C# DLL (.NET Framework) won't run code when injected

134 Views Asked by Arkinetic At 25 May 2023 at 19:34

Code of the DLL:

using System;
using System.IO;
using System.Runtime.InteropServices;
using System.Text;
using System.Windows;

namespace ARKInjectableDLL
{
    public class Main
    {
        public static void DllMain()
        {
            MessageBox.Show("works");
        }
    }
}

Injector code:

[DllImport("kernel32.dll", SetLastError = true)]
static extern IntPtr OpenProcess(uint dwDesiredAccess, bool bInheritHandle, int dwProcessId);

[DllImport("kernel32.dll", SetLastError = true)]
static extern IntPtr VirtualAllocEx(IntPtr hProcess, IntPtr lpAddress, uint dwSize, uint flAllocationType, uint flProtect);

[DllImport("kernel32.dll", SetLastError = true)]
static extern bool WriteProcessMemory(IntPtr hProcess, IntPtr lpBaseAddress, byte[] lpBuffer, uint nSize, out UIntPtr lpNumberOfBytesWritten);

[DllImport("kernel32.dll", SetLastError = true)]
static extern IntPtr CreateRemoteThread(IntPtr hProcess, IntPtr lpThreadAttributes, uint dwStackSize, IntPtr lpStartAddress, IntPtr lpParameter, uint dwCreationFlags, out IntPtr lpThreadId);

[DllImport("kernel32.dll", CharSet = CharSet.Auto, SetLastError = true)]
public static extern IntPtr GetModuleHandle(string lpModuleName);

[DllImport("kernel32.dll", CharSet = CharSet.Ansi, SetLastError = true)]
public static extern IntPtr GetProcAddress(IntPtr hModule, string lpProcName);

const uint PROCESS_ALL_ACCESS = 0x1F0FFF;
const uint MEM_COMMIT = 0x1000;
const uint MEM_RESERVE = 0x2000;
const uint PAGE_READWRITE = 0x04;
[DllImport("kernel32.dll", SetLastError = true)]
static extern uint WaitForSingleObject(IntPtr hHandle, uint dwMilliseconds);

const uint INFINITE = 0xFFFFFFFF;

public static void InjectDLL(int processId, string dllPath)
{
    IntPtr processHandle = OpenProcess(PROCESS_ALL_ACCESS, false, processId);
    IntPtr dllPathAddress = VirtualAllocEx(processHandle, IntPtr.Zero, (uint)dllPath.Length + 1, MEM_COMMIT | MEM_RESERVE, PAGE_READWRITE);
    UIntPtr bytesWritten;
    WriteProcessMemory(processHandle, dllPathAddress, Encoding.ASCII.GetBytes(dllPath), (uint)dllPath.Length + 1, out bytesWritten);
    IntPtr loadLibraryAddress = GetProcAddress(GetModuleHandle("kernel32.dll"), "LoadLibraryA");
    IntPtr threadId;
    CreateRemoteThread(processHandle, IntPtr.Zero, 0, loadLibraryAddress, dllPathAddress, 0, out threadId);
    WaitForSingleObject(threadId, INFINITE);
    IntPtr dllHandle = GetModuleHandle(dllPath);
    IntPtr methodAddress = GetProcAddress(dllHandle, "DllMain");
    CreateRemoteThread(processHandle, IntPtr.Zero, 0, methodAddress, IntPtr.Zero, 0, out threadId);
}

Button Code:

InjectDLL(pid, dll);

Debugging the DLL, attaching to the process the dll is injected to: placing a breakpoint says Breakpoint won't be hit, no Symbols loaded on this document.

What do I do?

P.S Both the injector and the dll are x86 and have Allow Unsafe Code enabled and both are also .NET Framework 4.8

I tried using the DllExport NuGet Package.

Original Q&A

C# DLL (.NET Framework) won't run code when injected

There are 0 best solutions below

Related Questions in C#

Related Questions in .NET-4.8

Related Questions in DLL-INJECTION

Trending Questions

Popular # Hahtags

Popular Questions