View Full Version : BWLoader (SetWindowsHookEx)

10-01-2006, 11:56 PM
I haven't released, or worked on, anything in awhile which is why I figured I would go ahead and put together this basic dll injector. Sure, I've seen them called a 'rite of passage (http://www.bwhacks.com/forums/showpost.php?p=300260&postcount=2)', among other things, but I call them boredom projects. What's this dll injector have to offer, you ask? Not much more than any other injector does, and if anything, it takes a little more work to use. I chose to use the SetWindowsHookEx method of injection. This method just so happens to require any dll, that a user might want to inject into Brood War, to export a callback function for the WH_CBT message, as if it were a computer-based training application. The exported function name will need to be called "CBTProc" and can be define as so...

// Call your patch function calls, or other function calls
return CallNextHookEx(0, nCode, wParam, lParam);

I chose to hook this message, and title the exported function this name, because I saw somewhere else on these forums that another injector used this same hook and handling function. I figured it would make it easier for users wanting to switch from that injector to this injector (for whatever reason) easy. Well, alright, now that any extra work required to make SetWindowsHookEx compatible dll's has been done for you, go ahead and make some. :-)

This new version of BWLoader will graphically list all dll files within the '.\lib\' dir within the working dir of the executable. In laymans terms, put any dll you want to inject into the \lib\ directory provided in the zip file. If a dll is in there, you'll see it appear on the list view. There's an option to have the loader attempt to automatically inject all of the available dll files when it is ran. Alternatively, you can simply click on the dll you want to inject, and click the inject button. You will notice each dll has a pretty icon beside it. What do these mean?

The golden star means it has been injected properly.
The faint blue star means it has not been injected properly.
The dll icon means there has been no attempt at injecting that dll, yet.

Download here (http://www.rafm.org/files/bwloader.zip)

Now that I have my own loader to work with again, expect some dll files in the near future. Also, I know that I usually release the source code to all of my things. So, I have attached the source code to this post.

Anywho good luck,

10-02-2006, 05:20 PM
Just so you know, and I forgot to mention this to you when we were talking on IRC, it would be wiser to have your launcher hook a DLL that you create which will use LoadLibrary() to load all subsequent DLLs. This will still maintain compatibility down to Windows 98 and will save developers some work.

Mystic Videl
10-02-2006, 05:31 PM
Looks good, but I don't know very much about programming since I'm just now starting with Autoit.

10-02-2006, 06:05 PM
Like perma said. Also, if I were you, to avoid confusing the loading dll with normal hacks, I'd rename the extension to .dat or something for your loader.

10-02-2006, 06:52 PM
Well, that's also an interesting idea. :-P

But, as my application is setup, it allows a user to either inject every available dll upon execution of the loader, or run the loader, then select which dll to inject manually.

Injecting the 'LoadLibrary' worker dll, and then automatically attempting to inject every available dll is simple. How, though, would I be able to continue letting users select which dll to inject manually? I'd require some sort of dll to loader communication.

10-02-2006, 07:16 PM
Yes, it would. Personally I would have the loader attatch your host DLL at startup, which would then load subsequent DLLs, and then be done with it. I don't see much reason to be able to inject at any time; at least not for any practical use.

However, in Telos's version, he used a socket connection to transmit data from his loader to the host DLL.

10-02-2006, 08:00 PM
Well, I can think of one practical use, and it's most likely how I'd use my own injector every time.

What if you have a directory of several hacks prepared to be injected, but only want to inject and test one without having to remove the others so they aren't automatically loaded? This communication feature would be a nice idea, I would think.

10-02-2006, 08:04 PM
If you think it's worth implimenting, by all means. I was just stating that it wouldn't be something that I would personally add to my project.

10-02-2006, 10:57 PM
I noticed a problem when you inject you can't play single player at all and also some mulitplayer games bug up.

10-02-2006, 11:23 PM
Well, it's worth mentioning that I guess I went about this all wrong. I will work on this soon, and fix the small errors mentioned by Perma. Give me some time and this should be correctly implemented.

10-07-2006, 01:49 AM
I have created a new thread related to BWLoader. This thread is no longer current, or supported. BWLoader has changed entirely.