Good morning. I'm trying to learn about DLL injection, so I've wrote a little software, that just gets a String, compares with StrCmp() and if the input was equal "Winner", the software gives a Good boy message, with the porpouse of learn DLL injection. So I write a DLL that loads a Form when inject, the porpouse is using the DLL injection, to modify the Instruction of comparison( JNZ(74) to JMP(EB)), and make the software, accept any string. My DLL code is:
library Project2;
uses
SysUtils,
Windows,
Classes,
Unit1 in 'Unit1.pas' {Form1};
{$R *.res}
var
Hproccess:THandle;
Hid:Cardinal;
b:Boolean=false;
Procedure Chamar;
begin
Form1:=TForm1.Create(nil);
Form1.ShowModal;
end;
begin
Hproccess:=OpenProcess(PROCESS_ALL_ACCESS,false,GetCurrentProcessID);
CreateRemoteThread(Hproccess,nil,0,@Chamar,@Chamar,0,Hid);
end.
How can you see, the DLL just Create a new Thread to load the Form(Form1). The problem is, when I write in the Memory Addres to overwrite the JNZ instruction, Windows don't let me do it, and returns the Message of Access Violation at Address 005B55A9. My form code also is very simple.
unit Unit1;
interface
uses
Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
Dialogs, StdCtrls;
type
TForm1 = class(TForm)
Button2: TButton;
procedure Button2Click(Sender: TObject);
private
public
end;
var
Form1: TForm1;
implementation
{$R *.dfm}
procedure TForm1.Button2Click(Sender: TObject);
var
Memory:Dword;
begin
Memory:=$005B55A9;
PDWORD(Memory)^:=225; {EB=225}
Free();
end;
end.
What Am I doing of wrong? How can I overwrite the instruction of JNZ(74) to JMP(EB) without Access Violation error? Sorry for my mistakes, I started to read about it yesterday, that was my first example. I already have the Injector(Extreme Injector). My doubt is just about the DLL coding. Can you help me?
I forgot to say, I use Windows 10...