search

unknownv2 / CoreHook

A library that simplifies intercepting application function calls using managed code and the .NET Core runtime
MIT License
260 stars 40 forks source link

Implement better DLL injection methods #113

Open unknownv2 opened 5 years ago

unknownv2 commented 5 years ago

We will use this issue for a discussion on implementing different injection methods for our libraries.

ghost commented 5 years ago

So if I understand correctly, we want a function in RemoteInjector.cs that starts a specified process and then manually maps a specified DLL into the process?

unknownv2 commented 5 years ago

We want to implement a function to load a DLL into the process.

There is an interface for a Module Injector which is used to call the actual injection method. https://github.com/unknownv2/CoreHook/blob/master/src/CoreHook.BinaryInjection/Loader/IModuleInjector.cs

The Module Injector Implementation here: https://github.com/unknownv2/CoreHook/blob/master/src/CoreHook.BinaryInjection/Loader/ModuleInjector.cs

The Assembly loading code is accessed through the AssemblyLoader class here: https://github.com/unknownv2/CoreHook/blob/master/src/CoreHook.BinaryInjection/Loader/AssemblyLoader.cs#L21

Here is an example of a module being injected using it's filepath: https://github.com/unknownv2/CoreHook/blob/master/src/CoreHook.BinaryInjection/RemoteInjection/RemoteInjector.cs#L206

The actual process we start is wrapped in a ManagedProcess handle: https://github.com/unknownv2/CoreHook/blob/master/src/CoreHook.Memory/ManagedProcess.cs#L7

The current injection method is implemented here:

https://github.com/unknownv2/CoreHook/blob/master/src/CoreHook.Memory/Processes/ProcessManager.Windows.cs#L20

So I think that would be the best place to implement the actual injection code, because then we don't have to change anything as far as function calls.

The .NET C# Process class is wrapped and passed to the ProcessManager here in the RemoteInjector: https://github.com/unknownv2/CoreHook/blob/master/src/CoreHook.BinaryInjection/RemoteInjection/RemoteInjector.cs#L34

You can modify the process creation code here if necessary: https://github.com/unknownv2/CoreHook/blob/master/src/CoreHook.BinaryInjection/RemoteInjection/RemoteInjector.cs#L85

unknownv2 commented 5 years ago

If that's confusing, I understand as well... I really appreciate the help so I can answer any questions and I am very open to suggestions on how to better document everything or maybe how to better structure the code and projects to make it easier to understand.

Thank you again!

ghost commented 5 years ago

Once we get this DLL injection working I could definitely help you structure the codebase of this project better as well as help you with the documentation of the functions.