Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/hillu/dumb-inject-rs

Simple DLL injection demo in Rust
https://github.com/hillu/dumb-inject-rs

Last synced: about 2 hours ago
JSON representation

Simple DLL injection demo in Rust

Host: GitHub
URL: https://github.com/hillu/dumb-inject-rs
Owner: hillu
License: gpl-3.0
Created: 2022-07-22T13:34:30.000Z (over 2 years ago)
Default Branch: master
Last Pushed: 2022-07-24T22:25:23.000Z (over 2 years ago)
Last Synced: 2024-05-02T02:16:30.099Z (7 months ago)
Language: Rust
Homepage:
Size: 18.6 KB
Stars: 1
Watchers: 3
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

# Simple DLL injection demo in Rust

This repository produces a simple, self-contained DLL that can "inject itself" into other processes using the classic `CreateRemoteThread+LoadLibrary` method. It was written for self-education and is provided as-is in the hope that it may be useful to others.

It can be invoked as follows:

``` console
PS C:\Users\user> get-process notepad

Handles NPM(K) PM(K) WS(K) CPU(s) Id SI ProcessName
------- ------ ----- ----- ------ -- -- -----------
246 14 3044 17096 0.13 8064 1 notepad

PS C:\Users\user> rundll32 dumb_inject.dll,inject 8064
```

If everything went well, a message box informing the user that the "DLL was injected successfully." After that, a `cmd.exe` is launched. Using Process Explorer, we can verify that the `cmd.exe` is a child process of the process we injected the DLL into.

The DLL can be unloaded from the taraget process:

``` console
PS C:\Users\user> rundll32 dumb_inject.dll,unload 8064
```

There is also a function to enumerate modules in the target process:

``` console
PS C:\Users\user> rundll32 dumb_inject.dll,enumerate 8064
```

## License

GNU General Public License, version 3

## Author

- Hilko Bengen <>