TUTOR PEMBUATAN INJECTOR + VIDEONYA

nih ane kasih vidio buat agan yg mo belajar buat injector..

silahkan liat nih vidio : http://www.youtube.com/watch?v=vnB8O7_ft68

nih buat tambahan'a...

1. Buka VB,buat project baru (Ctrl+Shift+N)

http://s1176.photobu...w&current=2.jpg


2. Buka Form1, dan tambahkan object seperti gambar di bawah


http://i1176.photobu...udi_Aster/3.jpg

4. Copy & Paste kode dibawah di Module yg baru saja di buat

Module Module1
Public Const MEM_COMMIT = 4096
Public Const PAGE_READWRITE = 4
Public Const PROCESS_CREATE_THREAD = (&H2)
Public Const PROCESS_VM_OPERATION = (&H8)
Public Const PROCESS_VM_READ = &H10
Public Const PROCESS_VM_WRITE = (&H20)

Public Enum ThreadAccess As Integer
TERMINATE = (&H1)
SUSPEND_RESUME = (&H2)
GET_CONTEXT = (&H8)
SET_CONTEXT = (&H10)
SET_INFORMATION = (&H20)
QUERY_INFORMATION = (&H40)
SET_THREAD_TOKEN = (&H80)
IMPERSONATE = (&H100)
DIRECT_IMPERSONATION = (&H200)
End Enum

Public Declare Function OpenThread Lib "kernel32.dll" (ByVal dwDesiredAccess As ThreadAccess, ByVal bInheritHandle As Boolean, ByVal dwThreadId As UInteger) As IntPtr
Public Declare Function SuspendThread Lib "kernel32.dll" (ByVal hThread As IntPtr) As UInteger
Public Declare Function ResumeThread Lib "kernel32.dll" (ByVal hThread As IntPtr) As UInteger
Public Declare Function CloseHandle Lib "kernel32.dll" (ByVal hHandle As IntPtr) As Boolean

Public Declare Function ReadProcessMemory Lib "kernel32" ( _
ByVal hProcess As Integer, _
ByVal lpBaseAddress As Integer, _
ByVal lpBuffer As String, _
ByVal nSize As Integer, _
ByRef lpNumberOfBytesWritten As Integer) As Integer

Public Declare Function LoadLibrary Lib "kernel32" Alias "LoadLibraryA" (ByVal lpLibFileName As String) As Integer

Public Declare Function VirtualAllocEx Lib "kernel32" ( _
ByVal hProcess As Integer, _
ByVal lpAddress As Integer, _
ByVal dwSize As Integer, _
ByVal flAllocationType As Integer, _
ByVal flProtect As Integer) As Integer

Public Declare Function WriteProcessMemory Lib "kernel32" ( _
ByVal hProcess As Integer, _
ByVal lpBaseAddress As Integer, _
ByVal lpBuffer As String, _
ByVal nSize As Integer, _
ByRef lpNumberOfBytesWritten As Integer) As Integer

Public Declare Function GetProcAddress Lib "kernel32" ( _
ByVal hModule As Integer, _
ByVal lpProcName As String) As Integer

Public Declare Function GetModuleHandle Lib "Kernel32" Alias "GetModuleHandleA" ( _
ByVal lpModuleName As String) As Integer

Public Declare Function CreateRemoteThread Lib "kernel32" ( _
ByVal hProcess As Integer, _
ByVal lpThreadAttributes As Integer, _
ByVal dwStackSize As Integer, _
ByVal lpStartAddress As Integer, _
ByVal lpParameter As Integer, _
ByVal dwCreationFlags As Integer, _
ByRef lpThreadId As Integer) As Integer

Public Declare Function OpenProcess Lib "kernel32" ( _
ByVal dwDesiredAccess As Integer, _
ByVal bInheritHandle As Integer, _
ByVal dwProcessId As Integer) As Integer

End Module

5. Kembali ke Form1, klik kanan pilih View Code
6. Skali lagi copas code dibawah
Imports System

Public Class Form1
Private prPB As Process
Private szGame As String = "POINTBLANK"
Private szDLLName As String
Private dwProcessID As Long = 0
Private dwStartAddr As Long
Private dwBuffer As Long

Private Sub SuspendProcess(ByVal process As System.Diagnostics.Process)
For Each t As ProcessThread In process.Threads
Dim th As IntPtr
th = OpenThread(ThreadAccess.SUSPEND_RESUME, False, t.Id)
If th <> IntPtr.Zero Then
SuspendThread(th)
CloseHandle(th)
End If
Next
End Sub

Private Sub ResumeProcess(ByVal process As System.Diagnostics.Process)
For Each t As ProcessThread In process.Threads
Dim th As IntPtr
th = OpenThread(ThreadAccess.SUSPEND_RESUME, False, t.Id)
If th <> IntPtr.Zero Then
ResumeThread(th)
CloseHandle(th)
End If
Next
End Sub

Private Sub Inject()
dwProcessID = OpenProcess(PROCESS_CREATE_THREAD Or PROCESS_VM_OPERATION Or PROCESS_VM_WRITE, False, prPB.Id)
dwStartAddr = GetProcAddress(GetModuleHandle("Kernel32"), "LoadLibraryA")
dwBuffer = Len(szDLLName) + 1
Dim ret As Integer
Dim dwLibAdress As Integer
dwLibAdress = VirtualAllocEx(dwProcessID, 0, dwBuffer, MEM_COMMIT, PAGE_READWRITE)
ret = WriteProcessMemory(dwProcessID, dwLibAdress, szDLLName, dwBuffer, 0)
CreateRemoteThread(dwProcessID, 0, 0, dwStartAddr, dwLibAdress, 0, 0)
CloseHandle(dwProcessID)
End Sub


Private Sub Timer1_Tick(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Timer1.Tick
If (Process.GetProcessesByName(szGame).Length = 0) Then
Label1.Text = "Waiting " & szGame
Button1.Enabled = False
Button2.Enabled = False
Else
Timer1.Stop()
prPB = Process.GetProcessesByName(szGame)(0)
dwProcessID = prPB.Id
szDLLName = Mid$(prPB.MainModule.FileName, 1, Len(prPB.MainModule.FileName) - 4) & ".i3exec"
Label1.Text = "Found " & szGame
Button1.Enabled = True
Button2.Enabled = True
End If
End Sub

Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button1.Click
If Button1.Text = "Suspend" Then
SuspendProcess(prPB)
Button1.Text = "Resume"
Else
ResumeProcess(prPB)
Button1.Text = "Suspend"
End If
End Sub

Private Sub Button2_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button2.Click
Inject()
End Sub

Private Sub Form1_Load(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles MyBase.Load
Timer1.Interval = 100
Timer1.Start()
End Sub
'EDIT, nambahin Auto Resume pada saat firm di tutup
'--------------------------------------------------------------
Private Sub Form1_FormClosing(ByVal sender As System.Object, ByVal e As System.Windows.Forms.FormClosingEventArgs) Handles MyBase.FormClosing
If Button1.Text = "Resume" Then
ResumeProcess(prPB)
End If
End Sub
'--------------------------------------------------------------
End Class

7. Build project, Run

Posted in: