode> is the injection target mode (Values must be PROCESS, WINDOW or WINDOWCLASS). PROCESS mode is just the exe name, so if you want to inject into chrome.exe, just put chrome.exe into <data> and make the <mode> PROCESS. You can also inject into window titles and window classes (you can use partial names, too!), <injection>: This is how you'll be injecting, <mode> is the injection mode (Values must be: FILE, FILE_MAP or FILE_MAP_NOPE, read above for details) and <data> is the file name to inject. Only registered and activated users can see links. Download Configurable Injector v3 __________________ Hallo |
|
KN4CK3R is offline |