diff --git a/ProcessHacker/actions.c b/ProcessHacker/actions.c index 485f4a2ea2ef..2e905a3cf5a3 100644 --- a/ProcessHacker/actions.c +++ b/ProcessHacker/actions.c @@ -1663,62 +1663,6 @@ BOOLEAN PhUiDetachFromDebuggerProcess( return TRUE; } -BOOLEAN PhUiInjectDllProcess( - _In_ HWND hWnd, - _In_ PPH_PROCESS_ITEM Process - ) -{ - static PH_FILETYPE_FILTER filters[] = - { - { L"DLL files (*.dll)", L"*.dll" }, - { L"All files (*.*)", L"*.*" } - }; - - NTSTATUS status; - PVOID fileDialog; - PPH_STRING fileName; - HANDLE processHandle; - - fileDialog = PhCreateOpenFileDialog(); - PhSetFileDialogFilter(fileDialog, filters, sizeof(filters) / sizeof(PH_FILETYPE_FILTER)); - - if (!PhShowFileDialog(hWnd, fileDialog)) - { - PhFreeFileDialog(fileDialog); - return FALSE; - } - - fileName = PH_AUTO(PhGetFileDialogFileName(fileDialog)); - PhFreeFileDialog(fileDialog); - - if (NT_SUCCESS(status = PhOpenProcess( - &processHandle, - ProcessQueryAccess | PROCESS_CREATE_THREAD | PROCESS_VM_OPERATION | - PROCESS_VM_READ | PROCESS_VM_WRITE, - Process->ProcessId - ))) - { - LARGE_INTEGER timeout; - - timeout.QuadPart = -5 * PH_TIMEOUT_SEC; - status = PhInjectDllProcess( - processHandle, - fileName->Buffer, - &timeout - ); - - NtClose(processHandle); - } - - if (!NT_SUCCESS(status)) - { - PhpShowErrorProcess(hWnd, L"inject the DLL into", Process, status, 0); - return FALSE; - } - - return TRUE; -} - BOOLEAN PhUiSetIoPriorityProcesses( _In_ HWND hWnd, _In_ PPH_PROCESS_ITEM *Processes, diff --git a/ProcessHacker/cmdmode.c b/ProcessHacker/cmdmode.c index 6dcd32625fbe..9ea771073c32 100644 --- a/ProcessHacker/cmdmode.c +++ b/ProcessHacker/cmdmode.c @@ -226,28 +226,6 @@ NTSTATUS PhCommandModeStart( NtClose(processHandle); } } - else if (PhEqualString2(PhStartupParameters.CommandAction, L"injectdll", TRUE)) - { - if (!PhStartupParameters.CommandValue) - return STATUS_INVALID_PARAMETER; - - if (NT_SUCCESS(status = PhOpenProcessPublic( - &processHandle, - ProcessQueryAccess | PROCESS_CREATE_THREAD | PROCESS_VM_OPERATION | PROCESS_VM_READ | PROCESS_VM_WRITE, - processId - ))) - { - LARGE_INTEGER timeout; - - timeout.QuadPart = -5 * PH_TIMEOUT_SEC; - status = PhInjectDllProcess( - processHandle, - PhStartupParameters.CommandValue->Buffer, - &timeout - ); - NtClose(processHandle); - } - } else if (PhEqualString2(PhStartupParameters.CommandAction, L"unloaddll", TRUE)) { if (!PhStartupParameters.CommandValue) diff --git a/ProcessHacker/include/actions.h b/ProcessHacker/include/actions.h index dd484c00333d..62cb0d758b04 100644 --- a/ProcessHacker/include/actions.h +++ b/ProcessHacker/include/actions.h @@ -188,14 +188,6 @@ PhUiDetachFromDebuggerProcess( _In_ PPH_PROCESS_ITEM Process ); -PHAPPAPI -BOOLEAN -NTAPI -PhUiInjectDllProcess( - _In_ HWND hWnd, - _In_ PPH_PROCESS_ITEM Process - ); - PHAPPAPI BOOLEAN NTAPI diff --git a/ProcessHacker/prpgmod.c b/ProcessHacker/prpgmod.c index 496cfe371017..ab2cdc1c647e 100644 --- a/ProcessHacker/prpgmod.c +++ b/ProcessHacker/prpgmod.c @@ -690,8 +690,6 @@ INT_PTR CALLBACK PhpProcessModulesDlgProc( PhInsertEMenuItem(menu, relocatedItem = PhCreateEMenuItem(0, PH_MODULE_FLAGS_HIGHLIGHT_RELOCATED_OPTION, L"Highlight relocated modules", NULL, NULL), -1); PhInsertEMenuItem(menu, untrustedItem = PhCreateEMenuItem(0, PH_MODULE_FLAGS_HIGHLIGHT_UNSIGNED_OPTION, L"Highlight untrusted modules", NULL, NULL), -1); PhInsertEMenuItem(menu, PhCreateEMenuSeparator(), -1); - PhInsertEMenuItem(menu, PhCreateEMenuItem(0, PH_MODULE_FLAGS_LOAD_MODULE_OPTION, L"Load module", NULL, NULL), -1); - PhInsertEMenuItem(menu, PhCreateEMenuSeparator(), -1); PhInsertEMenuItem(menu, stringsItem = PhCreateEMenuItem(0, PH_MODULE_FLAGS_MODULE_STRINGS_OPTION, L"Strings...", NULL, NULL), -1); if (modulesContext->ListContext.HideDynamicModules) @@ -724,20 +722,10 @@ INT_PTR CALLBACK PhpProcessModulesDlgProc( if (selectedItem && selectedItem->Id) { - if (selectedItem->Id == PH_MODULE_FLAGS_LOAD_MODULE_OPTION) - { - PhReferenceObject(processItem); - PhUiInjectDllProcess(hwndDlg, processItem); - PhDereferenceObject(processItem); - } - else - { - PhSetOptionsModuleList(&modulesContext->ListContext, selectedItem->Id); - - PhSaveSettingsModuleList(&modulesContext->ListContext); - - PhApplyTreeNewFilters(&modulesContext->ListContext.TreeFilterSupport); - } + PhSetOptionsModuleList(&modulesContext->ListContext, selectedItem->Id); + PhSaveSettingsModuleList(&modulesContext->ListContext); + + PhApplyTreeNewFilters(&modulesContext->ListContext.TreeFilterSupport); } PhDestroyEMenu(menu); diff --git a/ProcessHacker/resource.h b/ProcessHacker/resource.h index 82c94b02a94a..7b5748ed6395 100644 --- a/ProcessHacker/resource.h +++ b/ProcessHacker/resource.h @@ -560,7 +560,6 @@ #define ID_PROCESS_AFFINITY 40035 #define ID_PROCESS_CREATEDUMPFILE 40036 #define ID_MISCELLANEOUS_DETACHFROMDEBUGGER 40039 -#define ID_MISCELLANEOUS_INJECTDLL 40041 #define ID_PRIORITY_REALTIME 40048 #define ID_PRIORITY_HIGH 40049 #define ID_WINDOW_BRINGTOFRONT 40055 diff --git a/phlib/include/phnative.h b/phlib/include/phnative.h index 14467aa734e5..8dcb3aa2b9a9 100644 --- a/phlib/include/phnative.h +++ b/phlib/include/phnative.h @@ -270,15 +270,6 @@ PhGetProcessWsCounters( _Out_ PPH_PROCESS_WS_COUNTERS WsCounters ); -PHLIBAPI -NTSTATUS -NTAPI -PhInjectDllProcess( - _In_ HANDLE ProcessHandle, - _In_ PWSTR FileName, - _In_opt_ PLARGE_INTEGER Timeout - ); - PHLIBAPI NTSTATUS NTAPI diff --git a/phlib/native.c b/phlib/native.c index 4f66d48c3d4c..dadad9f0eaaf 100644 --- a/phlib/native.c +++ b/phlib/native.c @@ -1208,138 +1208,6 @@ NTSTATUS PhGetProcessWsCounters( return status; } -/** - * Causes a process to load a DLL. - * - * \param ProcessHandle A handle to a process. The handle must have - * PROCESS_QUERY_LIMITED_INFORMATION, PROCESS_CREATE_THREAD, PROCESS_VM_OPERATION, PROCESS_VM_READ - * and PROCESS_VM_WRITE access. - * \param FileName The file name of the DLL to inject. - * \param Timeout The timeout, in milliseconds, for the process to load the DLL. - * - * \remarks If the process does not load the DLL before the timeout expires it may crash. Choose the - * timeout value carefully. - */ -NTSTATUS PhInjectDllProcess( - _In_ HANDLE ProcessHandle, - _In_ PWSTR FileName, - _In_opt_ PLARGE_INTEGER Timeout - ) -{ -#ifdef _WIN64 - static PVOID loadLibraryW32 = NULL; -#endif - - NTSTATUS status; -#ifdef _WIN64 - BOOLEAN isWow64 = FALSE; - BOOLEAN isModule32 = FALSE; - PH_MAPPED_IMAGE mappedImage; -#endif - PVOID threadStart; - PH_STRINGREF fileName; - PVOID baseAddress = NULL; - SIZE_T allocSize; - HANDLE threadHandle; - -#ifdef _WIN64 - PhGetProcessIsWow64(ProcessHandle, &isWow64); - - if (isWow64) - { - if (!NT_SUCCESS(status = PhLoadMappedImage(FileName, NULL, TRUE, &mappedImage))) - return status; - - isModule32 = mappedImage.Magic == IMAGE_NT_OPTIONAL_HDR32_MAGIC; - PhUnloadMappedImage(&mappedImage); - } - - if (!isModule32) - { -#endif - threadStart = PhGetModuleProcAddress(L"kernel32.dll", "LoadLibraryW"); -#ifdef _WIN64 - } - else - { - threadStart = loadLibraryW32; - - if (!threadStart) - { - PPH_STRING kernel32FileName; - - kernel32FileName = PhConcatStrings2(USER_SHARED_DATA->NtSystemRoot, L"\\SysWow64\\kernel32.dll"); - status = PhGetProcedureAddressRemote( - ProcessHandle, - kernel32FileName->Buffer, - "LoadLibraryW", - 0, - &loadLibraryW32, - NULL - ); - PhDereferenceObject(kernel32FileName); - - if (!NT_SUCCESS(status)) - return status; - - threadStart = loadLibraryW32; - } - } -#endif - - PhInitializeStringRefLongHint(&fileName, FileName); - allocSize = fileName.Length + sizeof(WCHAR); - - if (!NT_SUCCESS(status = NtAllocateVirtualMemory( - ProcessHandle, - &baseAddress, - 0, - &allocSize, - MEM_COMMIT, - PAGE_READWRITE - ))) - return status; - - if (!NT_SUCCESS(status = NtWriteVirtualMemory( - ProcessHandle, - baseAddress, - fileName.Buffer, - fileName.Length + sizeof(WCHAR), - NULL - ))) - goto FreeExit; - - if (!NT_SUCCESS(status = RtlCreateUserThread( - ProcessHandle, - NULL, - FALSE, - 0, - 0, - 0, - threadStart, - baseAddress, - &threadHandle, - NULL - ))) - goto FreeExit; - - // Wait for the thread to finish. - status = NtWaitForSingleObject(threadHandle, FALSE, Timeout); - NtClose(threadHandle); - -FreeExit: - // Size needs to be zero if we're freeing. - allocSize = 0; - NtFreeVirtualMemory( - ProcessHandle, - &baseAddress, - &allocSize, - MEM_RELEASE - ); - - return status; -} - /** * Causes a process to unload a DLL. *