-2

I'm trying to inject a dll into a process, but after compiling I get TestMain.obj : error LNK2019: link to unresolved external symbol __imp__StrStrIA@8 in function "unsigned long __cdecl GetPid(char *)" (?GetPid@@YAKPAD@Z). After years of trying find my problem in my code and trying to google it , and meditating with Shaolin monks, I failed. This is my code:

#include <windows.h>
#include <stdio.h>
#include <tlhelp32.h>
#include <shlwapi.h>
#include <iostream>
#include <conio.h>
using namespace std;

#define CREATE_THREAD_ACCESS (PROCESS_CREATE_THREAD | PROCESS_QUERY_INFORMATION | PROCESS_VM_OPERATION | PROCESS_VM_WRITE | PROCESS_VM_READ)

bool IsWindowsNT()
{
   // check current version of Windows
   DWORD version = GetVersion();
   // parse return
   DWORD majorVersion = (DWORD)(LOBYTE(LOWORD(version)));
   DWORD minorVersion = (DWORD)(HIBYTE(LOWORD(version)));
   return (version < 0x80000000);
}

BOOL InjectDLL(DWORD ProcessID,char* DLL_NAME)
{
   HANDLE Proc;
   char buf[50]={0};
   LPVOID RemoteString, LoadLibAddy;
   if(!ProcessID)
      return false;
   Proc = OpenProcess(PROCESS_ALL_ACCESS, FALSE, ProcessID);
   LoadLibAddy = (LPVOID)GetProcAddress(GetModuleHandle("kernel32.dll"), "LoadLibraryA");
   RemoteString = (LPVOID)VirtualAllocEx(Proc, NULL, strlen(DLL_NAME), MEM_RESERVE|MEM_COMMIT, PAGE_READWRITE);
   WriteProcessMemory(Proc, (LPVOID)RemoteString, DLL_NAME,strlen(DLL_NAME), NULL);
   CreateRemoteThread(Proc, NULL, NULL, (LPTHREAD_START_ROUTINE)LoadLibAddy, (LPVOID)RemoteString, NULL, NULL);   
   CloseHandle(Proc);

   return true;
} 

DWORD GetPid(char *procName)
{
   PROCESSENTRY32 pe;
   HANDLE thSnapshot;
   BOOL retval, ProcFound = false;

   thSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);

   if(thSnapshot == INVALID_HANDLE_VALUE)
   {
       cout << "Error: unable to create toolhelp snapshot" << endl;
    //  MessageBox(NULL, "Error: unable to create toolhelp snapshot", "Loader", NULL);
      return false;
   }

   pe.dwSize = sizeof(PROCESSENTRY32);

   retval = Process32First(thSnapshot, &pe);

   while(retval)
   {
      if(StrStrI(pe.szExeFile, procName) )
      {
         ProcFound = true;
         break;
      }

      retval    = Process32Next(thSnapshot,&pe);
      pe.dwSize = sizeof(PROCESSENTRY32);
   }
   if (!ProcFound) return 0;
   return pe.th32ProcessID;
}

BOOL LoadDll(char *procName, char *dllName)
{
   DWORD ProcID = 0;

   ProcID = GetPid(procName);

   if(!(InjectDLL(ProcID, dllName)))
   {
       cout << "Process located, but injection failed" << endl;
       _getch();
        exit(1);
   }   //   MessageBox(NULL, "Process located, but injection failed", "Loader", NULL);
   else
   {
       cout << " Injection successfull!" << endl;
       _getch();
   }
   return true;
}


int main()
{
    char* ProcName = "notepad.exe";
    char* DllName = "Main.dll";
    LoadDll( ProcName, DllName );
    return 0;
}

And my dll:

#include <Windows.h>
DWORD APIENTRY DllMain( HMODULE hModule, DWORD ul_reason_for_call, LPVOID lpReserved )
{
    switch( ul_reason_for_call )
    {
    case DLL_PROCESS_ATTACH:
    //  hInstance = (HINSTANCE) hModule;
        MessageBox( 0, "HOHOHOOHOHOHO!", "DLLHOOK", MB_OK );
        return TRUE;
    case DLL_PROCESS_DETACH:
        break;
    }   
    return TRUE;
}

So the main problem is that error.Thanks for answering.

user3125836
  • 7
  • 5

1 Answers1

6

Try adding

#pragma comment (lib, 'Shlwapi.lib')

below your other #includes

Valentin
  • 654
  • 2
  • 7
  • 15
  • Thx it worked, it means, that I added a header and it was without lib file? – user3125836 Dec 21 '13 at 19:34
  • Yeah. it didn't link the lib file. The project doesn't include some libraries for linking by default, so when you use headers that are not commonly used, check to see if the lib files are included in the project. – Valentin Dec 21 '13 at 19:39
  • 2
    'Shlwapi.lib' is a constant, it should be "Shlwapi.lib" only mentioning because of the error visual studio was outputting. – Plixxer May 28 '18 at 02:09