InjectionPlayground

Description

This project contains a collection of several DLL injection mthods:

Creating remote thread in a target process (CreateRemoteThread, RtlCreateUserThread, NtCreateThreadEx)
Injection of shellcode with SetThreadContext
Injection with QueueUserApc
Injection by setting windows hooks with SetWindowsHookEx (not as effective and universal, but it is added for reference).

The code is capable of injection into both x64 and x86 processes (platform-specific injection DLLs are also generated).

The following dependencies are included in the 3rdparty subdirectory:

Project consists of the following parts:

InjectionPlayground – console utility that inject a DLL into all processes with specified executable names.
InjectionPlaygroundGui – same as above but with GUI.
InjectedDll – project with DLL payload that is injected into a process. It shows a message box with information about process and thread.
WindowsHookDll – DLL payload for SetWindowsHook method. The difference is an exported function that is needed for setting a hook for window events.
Static libraries
- InjectedPayloadLib – static library for code that is common between InjectedDll and WindowsHookDll. Logging stuff and messaging functions.
- InjectionLib – static library with actual implementations of injections. Used by InjectionPlayground
- UtilsLib – Universal utils library: logging, process utils, assembly wrapper for shell code data.

Usage of a console utility:

InjectionPlayground <process name> [injection method id] [type of hook for SetWindowsHook]

Injection methods:

Message types for SetWindowsHook method (refer to the SetWindowsHookEx documentation for exact list):

InjectDllByOEP - injection loader function is contained in the injected DLL itself. May be useful for dealing with complex loading process

Really don't know whether the following is worth adding: