DLL Injection with slots... ?!?!?

**squidge** · 17th October 2010, 18:14

Is it dynamically linked? (does it refuse to run if the DLLs are missing?)

**wysota** · 17th October 2010, 19:47

Can you inject a dll into a statically linked app (which is probably packed or encrypted too) at all?

**tbscope** · 17th October 2010, 19:52

Originally Posted by wysota

Can you inject a dll into a statically linked app (which is probably packed or encrypted too) at all?

Short answer: yes
But: it is extremely difficult. It is done in software cracking. You need to alter the assembly source code.

**squidge** · 17th October 2010, 22:44

You can do it without altering the application code at all, if have something that easily identifies the 'target' application (such as the text for the window title or the process name) you can VirtualAllocEx and CreateRemoteThread, then your thread runs in the process space of the application and can do whatever it wishes.

**gilamran** · 17th October 2010, 23:16

Originally Posted by squidge

You can do it without altering the application code at all, if have something that easily identifies the 'target' application (such as the text for the window title or the process name) you can VirtualAllocEx and CreateRemoteThread, then your thread runs in the process space of the application and can do whatever it wishes.

Hey guys, this is not the issue at all...
It is possible, and this is the working part of my question.
I'll post my code soon (And you can try it too)

Back to the original question:
Can I connect a slot function in my injected dll to the main app?

Thanks

**wysota** · 17th October 2010, 23:33

Until you provide some code of yours (namely the header file for the class you wish to call a slot from) we're stuck so we might as well get a bit offtopic here.

**gilamran** · 18th October 2010, 13:20

Here are the files:
Injected.cpp
MyQWidget.h
MyQWidget.cpp
MyQWidgetMoc.cpp

I'm injecting this DLL into the BasicLayout example (Comes with QT, run it to see where I'm going with this) , and do two connections:
1. Line1 with Line2
2. Line1 with mySlot function

I than change Line1 text, and see that Line2 also changes, and any change that I do to Line1 are reflected in Line2 too -> The connection is working!
And I did this connection from my DLL.

In mySlot function I change the Line3 text (We know that I'm able to do it)
so if the 2nd connection was successful we would have seen Line3 also change... but it doesn't... -> The connection didn't work!

I've created MyQWidgetMoc.cpp with moc.exe that comes with QT...

HELP HELP.

Thanks

**wysota** · 18th October 2010, 13:58

So how do you know your slot was not called? And please don't reply that the text on lineEdit3 didn't change.

**gilamran** · 18th October 2010, 14:12

Originally Posted by wysota

So how do you know your slot was not called? And please don't reply that the text on lineEdit3 didn't change.

sorry, but the text on lineEdit3 didn't change...
If the 2nd connection was working, the lineEdit3 should have changed to "mySlot CALLED, yey"...
What am I missing!?!?!?

**wysota** · 18th October 2010, 14:18

Originally Posted by gilamran

sorry, but the text on lineEdit3 didn't change...
If the 2nd connection was working, the lineEdit3 should have changed to "mySlot CALLED, yey"...
What am I missing!?!?!?

Debugging your application by changing values of lineedits is not a very professional way of doing things. What if you change the value but the change isn't reflected on the widget? Or if something rewrites the old value?

1. Check the return value of connect()
2. Use qDebug() or your debugger to see whether the slot is called.

**gilamran** · 18th October 2010, 14:37

Check the return value of connect()

The return value is TRUE for both connections

Use qDebug() or your debugger to see whether the slot is called.

I can't use a debugger, because this code is an injected dll, and don't know how to use the qDebug()... (Sorry)

But just to make sure, inside mySlot function I disconnected the first connection, but it wasn't getting disconnected... man! this function is NOT being called!

I've also tried

Qt Code:

Switch view

this->metaObject()->indexOfSlot("mySlot()")

this->metaObject()->indexOfSlot("mySlot()")

To copy to clipboard, switch view to plain text mode

and got 4!! the information is there! but not being called... :-(

I'm about to cry! anyone!?

**wysota** · 18th October 2010, 14:53

Originally Posted by gilamran

The return value is TRUE for both connections

So the connection is successfully made.

I can't use a debugger, because this code is an injected dll,

It doesn't change anything, you can still run the original application under the control of a debugger together with your dll.

and don't know how to use the qDebug()... (Sorry)

So learn to use it.

But just to make sure, inside mySlot function I disconnected the first connection, but it wasn't getting disconnected... man! this function is NOT being called!

I've also tried

Qt Code:

Switch view

this->metaObject()->indexOfSlot("mySlot()")

this->metaObject()->indexOfSlot("mySlot()")

To copy to clipboard, switch view to plain text mode

and got 4!! the information is there! but not being called... :-(

I'm about to cry! anyone!?

Maybe the respective signal is not emitted

Thread: DLL Injection with slots... ?!?!?

Thread Tools

Search Thread

Display

Hybrid View

Re: DLL Injection with slots... ?!?!?

Re: DLL Injection with slots... ?!?!?

Re: DLL Injection with slots... ?!?!?

Re: DLL Injection with slots... ?!?!?

Re: DLL Injection with slots... ?!?!?

Re: DLL Injection with slots... ?!?!?

Re: DLL Injection with slots... ?!?!?

Re: DLL Injection with slots... ?!?!?

Re: DLL Injection with slots... ?!?!?

Re: DLL Injection with slots... ?!?!?

Re: DLL Injection with slots... ?!?!?

Re: DLL Injection with slots... ?!?!?

Similar Threads

Signals & Slots!

Can you use dependency injection with Qt?

How do you add slots?

Slots or new slots

signal and slots

Bookmarks

Bookmarks

Posting Permissions