Download the dll injector via the "Download" link on the top right of the page, you must login first.
GH Injector is only compatible with Windows 10 latest version, if your version is less than 1809 it will not work
USE DEFAULT SETTINGS. DO NOT USE ADVANCED SETTINGS AND THEN ASK US WHY IT DOESN'T WORK IF YOU HAVE NO IDEA WHAT YOU'RE DOING
- LdrLoadDll Stub
- Manual Mapping
- Thread Hijacking
Windows 10 1809 or above
- Compatible with both 32-bit and 64-bit programs
- Settings of the GUI are saved to a local ini file
- Processes can be selected by name or process ID and by the fancy process picker.
Since GH Injector V3.0 the actual injector has been converted in to a library
To use it in your applications you can either use InjectA (ansi) or InjectW (unicode) which are the two functions exported by the "GH Injector - x86.dll" and "GH Injector - x64.dll".
These functions take a pointer to a INJECTIONDATAA/INJECTIONDATAW structure. For more the struct definition / enums / flags check "Injection.h".
How To Use GH DLL Injector & Source Code Review:
- It's not a virus, it is packed with UPX and uses Autoit, according to most antivirus software that means it's a virus.
- It connects to the internet to check for updates
Compile "GH Injector Library\GH Injector Library.sln" with these steps:
- Open the project
- Click "Build" in the menubar
- Click "Batch Build"
- Tick all 4 release builds (Configuration = Release)
- Click "Build"
It will compile the AutoIt files and merge all the required files into "GH Injector".
To run the GH Injector simply open "GH Injector\GH Injector.exe".
What is a DLL Injector?
In computer programming, DLL injection is a technique used for running code within the address space of another process by forcing it to load a dynamic-link library. DLL injection is often used by external programs to influence the behavior of another program in a way its authors did not anticipate or intend. For example, the injected code could hook system function calls, or read the contents of password textboxes, which cannot be done the usual way. A program used to inject arbitrary code into arbitrary processes is called a DLL injector.
If you're making an internal hack you must use a DLL injector to inject it.
For the Manual Mapping a lot of credits go to Joachim Bauch. I highly recommend you to go there and take a look if you're interested in Manual Mapping and the PE format itself.
The windows structures I use for the unlinking process are mostly inspired by this site which is also a very interesting read.
I also want to credit Anton Bruckner and Dmitri Shostakovich because most of the time coding this I listened to their fantastic music which is probably one of the reasons why this took me way too long.
Last but not least credits go to Rake's mom for keeping me motivated during hard times (no pun intended).
Also checkout the loader made by Traxin which utilized the GH Injector: Release - GHLoader v2.0 (Source Included)