https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjYEvTauTmBcxoV5GQkmp-RVfsZKWJRB8oXL3uSsp6J0TbCP5Y7z_AlPHXhP3d2swUF9i1bPIpb6w3SrxMklvhR-O3uJfmRqzMgY2JyGVHq37IDH4lTGsKJJY7lAIEzhXnjIhiRMzlTsYQa/s288/topnavbar-c1.png' 4.bp.blogspot.com -->
Facebook Twitter Friendfeed
Gratis berlangganan artikel Yudha Creation via mail, join sekarang!

Selasa, 09 November 2010

Tutor Membuat Injector PointBlank

introduction:
pada edisi ini sebagian dari kode berasal dari sourcecode Gesp v.1.3 thank to bro eRGe yg udah share sourcecodenya.

Alat yang diperlukan:
- Microsoft Visual Basic 6 (VB6), bisa portable atau instalable, bisa cari2 dimari atau cari sendiri di google banyak koq yg share.
Lebih disarankan memakai instalable karena lebih komplit khususnya jika lebih pengen serius mendalami vb6 karena komponennya lebih lengkap,
tetapi portable pun ngga masalah kalau cuman membuat injector yg ada pada simplequickinjector.

Tutor Pembuatan Injector

sebelumnya buka dulu Vb6, dan pilih standard exe. ok

A. Pembuatan Form dan Design
- bikin 1 form, 1 label dan 1 timer, jadinya seperti ini

silakan dikreasikan formnya semaunya : ini contoh :
syarat harus ada 1 label dan 1 timer pada form. selanjutnya,

B. Code dan Modules
klik kanan pada form --> pilih view code.
isikan kode berikut pada form1,
 
Option Explicit
'Win 2k, ME, XP
Private Const GWL_EXSTYLE      As Long = (-20)
Private Const WS_EX_LAYERED    As Long = &H80000
Private Const LWA_ALPHA        As Long = &H2
Private winHwnd                As Long
Private NamaDll                As String
Private Declare Function GetWindowLongA Lib "USER32" (ByVal hwnd As Long, _
                                                      ByVal nIndex As Long) As Long
Private Declare Function SetWindowLongA Lib "USER32" (ByVal hwnd As Long, _
                                                      ByVal nIndex As Long, _
                                                      ByVal dwNewLong As Long) As Long
Private Declare Function SetLayeredWindowAttributes Lib "USER32" (ByVal hwnd As Long, _
                                                                  ByVal crey As Byte, _
                                                                  ByVal bAlpha As Byte, _
                                                                  ByVal dwFlags As Long) As Long

Private Sub silakandiedit()

'---------------------------------------------------------------
' silakan diedit bagian kode dibawah ini
'---------------------------------------------------------------

    Me.Caption = "SQI by rifqi36@N3" 'pengaturan caption atau nama injector
    Opacity 150, Me 'pengaturan transparent form MinVal = 20: MaxVal = 255
    NamaDll = App.Path & "\" & "suntix.dll" 'isikan nama library, contoh: suntix.dll
    FileTarget = "PointBlank.exe"
    '----------------------------------------------------------------

End Sub

'fungsi transparent form
Private Sub Opacity(Value As Byte, _
                    Frm As Form)


Dim MaxVal As Byte
Dim MinVal As Byte

    On Error GoTo ErrorHandler
    MinVal = 20
    MaxVal = 255
    If Value > MaxVal Then
        Value = MaxVal
    End If
    If Value < MinVal Then
        Value = MinVal
    End If
    SetWindowLongA Frm.hwnd, GWL_EXSTYLE, GetWindowLongA(Frm.hwnd, GWL_EXSTYLE) Or WS_EX_LAYERED
    SetLayeredWindowAttributes Frm.hwnd, 0, Value, LWA_ALPHA
ErrorHandler:

Exit Sub

End Sub

Private Sub Form_Load()

    App.TaskVisible = False 'hidden aplikasi dari window taskmanager terserah mau true/false
                            'tetapi tidak hidden di process
                            
    'perintah menghindari aplikasi dijalankan 2 kali
    'pada saat yg bersamaan
    '----------------------------------------
    If App.PrevInstance Then
        End
    End If
    '----------------------------------------
    silakandiedit '--> memanggil perintah pada -->> Private Sub silakandiedit()

End Sub


Private Sub Timer1_Timer()

    winHwnd = FindWindow(vbNullString, "HSUpdate") 'mencari jendela hsupdate
    If Not winHwnd = 0 Then 'jika ditemukan
        NTProcessList 'deteksi process pointblank
        InjectExecute (NamaDll) 'inject library
        End 'tutup otomatis injector
    Else 'jika tidak
        Label1.Caption = "Waiting NamaGame..." 'sabar menanti
    End If

End Sub
 
 
- bikin 2 modul, klik menu project --> add modules, modul pertama berinama modinjection,
pada modinjection, masukkan code berikut:

Option Explicit
Private Declare Function GetProcAddress Lib "kernel32" (ByVal hModule As Long, _
                                                        ByVal lpProcName As String) As Long
Private Declare Function GetModuleHandle Lib "kernel32" Alias "GetModuleHandleA" (ByVal lpModuleName As String) As Long
Private Declare Function LoadLibrary Lib "kernel32" Alias "LoadLibraryA" (ByVal lpLibFileName As String) As Long
Private Declare Function VirtualAllocEx Lib "kernel32" (ByVal hProcess As Long, _
                                                        lpAddress As Any, _
                                                        ByVal dwSize As Long, _
                                                        ByVal fAllocType As Long, _
                                                        flProtect As Long) As Long
Private Declare Function WriteProcessMemory Lib "kernel32" (ByVal hProcess As Long, _
                                                            ByVal lpBaseAddress As Any, _
                                                            lpBuffer As Any, _
                                                            ByVal nSize As Long, _
                                                            lpNumberOfBytesWritten As Long) As Long
Private Declare Function CreateRemoteThread Lib "kernel32" (ByVal ProcessHandle As Long, _
                                                            lpThreadAttributes As Long, _
                                                            ByVal dwStackSize As Long, _
                                                            ByVal lpStartAddress As Any, _
                                                            ByVal lpParameter As Any, _
                                                            ByVal dwCreationFlags As Long, _
                                                            lpThreadID As Long) As Long
Private Declare Sub Sleep Lib "kernel32" (ByVal dwMilliseconds As Long)


Public Sub InjectDll(DllPath As String, _
                     ProsH As Long)


Dim DLLVirtLoc   As Long
Dim DllLength    As Long

Dim inject       As Long
Dim LibAddress   As Long
Dim CreateThread As Long
Dim ThreadID     As Long
Dim Bla          As VbMsgBoxResult
g_loadlibary:
    LibAddress = GetProcAddress(GetModuleHandle("kernel32.dll"), "LoadLibraryA")
    If LibAddress = 0 Then
        Bla = MsgBox("Can't find LoadLibrary API from kernel32.dll", vbYesNo, "ERROR")
        If Bla = vbYes Then
            GoTo g_loadlibary
        Else 'NOT BLA...
            Exit Sub
        End If
    End If
g_virutalallocex:
    DllLength = Len(DllPath)
    DLLVirtLoc = VirtualAllocEx(ProsH, 0, DllLength, &H1000, ByVal &H4)
    If DLLVirtLoc = 0 Then
        Bla = MsgBox("VirtualAllocEx API failed! - try again?", vbYesNo, "ERROR")
        If Bla = vbYes Then
            GoTo g_virutalallocex
        Else 'NOT BLA...
            Exit Sub
        End If
    End If
g_writepmemory:
    inject = WriteProcessMemory(ProsH, ByVal DLLVirtLoc, ByVal DllPath, DllLength, vbNull)
    If inject = 0 Then
        Bla = MsgBox("Failed to Write DLL to Process! - try again?", vbYesNo, "ERROR")
        If Bla = vbYes Then
            GoTo g_writepmemory
        Else 'NOT BLA...
            Exit Sub
        End If
    End If
g_creatthread:
    CreateThread = CreateRemoteThread(ProsH, ByVal 0, 0, ByVal LibAddress, ByVal DLLVirtLoc, 0, ThreadID)
    If CreateThread = 0 Then
        Bla = MsgBox("Failed to Create Thead! - try again?", vbYesNo, "ERROR")
        If Bla = vbYes Then
            GoTo g_creatthread
        Else 'NOT BLA...
            Exit Sub
        End If
    End If
    QuickInjector.Label1.Caption = "Injected Successful!"
    MsgBox "Dll Injection Successful!", vbInformation, "Success"
End Sub

Public Sub InjectExecute(ByVal sFlDLL As String)

Dim lProcInject As Long

    lProcInject = OpenProcess(PROCESS_ALL_ACCESS, 0, IdTargetOne)
    If lProcInject > "0" Then
        Call InjectDll(sFlDLL, lProcInject)
        '       prjSuspend.cmdInjector.Enabled = False
    End If
    Call CloseHandle(lProcInject)

End Sub

dan modul kedua diberi nama modprocess. isikan kode berikut:

Option Explicit
Public FileTarget                    As String
Public sFlDLL                           As String
Public IdTargetOne                      As Long
Private Const TH32CS_SNAPHEAPLIST       As Long = &H1
Private Const TH32CS_SNAPPROCESS        As Long = &H2
Private Const TH32CS_SNAPTHREAD         As Long = &H4
Private Const TH32CS_SNAPMODULE         As Long = &H8
Private Const TH32CS_SNAPALL            As Double = (TH32CS_SNAPHEAPLIST Or TH32CS_SNAPPROCESS Or TH32CS_SNAPTHREAD Or TH32CS_SNAPMODULE)
Private Const MAX_PATH                  As Integer = 260
Public Const PROCESS_ALL_ACCESS         As Long = &H1F0FFF
Private Type PROCESSENTRY32
    dwSize                                  As Long
    cntUsage                                As Long
    th32ProcessID                           As Long
    th32DefaultHeapID                       As Long
    th32ModuleID                            As Long
    cntThreads                              As Long
    th32ParentProcessID                     As Long
    pcPriClassBase                          As Long
    dwFlags                                 As Long
    szExeFile                               As String * MAX_PATH
End Type
Private Type MODULEENTRY32
    dwSize                                  As Long
    th32ModuleID                            As Long
    th32ProcessID                           As Long
    GlblcntUsage                            As Long
    ProccntUsage                            As Long
    modBaseAddr                             As Long
    modBaseSize                             As Long
    hModule                                 As Long
    szModule                                As String * 256
    szExePath                               As String * 260
End Type
Private Type THREADENTRY32
    dwSize                                  As Long
    cntUsage                                As Long
    th32ThreadID                            As Long
    th32OwnerProcessID                      As Long
    tpBasePri                               As Long
    tpDeltaPri                              As Long
    dwFlags                                 As Long
End Type
Private Const THREAD_SUSPEND_RESUME     As Long = &H2
Private hThread                         As Long
Private Declare Function CreateToolhelp32Snapshot Lib "kernel32" (ByVal lFlags As Long, _
                                                                  ByVal lProcessID As Long) As Long
Private Declare Function Module32First Lib "kernel32" (ByVal hSnapShot As Long, _
                                                       uProcess As MODULEENTRY32) As Long
Private Declare Function lstrlen Lib "kernel32" Alias "lstrlenA" (ByVal lpString As String) As Long
Private Declare Function GetFileTitle Lib "COMDLG32.DLL" Alias "GetFileTitleA" (ByVal lpszFile As String, _
                                                                                ByVal lpszTitle As String, _
                                                                                ByVal cbBuf As Integer) As Integer
Private Declare Function Thread32First Lib "kernel32.dll" (ByVal hSnapShot As Long, _
                                                           ByRef lpte As THREADENTRY32) As Boolean
Private Declare Function Thread32Next Lib "kernel32.dll" (ByVal hSnapShot As Long, _
                                                          ByRef lpte As THREADENTRY32) As Boolean
Public Declare Function OpenProcess Lib "kernel32" (ByVal dwDesiredAccess As Long, _
                                                    ByVal bInheritHandle As Long, _
                                                    ByVal dwProcessId As Long) As Long
Private Declare Function TerminateProcess Lib "kernel32" (ByVal hProcess As Long, _
                                                          ByVal uExitCode As Long) As Long
Public Declare Function FindWindow Lib "USER32" Alias "FindWindowA" (ByVal Classname As String, _
                                                                     ByVal WindowName As String) As Long
Private Declare Function PostMessage Lib "USER32" Alias "PostMessageA" (ByVal hwnd As Long, _
                                                                        ByVal wMsg As Long, _
                                                                        ByVal wParam As Long, _
                                                                        lParam As Any) As Long
Private Declare Function Process32First Lib "kernel32" (ByVal hSnapShot As Long, _
                                                        uProcess As PROCESSENTRY32) As Long
Private Declare Function Process32Next Lib "kernel32" (ByVal hSnapShot As Long, _
                                                       uProcess As PROCESSENTRY32) As Long
Public Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As Long
Private Declare Function OpenThread Lib "kernel32.dll" (ByVal dwDesiredAccess As Long, _
                                                        ByVal bInheritHandle As Boolean, _
                                                        ByVal dwThreadId As Long) As Long
Private Declare Function ResumeThread Lib "kernel32.dll" (ByVal hThread As Long) As Long
Private Declare Function SuspendThread Lib "kernel32.dll" (ByVal hThread As Long) As Long

Public Function NTProcessList() As Long

Dim FileName    As String

Dim ExePath     As String
Dim hProcSnap   As Long
Dim hModuleSnap As Long
Dim lProc       As Long
Dim uProcess    As PROCESSENTRY32
Dim uModule     As MODULEENTRY32
    On Error Resume Next
    hProcSnap = CreateToolhelp32Snapshot(TH32CS_SNAPALL, 0&)
    uProcess.dwSize = Len(uProcess)
    lProc = Process32First(hProcSnap, uProcess)
    Do While lProc
        If uProcess.th32ProcessID <> 0 Then
            hModuleSnap = CreateToolhelp32Snapshot(TH32CS_SNAPALL, uProcess.th32ProcessID)
            uModule.dwSize = Len(uModule)
            Module32First hModuleSnap, uModule
            If hModuleSnap > 0 Then
                ExePath = StripNulls(uModule.szExePath)
                FileName = GetFName(ExePath)
                If FileTarget = FileName Then
                    IdTargetOne = uProcess.th32ProcessID
                End If
            End If
        End If
        lProc = Process32Next(hProcSnap, uProcess)
    Loop
    Call CloseHandle(hProcSnap)
    Call CloseHandle(lProc)
    On Error GoTo 0

End Function

Private Function StripNulls(ByVal sStr As String) As String


    StripNulls = Left$(sStr, lstrlen(sStr))

End Function

Public Function GetFName(fn) As String
Dim f%, n%
GetFName = fn
    f% = InStr(fn, "\")
    Do While f%
       n% = f%
       f% = InStr(n% + 1, fn, "\")
    Loop
    If n% > 0 Then GetFName = Mid$(fn, n% + 1)
End Function

Private Function Thread32Enum(ByRef Thread() As THREADENTRY32, _
                              ByVal lProcessID As Long) As Long

Dim THREADENTRY32 As THREADENTRY32
Dim hThreadSnap   As Long
Dim lThread       As Long

    On Error Resume Next
    ReDim Thread(0) As THREADENTRY32
    hThreadSnap = CreateToolhelp32Snapshot(TH32CS_SNAPTHREAD, lProcessID)
    THREADENTRY32.dwSize = Len(THREADENTRY32)
    If Thread32First(hThreadSnap, THREADENTRY32) = False Then
        Thread32Enum = -1
        Exit Function
    Else
        ReDim Thread(lThread) As THREADENTRY32
        Thread(lThread) = THREADENTRY32
    End If
    Do
        If Thread32Next(hThreadSnap, THREADENTRY32) = False Then
            Exit Do
        Else
            lThread = lThread + 1
            ReDim Preserve Thread(lThread)
            Thread(lThread) = THREADENTRY32
        End If
    Loop
    Thread32Enum = lThread
    Call CloseHandle(hThreadSnap)
    On Error GoTo 0

End Function 

jika udah selesai save semuanya berinama sesukanya.

jika udah selesai klik menu file pilih make project exe*


ket:
*nama project exe yang dibuat misalnya SQI.exe.

selesai,

jika ada yg kurang jelas bisa ditanyakan kemudian. semoga berguna bagi yang pengen bikin injector sendiri sebagai basic atau dasar pembuatan injector untuk selanjutnya bisa dikembangkan sendiri.

Artikel Terkait



0 komentar:

Posting Komentar

Bagi Rekan-rekan sekalian silahkan comment.
Pilih Name/Url . isi dengan nama anda. Kami akan berusaha untuk lebih baik.
Terima kasih sudah berkunjung..