https://github.com/0x251/roblox-injector

Abusing amdxx64.dll, Whitelisted DLL roblox injection POC
https://github.com/0x251/roblox-injector

roblox roblox-injector roblox-poc

Last synced: about 1 month ago
JSON representation

Abusing amdxx64.dll, Whitelisted DLL roblox injection POC

• Host: GitHub
• URL: https://github.com/0x251/roblox-injector
• Owner: 0x251
• Created: 2025-03-31T06:36:56.000Z (about 1 month ago)
• Default Branch: main
• Last Pushed: 2025-03-31T07:00:10.000Z (about 1 month ago)
• Last Synced: 2025-03-31T07:31:53.609Z (about 1 month ago)
• Topics: roblox, roblox-injector, roblox-poc
• Language: Python
• Homepage:
• Size: 0 Bytes
• Stars: 1
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

        

### Injection POC

- ``amdxx64.dll`` & ``nviapi64.dll`` Are both whitelisted DLL's, that roblox allow's to be loaded therfore you can use ``SetWindowsHookExA``

-  Another method of injection is ``Cert Spoofing``, Spoofing the Cert to any Whitelisted DLL's Cert, Require's a REG edit though to allow fake cert's https://github.com/secret-blox/secret-blox-sign

-  Rename any DLL to ``amdxx64.dll`` or ``nviapi64.dll`` and in boblox.py change the ``DLL_PATH`` & ``DLL_CALLBACK``

-  ``Python12.9`` must run env as Admin for ``OpenProcess``

Dll must have an Hook Export ``Boblox`` Callback can be called anything

```c++

extern "C" __declspec(dllexport) LRESULT Boblox(int Code, WPARAM WParam, LPARAM LParam) {

    return CallNextHookEx(nullptr, Code, WParam, LParam);

}

```

# UwU

![image](https://github.com/user-attachments/assets/771dcb45-8a55-4e26-9814-80bb4d815a85)