Langkah-Langkah Tutorial Cara Membuat Injector:
A. First Of All – Project
buka vb6, saat pertama kali dibuka atau dijalankan akan muncul kotak dialog, salah satunya standard exe, pilih standard exe dan klik open, secara tidak langsung membuat project baru dengan 1 form.
Option Explicit 'Win 2k, ME, XP Private Const GWL_EXSTYLE As Long = (-20) Private Const WS_EX_LAYERED As Long = &H80000 Private Const LWA_ALPHA As Long = &H2 Private winHwnd As Long Private NamaDll As String Private Declare Function GetWindowLongA Lib "USER32" (ByVal hwnd As Long, _ ByVal nIndex As Long) As Long Private Declare Function SetWindowLongA Lib "USER32" (ByVal hwnd As Long, _ ByVal nIndex As Long, _ ByVal dwNewLong As Long) As Long Private Declare Function SetLayeredWindowAttributes Lib "USER32" (ByVal hwnd As Long, _ ByVal crey As Byte, _ ByVal bAlpha As Byte, _ ByVal dwFlags As Long) As Long Private Sub silakandiedit() '————————————————————— ' silakan diedit bagian kode dibawah ini '————————————————————— Me.Caption = "isisesukamu" 'pengaturan caption atau nama injector Opacity 150, Me 'pengaturan transparent form MinVal = 20: MaxVal = 255 NamaDll = App.Path & "\" & "suntix.dll" 'isikan nama library, contoh: suntix.dll FileTarget = "PointBlank.exe" Timer1.Interval = 20 'interval untuk timer '—————————————————————- End Sub 'fungsi transparent form Private Sub Opacity(Value As Byte, _ Frm As Form) Dim MaxVal As Byte Dim MinVal As Byte On Error GoTo ErrorHandler MinVal = 20 MaxVal = 255 If Value > MaxVal Then Value = MaxVal End If If Value < MinVal Then Value = MinVal End If SetWindowLongA Frm.hwnd, GWL_EXSTYLE, GetWindowLongA(Frm.hwnd, GWL_EXSTYLE) Or WS_EX_LAYERED SetLayeredWindowAttributes Frm.hwnd, 0, Value, LWA_ALPHA ErrorHandler: Exit Sub End Sub Private Sub Form_Load() App.TaskVisible = False 'hidden aplikasi dari window taskmanager terserah mau true/false 'tetapi tidak hidden di process 'perintah menghindari aplikasi dijalankan 2 kali 'pada saat yg bersamaan '—————————————- If App.PrevInstance Then End End If '—————————————- silakandiedit '–> memanggil perintah pada –>> Private Sub silakandiedit() End Sub Private Sub Timer1_Timer() winHwnd = FindWindow(vbNullString, "HSUpdate") 'mencari jendela hsupdate If Not winHwnd = 0 Then 'jika ditemukan NTProcessList 'deteksi process pointblank InjectExecute (NamaDll) 'inject library End 'tutup otomatis injector Else 'jika tidak Label1.Caption = "Waiting NamaGame…" 'sabar menanti End If End Sub Private Sub Form_QueryUnload(Cancel As Integer, UnloadMode As Integer) OpenURL "http://www.blogkamu", Me.hwnd End Sub tahap selanjutnya buat 3 modul, ingat modul atau modules bukan class. berinama modul pertama dengan nama modinjection, modul kedua dengan nama modprocess, dan modul ketiga dengan nama modbrowser. tambahkan kode2 berikut pada masing2 modul. Untuk Kode Injekson Option Explicit Private Declare Function GetProcAddress Lib "kernel32" (ByVal hModule As Long, _ByVal lpProcName As String) As Long Private Declare Function GetModuleHandle Lib "kernel32" Alias "GetModuleHandleA" (ByVal lpModuleName As String) As Long Private Declare Function LoadLibrary Lib "kernel32" Alias "LoadLibraryA" (ByVal lpLibFileName As String) As Long Private Declare Function VirtualAllocEx Lib "kernel32" (ByVal hProcess As Long, _ lpAddress As Any, _ByVal dwSize As Long, _ByVal fAllocType As Long, _ flProtect As Long) As Long Private Declare Function WriteProcessMemory Lib "kernel32" (ByVal hProcess As Long, _ByVal lpBaseAddress As Any, _ lpBuffer As Any, _ByVal nSize As Long, _ lpNumberOfBytesWritten As Long) As Long Private Declare Function CreateRemoteThread Lib "kernel32" (ByVal ProcessHandle As Long, _ lpThreadAttributes As Long, _ByVal dwStackSize As Long, _ByVal lpStartAddress As Any, _ByVal lpParameter As Any, _ByVal dwCreationFlags As Long, _ lpThreadID As Long) As Long Private Declare Sub Sleep Lib "kernel32" (ByVal dwMilliseconds As Long) Public Sub InjectDll(DllPath As String, _ProsH As Long) Dim DLLVirtLoc As Long Dim DllLength As Long Dim inject As Long Dim LibAddress As Long Dim CreateThread As Long Dim ThreadID As Long Dim Bla As VbMsgBoxResult g_loadlibary: LibAddress = GetProcAddress(GetModuleHandle("kernel32.dll"), "LoadLibraryA") If LibAddress = 0 Then Bla = MsgBox("Can't find LoadLibrary API from kernel32.dll", vbYesNo, "ERROR") If Bla = vbYes Then GoTo g_loadlibaryElse 'NOT BLA… Exit Sub End If End If g_virutalallocex: DllLength = Len(DllPath) DLLVirtLoc = VirtualAllocEx(ProsH, 0, DllLength, &H1000, ByVal &H4) If DLLVirtLoc = 0 Then Bla = MsgBox("VirtualAllocEx API failed! – try again?", vbYesNo, "ERROR") If Bla = vbYes Then GoTo g_virutalallocex Else 'NOT BLA… Exit Sub End If End If g_writepmemory: inject = WriteProcessMemory(ProsH, ByVal DLLVirtLoc, ByVal DllPath, DllLength, vbNull) If inject = 0 Then Bla = MsgBox("Failed to Write DLL to Process! – try again?", vbYesNo, "ERROR") If Bla = vbYes Then GoTo g_writepmemoryElse 'NOT BLA… Exit Sub End If End If g_creatthread: CreateThread = CreateRemoteThread(ProsH, ByVal 0, 0, ByVal LibAddress, ByVal DLLVirtLoc, 0, ThreadID) If CreateThread = 0 Then Bla = MsgBox("Failed to Create Thead! – try again?", vbYesNo, "ERROR") If Bla = vbYes Then GoTo g_creatthread Else 'NOT BLA… Exit Sub End If End If MsgBox "Dll Injection Successful!", vbInformation, "Success" End Sub Public Sub InjectExecute(ByVal sFlDLL As String) Dim lProcInject As Long lProcInject = OpenProcess(PROCESS_ALL_ACCESS, 0, IdTargetOne) If lProcInject > "0" Then Call InjectDll(sFlDLL, lProcInject) End If Call CloseHandle(lProcInject) End Sub untuk kode untuk modprocess Option Explicit Public FileTarget As String Public sFlDLL As String Public IdTargetOne As Long Private Const TH32CS_SNAPHEAPLIST As Long = &H1Private Const TH32CS_SNAPPROCESS As Long = &H2Private Const TH32CS_SNAPTHREAD As Long = &H4Private Const TH32CS_SNAPMODULE As Long = &H8Private Const TH32CS_SNAPALL As Double = (TH32CS_SNAPHEAPLIST Or TH32CS_SNAPPROCESS Or TH32CS_SNAPTHREAD Or TH32CS_SNAPMODULE) Private Const MAX_PATH As Integer = 260 Public Const PROCESS_ALL_ACCESS As Long = &H1F0FFFPrivate Type PROCESSENTRY32 dwSize As Long cntUsage As Long th32ProcessID As Long th32DefaultHeapID As Long th32ModuleID As Long cntThreads As Long th32ParentProcessID As Long pcPriClassBase As Long dwFlags As Long szExeFile As String * MAX_PATHEnd Type Private Type MODULEENTRY32 dwSize As Long th32ModuleID As Long th32ProcessID As Long GlblcntUsage As Long ProccntUsage As Long modBaseAddr As Long modBaseSize As Long hModule As Long szModule As String * 256 szExePath As String * 260 End Type Private Type THREADENTRY32 dwSize As Long cntUsage As Long th32ThreadID As Long th32OwnerProcessID As Long tpBasePri As Long tpDeltaPri As Long dwFlags As Long End Type Private Const THREAD_SUSPEND_RESUME As Long = &H2Private hThread As Long Private Declare Function CreateToolhelp32Snapshot Lib “kernel32″ (ByVal lFlags As Long, _ByVal lProcessID As Long) As Long Private Declare Function Module32First Lib “kernel32″ (ByVal hSnapShot As Long, _ uProcess As MODULEENTRY32) As Long Private Declare Function lstrlen Lib “kernel32″ Alias “lstrlenA” (ByVal lpString As String) As Long Private Declare Function GetFileTitle Lib “COMDLG32.DLL” Alias “GetFileTitleA” (ByVal lpszFile As String, _ByVal lpszTitle As String, _ByVal cbBuf As Integer) As Integer Private Declare Function Thread32First Lib “kernel32.dll” (ByVal hSnapShot As Long, _ByRef lpte As THREADENTRY32) As Boolean Private Declare Function Thread32Next Lib “kernel32.dll” (ByVal hSnapShot As Long, _ByRef lpte As THREADENTRY32) As Boolean Public Declare Function OpenProcess Lib “kernel32″ (ByVal dwDesiredAccess As Long, _ByVal bInheritHandle As Long, _ByVal dwProcessId As Long) As Long Private Declare Function TerminateProcess Lib “kernel32″ (ByVal hProcess As Long, _ByVal uExitCode As Long) As Long Public Declare Function FindWindow Lib “USER32″ Alias “FindWindowA” (ByVal Classname As String, _ByVal WindowName As String) As Long Private Declare Function PostMessage Lib “USER32″ Alias “PostMessageA” (ByVal hwnd As Long, _ByVal wMsg As Long, _ByVal wParam As Long, _ lParam As Any) As Long Private Declare Function Process32First Lib “kernel32″ (ByVal hSnapShot As Long, _ uProcess As PROCESSENTRY32) As Long Private Declare Function Process32Next Lib “kernel32″ (ByVal hSnapShot As Long, _ uProcess As PROCESSENTRY32) As Long Public Declare Function CloseHandle Lib “kernel32″ (ByVal hObject As Long) As Long Private Declare Function OpenThread Lib “kernel32.dll” (ByVal dwDesiredAccess As Long, _ByVal bInheritHandle As Boolean, _ByVal dwThreadId As Long) As Long Private Declare Function ResumeThread Lib “kernel32.dll” (ByVal hThread As Long) As Long Private Declare Function SuspendThread Lib “kernel32.dll” (ByVal hThread As Long) As Long Public Function NTProcessList() As Long Dim FileName As String Dim ExePath As String Dim hProcSnap As Long Dim hModuleSnap As Long Dim lProc As Long Dim uProcess As PROCESSENTRY32Dim uModule As MODULEENTRY32On Error Resume Next hProcSnap = CreateToolhelp32Snapshot(TH32CS_SNAPALL, 0&) uProcess.dwSize = Len(uProcess) lProc = Process32First(hProcSnap, uProcess) Do While lProcIf uProcess.th32ProcessID <> 0 Then hModuleSnap = CreateToolhelp32Snapshot(TH32CS_SNAPALL, uProcess.th32ProcessID) uModule.dwSize = Len(uModule) Module32First hModuleSnap, uModuleIf hModuleSnap > 0 Then ExePath = StripNulls(uModule.szExePath) FileName = GetFName(ExePath) If FileTarget = FileName Then IdTargetOne = uProcess.th32ProcessIDEnd If End If End If lProc = Process32Next(hProcSnap, uProcess) Loop Call CloseHandle(hProcSnap) Call CloseHandle(lProc) On Error GoTo 0 End Function Private Function StripNulls(ByVal sStr As String) As String StripNulls = Left$(sStr, lstrlen(sStr)) End Function Public Function GetFName(fn) As String Dim f%, n% GetFName = fn f% = InStr(fn, “\”) Do While f% n = f% f% = InStr(n% + 1, fn, “\”) Loop If n% > 0 Then GetFName = Mid$(fn, n% + 1) End Function Private Function Thread32Enum(ByRef Thread() As THREADENTRY32, _ByVal lProcessID As Long) As Long Dim THREADENTRY32 As THREADENTRY32Dim hThreadSnap As Long Dim lThread As Long On Error Resume Next ReDim Thread(0) As THREADENTRY32 hThreadSnap = CreateToolhelp32Snapshot(TH32CS_SNAPTHREAD, lProcessID) THREADENTRY32.dwSize = Len(THREADENTRY32) If Thread32First(hThreadSnap, THREADENTRY32) = False Then Thread32Enum = -1 Exit Function Else ReDim Thread(lThread) As THREADENTRY32Thread(lThread) = THREADENTRY32End If Do If Thread32Next(hThreadSnap, THREADENTRY32) = False Then Exit Do Else lThread = lThread + 1 ReDim Preserve Thread(lThread) Thread(lThread) = THREADENTRY32End If Loop Thread32Enum = lThreadCall CloseHandle(hThreadSnap) On Error GoTo 0 End Function untuk kode untuk modbrowser ‘modul buka browserPublic Declare Function ShellExecute Lib “shell32.dll” Alias “ShellExecuteA” _(ByVal hwnd As Long, _ByVal lpOperation As String, _ByVal lpFile As String, _ByVal lpParameters As String, _ByVal lpDirectory As String, _ByVal nShowCmd As Long) As Long Public Sub OpenURL(situs As String, sourceHWND As Long) Call ShellExecute(sourceHWND, vbNullString, situs, vbNullString, vbNullString, 1) End Sub
0 komentar:
Posting Komentar