Solved LdrpLoadDll - not injected (Unable to create remote thread)

Hexui Undetected CSGO Cheats Sinkicheat PUBG Cheat
Jul 15, 2019
2
12
0
Game Name
Minecraft
Anticheat
Client
How long you been coding/hacking?
3 years
Coding Language
C++
here is my code
LdrpLoadDll:
#include <stdio.h>
#include <Windows.h>
#include <iostream>
#include <string>
#include <TlHelp32.h>
#include <DbgHelp.h>
#pragma comment (lib, "DbgHelp.lib")
 
using namespace std;
 
struct UNKNOWN_DLL_DATA
{
    char padding_1[0x10];
    PWSTR DllName;
    char padding_2[0x3C];
};
typedef struct _UNICODE_STRING {
    USHORT Length;
    USHORT MaximumLength;
    PWCH   Buffer;
} UNICODE_STRING;
typedef UNICODE_STRING* PUNICODE_STRING;
//===========================================================================
typedef struct _PEB_LDR_DATA
{
    ULONG           Length;
    BOOLEAN         Initialized;
    PVOID           SsHandle;
    LIST_ENTRY      InLoadOrderModuleList;
    LIST_ENTRY      InMemoryOrderModuleList;
    LIST_ENTRY      InInitializationOrderModuleList;
} PEB_LDR_DATA, * PPEB_LDR_DATA;
//===========================================================================
typedef struct _LDR_MODULE
{
    LIST_ENTRY      InLoadOrderModuleList;
    LIST_ENTRY      InMemoryOrderModuleList;
    LIST_ENTRY      InInitializationOrderModuleList;
    PVOID           BaseAddress;
    PVOID           EntryPoint;
    ULONG           SizeOfImage;
    UNICODE_STRING  FullDllName;
    UNICODE_STRING  BaseDllName;
    ULONG           Flags;
    SHORT           LoadCount;
    SHORT           TlsIndex;
    LIST_ENTRY      HashTableEntry;
    ULONG           TimeDateStamp;
} LDR_MODULE, * PLDR_MODULE;
using f_LdrpLoadDll = NTSTATUS(__fastcall*)(PUNICODE_STRING DllName, UNKNOWN_DLL_DATA* unknown_struct, int flags_1, int flags_2, PLDR_MODULE* ppLdrModule);
struct LDRPLOADDLL_DATA
{
    f_LdrpLoadDll       pLdrpLoadDll;
    UNICODE_STRING      DllPathName;
    WCHAR               Data[MAX_PATH * 2];
    UNKNOWN_DLL_DATA    local_dll_data;
};
 
CHAR* processName = (CHAR*)"process.exe";
CHAR* dllPath = (CHAR*)"library.dll";
 
 
void __stdcall LdrpLoadDllFunc(LDRPLOADDLL_DATA* pData)
{
    if (!pData)
        return;
 
    PLDR_MODULE pLdrModule = nullptr;
 
    pData->DllPathName.Buffer = pData->Data;
 
    pData->local_dll_data.DllName = pData->DllPathName.Buffer;
 
    pData->pLdrpLoadDll(&pData->DllPathName, &pData->local_dll_data, 0, 1, &pLdrModule);
    return;
}
HANDLE GetHandleByProcessName(const char* ProcName, DWORD Attr)
{
    HANDLE pSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
    PROCESSENTRY32 ProcEntry;
 
    ProcEntry.dwSize = sizeof(ProcEntry);
 
    Process32First(pSnap, &ProcEntry);
 
    while (Process32Next(pSnap, &ProcEntry))
    {
        if (!strcmp(ProcEntry.szExeFile, ProcName))
        {
            CloseHandle(pSnap);
            return OpenProcess(Attr, false, ProcEntry.th32ProcessID);
        }
    }
    CloseHandle(pSnap);
    return 0;
}
int main()
{
    HANDLE hProcess = GetHandleByProcessName(&processName[0], PROCESS_ALL_ACCESS);
    LDRPLOADDLL_DATA ldrData;
    ldrData.pLdrpLoadDll = reinterpret_cast<f_LdrpLoadDll>((uintptr_t)GetModuleHandle("ntdll.dll") + 0x4DCAA);
 
    size_t len = strlen(dllPath);
 
    ldrData.DllPathName.Buffer = (PWSTR)(&ldrData.Data[0]);
 
    mbstowcs_s(&len, ldrData.DllPathName.Buffer, len + 1, dllPath, len);
 
    ldrData.DllPathName.Length = (USHORT)(len * 2) - 2;
    ldrData.DllPathName.MaximumLength = MAX_PATH * 2;
 
    ZeroMemory(&ldrData.local_dll_data, 0x50);
    ldrData.local_dll_data.DllName = ldrData.DllPathName.Buffer;
 
    if (hProcess != NULL)
    {
        BYTE* AddressOfAllocatedMemory = reinterpret_cast<BYTE*>(VirtualAllocEx(hProcess,
            nullptr,
            sizeof(LDRPLOADDLL_DATA) + 0x100,
            MEM_RESERVE | MEM_COMMIT,
            PAGE_EXECUTE_READWRITE));
 
        if (AddressOfAllocatedMemory != nullptr)
        {
            if (WriteProcessMemory(hProcess, AddressOfAllocatedMemory, &ldrData, sizeof(LDRPLOADDLL_DATA), nullptr))
            {
                if (WriteProcessMemory(hProcess, AddressOfAllocatedMemory + sizeof(LDRPLOADDLL_DATA), LdrpLoadDllFunc, 0x100, nullptr))
                {
                    if (CreateRemoteThread(hProcess,
                        nullptr,
                        0,
                        reinterpret_cast<LPTHREAD_START_ROUTINE>(AddressOfAllocatedMemory + sizeof(LDRPLOADDLL_DATA)),
                        AddressOfAllocatedMemory,
                        0,
                        nullptr))
                    {
                        cout << "Injection was successful!" << endl << "Thread created in adress:" << 0 << endl;
                    }
                    else
                    {
                        VirtualFree(AddressOfAllocatedMemory, sizeof(LDRPLOADDLL_DATA) + 0x100, MEM_RELEASE);
                        cout << "Failed create a thread in the process!" << endl << "Last Error:" << GetLastError() << endl;
                    }
                }
                else
                {
                    cout << "Failed to write the stub to the process!" << endl << "Last Error:" << GetLastError() << endl;
                    VirtualFree(AddressOfAllocatedMemory, sizeof(LDRPLOADDLL_DATA) + 0x100, MEM_RELEASE);
                }
            }
            else
            {
                cout << "Failed to write data to the process!" << endl << "Last Error:" << GetLastError() << endl;
                VirtualFree(AddressOfAllocatedMemory, sizeof(LDRPLOADDLL_DATA) + 0x100, MEM_RELEASE);
            }
        }
        else
        {
            cout << "Failed memory allocation!" << endl << "Last Error:" << GetLastError() << endl;
        }
    }
    else
    {
        cout << "Failed attach to process!" << endl << "Last Error:" << GetLastError() << endl;
    }
    system("PAUSE");
    return 0;
}
I don't know what works wrong.
 

iPower

Piece of shit
Moderator
Escobar Tier VIP
Fleep Tier Donator
Jun 29, 2017
593
21,108
67
Check out the GH Injector source. It has everything you need (support for LdrLoadDll and manual mapping).

Please don't paste the code and actually learn how it works :)
 
  • Like
Reactions: Rake

iPower

Piece of shit
Moderator
Escobar Tier VIP
Fleep Tier Donator
Jun 29, 2017
593
21,108
67
There are some things that could be happening:

1- Wrong rva for LdrpLoadDll
2- Anti-cheat blocking module loading/thread creation
3- Errors in your code
4- Errors in whatever you're trying to inject.

Now some questions:

1- Is there any specific reason for using LdrpLoadDll? If the game hooks LdrLoadDll you can try unhooking it or manual map your stuff.
2- Does the game have any anti-cheat?
3- Where's the code failing?

We need more information bruh
 
  • Like
Reactions: Rake
Jul 15, 2019
2
12
0
There are some things that could be happening:

1- Wrong rva for LdrpLoadDll
2- Anti-cheat blocking module loading/thread creation
3- Errors in your code
4- Errors in whatever you're trying to inject.

Now some questions:

1- Is there any specific reason for using LdrpLoadDll? If the game hooks LdrLoadDll you can try unhooking it or manual map your stuff.
2- Does the game have any anti-cheat?
3- Where's the code failing?

We need more information bruh
I don't know, I took this code from pastebin. I expect this is your code for it was signed by you. I just need a working ldrploaddll stub or ldrloaddll for 64x process. There there is an anti-cheat but there works the usual ldrloaddll. Please throw off your code))
 
Attention! Before you post:

Read the How to Ask Questions Guide
99% of questions are answered in the Beginner's Guide, do it before asking a question.

No Hack Requests. Post in the correct section.  Search the forum first. Read the rules.

How to make a good post:

  • Fill out the form correctly
  • Tell us the game name & coding language
  • Post everything we need to know to help you
  • Ask specific questions, be descriptive
  • Post errors, line numbers & screenshots
  • Post code snippets using code tags
  • If it's a large project, zip it up and attach it

If you do not comply, your post may be deleted.  We want to help, please make a good post and we will do our best to help you.

Community Mods