使用C#注入DLL时出错6

时间:2017-07-12 14:15:56

标签: c# dll-injection

当我尝试将带有C#的DLL注入java进程(特别是Minecraft)时,我收到错误"错误6",我一直在谷歌搜索此错误但无法找到解决方案。 该程序以管理员模式运行,并且它不会尝试从管理路径加载。 我的代码:

using System;
using System.Collections.Generic;
using System.Diagnostics;
using System.Runtime.InteropServices;
using System.Text;

namespace Launcher
{
internal class InjectionUtils
{
    public struct CTX_PROCS
    {
        public Process[] procs;
    }

    private const int PROCESS_CREATE_THREAD = 2;

    private const int PROCESS_QUERY_INFORMATION = 1024;

    private const int PROCESS_VM_OPERATION = 8;

    private const int PROCESS_VM_WRITE = 32;

    private const int PROCESS_VM_READ = 16;

    private const uint MEM_COMMIT = 4096u;

    private const uint MEM_RESERVE = 8192u;

    private const uint PAGE_READWRITE = 4u;

    [DllImport("kernel32.dll")]
    public static extern IntPtr OpenProcess(int dwDesiredAccess, bool        bInheritHandle, int dwProcessId);

    [DllImport("kernel32.dll", CharSet = CharSet.Auto)]
    public static extern IntPtr GetModuleHandle(string lpModuleName);

    [DllImport("kernel32", CharSet = CharSet.Ansi, ExactSpelling = true, SetLastError = true)]
    private static extern IntPtr GetProcAddress(IntPtr hModule, string procName);

    [DllImport("kernel32.dll", ExactSpelling = true, SetLastError = true)]
    private static extern IntPtr VirtualAllocEx(IntPtr hProcess, IntPtr lpAddress, uint dwSize, uint flAllocationType, uint flProtect);

    [DllImport("kernel32.dll", SetLastError = true)]
    private static extern bool WriteProcessMemory(IntPtr hProcess, IntPtr lpBaseAddress, byte[] lpBuffer, uint nSize, out UIntPtr lpNumberOfBytesWritten);

    [DllImport("kernel32.dll")]
    private static extern IntPtr CreateRemoteThread(IntPtr hProcess, IntPtr lpThreadAttributes, uint dwStackSize, IntPtr lpStartAddress, IntPtr lpParameter, uint dwCreationFlags, IntPtr lpThreadId);

    [DllImport("user32.dll", CharSet = CharSet.Auto)]
    private static extern int MessageBox(IntPtr hWnd, string text, string caption, uint option);

    [DllImport("kernel32.dll", SetLastError = true)]
    [return: MarshalAs(UnmanagedType.Bool)]
    private static extern bool CloseHandle(IntPtr hObject);

    [DllImport("kernel32.dll")]
    private static extern uint GetLastError();

    private void MBox(string text)
    {
        InjectionUtils.MessageBox(IntPtr.Zero, text, "", 0u);
    }

    public void DoInjection(string dllPath)
    {
        InjectionUtils.CTX_PROCS cTX_PROCS = this.FindProcessByNameAndTitle("javaw", "Minecraft 1.7");
        this.InjectDynamicLib(dllPath, cTX_PROCS.procs[0].Id);
    }

    public InjectionUtils.CTX_PROCS FindProcessByNameAndTitle(string processName, string title)
    {
        InjectionUtils.CTX_PROCS result = default(InjectionUtils.CTX_PROCS);
        List<Process> list = new List<Process>();
        Process[] processes = Process.GetProcesses();
        for (int i = 0; i < processes.Length; i++)
        {
            Process process = processes[i];
            if (process.ProcessName.Equals(processName) && process.MainWindowTitle.Contains(title))
            {
                list.Add(process);
            }
        }
        result.procs = list.ToArray();
        return result;
    }

    public void eject()
    {
    }

    private bool InjectDynamicLib(string dllPath, int pId)
    {
        bool result = false;
        IntPtr intPtr = InjectionUtils.OpenProcess(1082, false, pId);
        uint num = (uint)((dllPath.Length + 1) * Marshal.SizeOf(typeof(char)));
        if (intPtr != IntPtr.Zero)
        {
            IntPtr procAddress = InjectionUtils.GetProcAddress(InjectionUtils.GetModuleHandle("kernel32.dll"), "LoadLibraryA");
            IntPtr intPtr2 = InjectionUtils.VirtualAllocEx(intPtr, IntPtr.Zero, num, 12288u, 4u);
            UIntPtr uIntPtr;
            // Write path of dll to remote process
            if (InjectionUtils.WriteProcessMemory(intPtr, intPtr2, Encoding.Default.GetBytes(dllPath), num, out uIntPtr))
            {
                InjectionUtils.CloseHandle(InjectionUtils.CreateRemoteThread(intPtr, IntPtr.Zero, 0u, procAddress, intPtr2, 0u, IntPtr.Zero));
                result = true;
            }
            InjectionUtils.CloseHandle(intPtr);
        }
        if (InjectionUtils.GetLastError() != 0u)
        {
            this.MBox("ERROR " + InjectionUtils.GetLastError());
        }
        return result;
    }

如果有人可以提供帮助,我会非常感激... :) 提前致谢:D

1 个答案:

答案 0 :(得分:0)

来自MSDN Error Code List

ERROR_INVALID_HANDLE

0x6

在调用GetLastError()之前,先两次在线程句柄和进程句柄上调用CloseHandle()。

要查找问题,只需检查OpenProcess()和CreateRemoteThread()的返回值,然后与您在MSDN上的功能文档中找到的信息进行比较即可。

对于一个简单而简洁的C#注入器,这是我喜欢使用的代码,其中包括一些错误检查并使用托管的Process :: Dispose()方法,而不是至少在流程句柄上至少调用了本机的CloseHandle(): 

def custom_resampler(array):
    import numpy as np

    return array/np.sum(array)

>>df.set_index('Date').resample('Q')['Value'].apply(custom_resampler)

请确保以管理员身份运行并锁定所有遗漏的定义。

相关问题
最新问题