Skip to content

/KeInject forked from adrianyy/KeInject

Kernel LdrLoadDll injector
  1. C 100.0%
Branch: master
Find File
Clone or download

Clone with HTTPS

Use Git or checkout with SVN using the web URL.

Open in Desktop Download ZIP

Launching GitHub Desktop...

If nothing happens, download GitHub Desktop and try again.

Launching GitHub Desktop...

If nothing happens, download GitHub Desktop and try again.

Launching Xcode...

If nothing happens, download Xcode and try again.

Launching Visual Studio...

If nothing happens, download the GitHub extension for Visual Studio and try again.

Pull request Compare This branch is even with adrianyy:master.
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
README.md
apc.c
apc.h
global.h
inj.c
inj.h
main.c
nt.h
structs.h
utl.c
utl.h

README.md

Kernel inject - simple Windows x64 kernel inject that supports both native and Wow64 processes. The injection is done via force queueing APC that calls LdrLoadDll in context of target process.

Everything you need to interact with in in usermode:

#define MODULE_MAX_LENGTH 512
#define IOCTL_INJECT_MODULE \
	CTL_CODE(FILE_DEVICE_UNKNOWN, 0x801, METHOD_BUFFERED, FILE_ANY_ACCESS)

typedef struct _INJECTION_DATA
{
	ULONG64	ProcessId;
	wchar_t	ModulePath[MODULE_MAX_LENGTH];
} INJECTION_DATA, *PINJECTION_DATA;
You can’t perform that action at this time.