CODEWITHSUNDEEP
c#dllmsvcrtdll-injectioncheat-engine
40 sabbir
40 sabbir

Reputation: 35

How to Fix DLL Injection Error in Cheat Engine for .NET Application

enter image description here I'm attempting to inject a DLL, written in C/C++, into a .NET application using Cheat Engine. However, I encounter an error message: "dllInject failed: Failed injecting the DLL Force load module failed: failed finding address of msvcrt!_dllonexit." I'm relatively new to .NET programming and unsure if the DLL needs to be written in .NET instead of C/C++. How can I resolve this issue? Is it necessary to write the DLL in .NET for it to work correctly with a .NET application?

I tried injecting the missing msvcrt.dll library first, but that didn't resolve the issue. I expected the DLL to inject successfully into the .NET application without errors. Instead, I received the error message: "dllInject failed: Failed injecting the DLL Force load module failed: failed finding address of msvcrt!_dllonexit."

here is those dll code

#include <windows.h>
#include <stdio.h>

// Function pointer for managed code function
typedef void(__stdcall *ActivateClickFunction)();

// Function prototype
void InjectedMain();

// Entry point of DLL
BOOL APIENTRY DllMain(HMODULE hModule,
                      DWORD  ul_reason_for_call,
                      LPVOID lpReserved)
{
    switch (ul_reason_for_call)
    {
    case DLL_PROCESS_ATTACH:
        // Load msvcrt.dll explicitly
        {
            HMODULE hMsvcrt = LoadLibraryA("msvcrt.dll");
            if (hMsvcrt == NULL)
            {
                MessageBoxW(NULL, L"Failed to load msvcrt.dll!", L"Error", MB_OK | MB_ICONERROR);
                return FALSE; // Or handle the error as appropriate
            }
        }

        // Injected into process
        MessageBoxW(NULL, L"SRhij.dll loaded successfully!", L"DLL Injector", MB_OK | MB_ICONINFORMATION);
        InjectedMain();
        break;
    case DLL_THREAD_ATTACH:
    case DLL_THREAD_DETACH:
    case DLL_PROCESS_DETACH:
        break;
    }
    return TRUE;
}

// Function to find MainWindow and invoke Activate_Click method
void InjectedMain()
{
    // Find the target window by class name or other criteria
    HWND mainWindowHandle = FindWindowW(L"iRemovalProWPF.MainWindow", NULL);

    if (mainWindowHandle == NULL)
    {
        MessageBoxW(NULL, L"Failed to find MainWindow!", L"Error", MB_OK | MB_ICONERROR);
        return;
    }

    // Get process ID of the window
    DWORD processId;
    GetWindowThreadProcessId(mainWindowHandle, &processId);

    // Open process with necessary permissions
    HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, processId);
    if (hProcess == NULL)
    {
        MessageBoxW(NULL, L"Failed to open process!", L"Error", MB_OK | MB_ICONERROR);
        return;
    }

    // Specify the path of mscoree.dll
    LPCWSTR dllPath = L"mscoree.dll";

    // Load .NET runtime into the target process using full path
    HMODULE hDotNetModule = LoadLibraryExW(dllPath, NULL, LOAD_WITH_ALTERED_SEARCH_PATH);
    if (hDotNetModule == NULL)
    {
        DWORD error = GetLastError();
        WCHAR errorMsg[256];
        // Use snwprintf for buffer safety
        _snwprintf(errorMsg, 256, L"Failed to load %s! Error code: %lu", dllPath, error);
        errorMsg[255] = L'\0'; // Ensure null termination
        MessageBoxW(NULL, errorMsg, L"Error", MB_OK | MB_ICONERROR);
        CloseHandle(hProcess);  // Assuming hProcess is a valid handle to the target process
        return;
    }

    // Get the address of the managed entry point method in the target process
    ActivateClickFunction activateClick = (ActivateClickFunction) GetProcAddress(hDotNetModule, "Someting_That_is+under_those_program"); // that is example 
    if (activateClick == NULL)
    {
        DWORD error = GetLastError();
        WCHAR errorMsg[256];
        // Use snwprintf for buffer safety
        _snwprintf(errorMsg, 256, L"Failed to get address of Activate_Click method! Error code: %lu", error);
        errorMsg[255] = L'\0'; // Ensure null termination
        MessageBoxW(NULL, errorMsg, L"Error", MB_OK | MB_ICONERROR);
        FreeLibrary(hDotNetModule);
        CloseHandle(hProcess);
        return;
    }

    // Call the managed method in the target process
    activateClick();

    // Cleanup
    FreeLibrary(hDotNetModule);
    CloseHandle(hProcess);
}

Upvotes: 1

Views: 951

Answers (0)

Related Questions