This is the discussion thread for the GH Injector. The download link is at the top right of the page
Above this post you will see a few tabs, the Overview tab is the main page for this download. You can also get there by clicking here.
If you have problems or errors with the injector you MUST read this post! No stupid "doesn't work" threads!
Frequently Asked Questions & Known Issues
GH Injector is detected by some antivirus as malware, but it is not malware. It's 100% clean and safe to use. These are called false positives. It uses functions commonly used by, antiviruses using heuristics will classify this as malware, but it is not. It is also open source.
VirusTotal Jotti (both scans are of V4.0)
DO NOT USE ADVANCED SETTINGS IF YOU ARE A NEWB - YOU WILL ONLY SCREW IT UP
When launching the injector for the first time it needs to download two PDB files from the Microsoft symbol server. Let the injector download those files or it won't work. Since these files are system dependent I can't just add them to the injector download.
If you have problem with opening the injector:
GUI: Broihon/GH-Injector-GUI
Library: Broihon/GH-Injector-Library
What is a DLL Injector?
In computer programming, DLL injection is a technique used for running code within the address space of another process by forcing it to load a dynamic-link library. DLL injection is often used by external programs to influence the behavior of another program in a way its authors did not anticipate or intend. For example, the injected code could hook system function calls, or read the contents of password textboxes, which cannot be done the usual way. A program used to inject arbitrary code into arbitrary processes is called a DLL injector.
If you're making an internal hack you must use a DLL injector to inject it.
Credits
The new Qt GUI was made by @Kage (multikill - Overview).
A big shoutout goes to @Akaion (Dewera - Overview) for helping me with manual mapping.
For the Manual Mapping a lot of credits go to Joachim Bauch. I highly recommend you to go there and take a look if you're interested in Manual Mapping and the PE format itself.
The windows structures I use for the unlinking process are mostly inspired by this site which is also a very interesting read.
I also want to credit Anton Bruckner and Dmitri Shostakovich because most of the time coding this I listened to their fantastic music which is probably one of the reasons why this took me way too long.
Last but not least credits go to Rake's mom for keeping me motivated during hard times (no pun intended).
Above this post you will see a few tabs, the Overview tab is the main page for this download. You can also get there by clicking here.
If you have problems or errors with the injector you MUST read this post! No stupid "doesn't work" threads!
GH Injector is only compatible with latest versions of Windows 10, you must have version 1809 or above or it will not work.
USE DEFAULT SETTINGS. DO NOT USE ADVANCED SETTINGS AND THEN ASK US WHY IT DOESN'T WORK IF YOU HAVE NO IDEA WHAT YOU'RE DOING
Frequently Asked Questions & Known Issues
GH Injector is detected by some antivirus as malware, but it is not malware. It's 100% clean and safe to use. These are called false positives. It uses functions commonly used by, antiviruses using heuristics will classify this as malware, but it is not. It is also open source.
VirusTotal Jotti (both scans are of V4.0)
DO NOT USE ADVANCED SETTINGS IF YOU ARE A NEWB - YOU WILL ONLY SCREW IT UP
When launching the injector for the first time it needs to download two PDB files from the Microsoft symbol server. Let the injector download those files or it won't work. Since these files are system dependent I can't just add them to the injector download.
If you have problem with opening the injector:
- Check antivirus logs
- Turn off your antivirus
- Turn off Safe Browsing & other features in your browser
- Create a folder for the injector and other hacking tools
- Add this folder as an exception in your antivirus
- Antivirus often have multiple modules, add an exception in al of them
- Download it again, directly into this folder with the exception.
- Drag and drop files on the icon in the bottom right corner of the file list. Due to Qt limitations and the UIPI normal drag and drop isn't possible.
- Click the button in the bottom right to open the log file.
- Delay and timeout are in milliseconds.
- If the timeout is set to 0 the default of 2000 ms is used instead.
- You should basically always combine "Randomize file name" and "Load DLL copy".
- You can toggle files in the file list with space or deleted them with delete. Ctrl + click, shift + arrow keys and regular mouse selection can be used to select files.
- Double click a file in the list to open the file location.
- You can select processes in the process list using space, enter or double click.
- Shortcuts can only be used for one file. Make sure only the file you want to inject is checked if you generate a shortcut.
- Manually mapped or unlinked DLLs won't work with FreeLibraryAndExitThread, GetProcAddress, GetModuleHandle etc.
GUI: Broihon/GH-Injector-GUI
Library: Broihon/GH-Injector-Library
What is a DLL Injector?
In computer programming, DLL injection is a technique used for running code within the address space of another process by forcing it to load a dynamic-link library. DLL injection is often used by external programs to influence the behavior of another program in a way its authors did not anticipate or intend. For example, the injected code could hook system function calls, or read the contents of password textboxes, which cannot be done the usual way. A program used to inject arbitrary code into arbitrary processes is called a DLL injector.
If you're making an internal hack you must use a DLL injector to inject it.
Credits
The new Qt GUI was made by @Kage (multikill - Overview).
A big shoutout goes to @Akaion (Dewera - Overview) for helping me with manual mapping.
For the Manual Mapping a lot of credits go to Joachim Bauch. I highly recommend you to go there and take a look if you're interested in Manual Mapping and the PE format itself.
The windows structures I use for the unlinking process are mostly inspired by this site which is also a very interesting read.
I also want to credit Anton Bruckner and Dmitri Shostakovich because most of the time coding this I listened to their fantastic music which is probably one of the reasons why this took me way too long.
Last but not least credits go to Rake's mom for keeping me motivated during hard times (no pun intended).
