UnKnoWnCheaTs - Multiplayer Game Hacks and Cheats> Anti-Cheat Software & Programming> General Programming and Reversing
[Release] Extreme Injector v3.7
sponsored advertisement
Thread Tools
Extreme Injector v3.7.3
28th April 2017, 12:31 PM
#1
God-Like
Posts: 165
Extreme Injector v3.7.3
Extreme Injector v3.7.3 A powerful and advanced injector in a simple GUI! If you're wondering, this was coded in C#. Features: - Colourful and customizable GUI - Process List - Multi-DLL injection (with options to enable/disable DLLs to inject) - Auto-Inject - Stealth Inject - Close on inject - DLL Scrambling (scrambles DLLs on injection to make hacks harder to detect and make detected hacks work again) - 'Un-inject' DLLs - Mutiple injection methods (Standard, LdrLoadDll Stub, LdrpLoadDll Stub, Thread Hijacking and Manual Map) - Drag and drop support - 64-bit injection support - Automatic Visual C++ depedency installer - Execute exported functions after injection How to use: - Download and extract the attachment - Run Extreme Injector v3.exe - (optional) Click Settings and then Start in Secure Mode to avoid Anti-Cheat detection of the injector itself. - Type in a process name into the box (including the extension). If you want to target a specific process or select by window name, use the Select button. - (Note) If you are injecting into Combat Arms, make sure to type in Engine.exe - Add the DLLs you want by clicking on the Add DLL button. You can also drag and drop them into the DLL list. - You can disable/enable which DLLs to inject so you can keep your favourite DLLs without needing to find them each time. - Go into Settings and customise the settings to your liking. Everything should be straight forward (do not mess around with Advanced settings unless you know what you are doing). - (Note) If you are injecting into Combat Arms, make sure to tick Auto-Inject and start the game. - Click Inject and enjoy! (or wait for the process to start and let it auto-inject if you ticked auto-inject) Please explain the Injection Methods! This version of the injector introduces 2 new injection techniques. - Standard - This is the injection technique used in nearly every injector out there. It uses CreateRemoteThread and LoadLibrary and is the most reliable injection technique. - LdrLoadDll Stub - This is similar to the Standard injection technique except it goes 1 level deeper into LoadLibrary. - LdrpLoadDll Stub - This goes even another level deeper into LdrLoadDll. It may crash or cause errors on OSes newer than Windows 10 as it can change. - Thread Hijacking - This is a pretty stable method of injection that takes over already executing code to inject your DLL and is not used by many injectors. - Manual Map - This is the most secure injection technique. So secure that even Windows won't even know about the injected DLL. It may not work properly on OSes newer than Windows 10, you will be told what to do by the injector in that case. Please explain the Scramble Options! With the new version of Extreme Injector v3, there are way too many options to explain so I've created handy presets to make things easier: None - As the name implies, this means that DLL scrambling is disabled completely. Basic - This applies basic scrambling that should work with most DLLs. Standard - This applies even more scrambling options that should work with most DLLs. Extreme - Applies all scrambling options (the best/strongest preset) that could break some DLLs but should work with most. Please explain the Post-Inject Options! These post-inject techniques are often seen within hacks to try prevent detection from anti-cheats but this injector can do it externally if the hack doesn't do it already. - Erase PE - This erases the PE headers at the start of the injected DLL, making it hard for anti-cheats to identify that a DLL exists at a specific location. - Hide Module - This hides the DLL from the process' module list so if an anti-cheat were to search through a process' module list, it would not appear. Warning: Most modern anti-cheats these days can still easily detect DLLs even with these options enabled. The most secure method would be using manual map. Known bugs/limitations: - Thread Hijacking is not supported at all on XP 64-bit. - LdrpLoadDll has only been tested on XP, Vista, 7, 8, 8.1 and 10. It will probably not work on anything newer than that. - 'Create new entrypoint' under scrambling advanced options does not support 64-bit DLLs. When using 'Start in Secure Mode'.. If your anti-virus detects a threat/virus when you click on it, please ignore it or temporarily disable your anti-virus, it's a false positive. I would never infect any users with anything. Note that you should NOT add an exclusion to the Temp folder as any REAL viruses that emerge there might get through. Injection failed..? Try another injection method and see what happens. Feel free to take a screenshot or copy and paste the error message here so I can look into it. Make sure to mention what OS you are running. OMG, why is the injector connecting to the internet? So people can stay up to date, I've added a simple update check which connects to GitHub. It does not offer any direct links or download anything by itself. What's the Visual C++/DirectX depedency installer? What is the exported functions feature useful for? Please refer to the wiki entry on Github for more information. Requirements: .NET Framework 4 What's new?
Changes since version 3.7.3 (10th November 2017): - Fixed leaky handle from WOW64 checks (#10) Changes since version 3.7.2 (23rd October 2017): - Fixed manual map support for Windows 10 Fall Creators Update Changes since version 3.7.1 (5th October 2017): - Fixed crashing when injector is run with .NET Framework 4.7 - Added manual map support for Windows 10 Insider Preview Build 17004 Changes since version 3.7 (28th April 2017): - Fixed manual map and LdrpLoadDll support for Windows 10 Creators Update - Fixed critical bug relating to imports resolution (issues when the same module is imported multiple times) - Fixed bug that led to many handles being opened unintentionally - Migration of Visual C++ resources and version checking to GitHub for more transparency Changes since version 3.6 (5th September 2015): - Fixed manual map support for Windows 8.1 (for real this time) - Updated file host for Visual C++ dependencies - Added more aggressive dependency resolving of Microsoft DLLs (fixes SystemFunction036 in advapi32.dll) Changes since version 3.5/3.5.1/3.5.2 (31st July 2015): - Fixed exception that occurs on DEP enabled processes on Windows 10. - Fixed bug with GUI under Advanced Options for injection. - The Disable SEH Validation option now actually does what it says. - Fixed critical bug relating to code that resolves exports for Windows 10 modules. - Fixed bug where exception would be thrown when no export function parameters were specified. - Fixed manual map support for Windows 8.1 (broken in 3.4). Changes since version 3.4 (29th July 2015): - General stability fixes (crashes with 64-bit). - Updated compatbility with Windows 8.1 and 10 (blame Microsoft and their compatibility 'fixes'). - Secure Mode now closes previous instance. - Fixed critical bug that would have prevented hacks using exception handlers (mainly packed/protected DLLs) from working in manual map mode. - Added DirectX dependency detection. - Added the ability to call exported functions after injection (use the .. button next to the listed DLL) - Added a simple update notification. Changes since version 3.3 (17th June 2014): - Fixed bug where 1 CPU core was used because the injector was waiting for *itself* to close (no, it wasn't because of a RAT). - Fixed bug where attempting to unload a module on a 64-bit process resulted in an exception. - Fixed bug where the injector threw an exception from writing a scrambled DLL that was in use. - Added support for LdrpLoadDll on Windows 8.1 Update 1 (64-bit). - Added missing dependency required for ZIP extraction to work correctly (made the injector crash during Visual C++ Debug dependency installation). - Added a threads list to the process information window. - Added a new 'Strip section characteristics' option to the Extreme preset of scrambling options. - Added a new 'Shift section memory' option to the Extreme preset of scrambling options, should *significantly* improve the ability for hacks to evade anti-cheat detection. This option is much more powerful on 32-bit DLLs, but is still somewhat effective on 64-bit DLLs. Changes since version 3.2 (9th June 2014): - Fixed bug where auto-inject did not seem to work - Addressed possible crashing from messages failing to display during injection Changes since version 3.1 (3rd June 2014): - Fixed bug where a message box would appear randomly if a Visual C++ dependency was missing (leftover from testing code) - Fixed bug where selecting 'No' from the prompt under Advanced in Injection Method would untick the wrong box - Injector now displays a message box saying that injection was successful Changes since version 3.0 (31st May 2014): - Complete rewrite from scratch (same and familiar look from previous versions) - All injection techniques are now 100% compatible with 64-bit DLLs - Drag-and-drop fixed when run as administrator on newer OSes - Automatically elevates without asking if it knows you have administrator rights - Better scaling on displays with a DPI higher than 96 - Added a Visual C++ Dependency Installer - Manual map now supports DLLs that use SEH to work (better packer support, eg. Themida, Enigma, etc) - New injection technique: LdrpLoadDll - Better exception/error reporting - New scrambling engine, more scrambling methods - Removed 'Append Random Data' as it just wasted disk space and is ineffective - Improved detection of different OS versions - Dynamic assembly code generation (powered by AsmJit) - Seperate process, thread and window manager, does not rely on .NET Process class anymore - 'Start in Secure Mode' creates an even more 'secure' instance of Extreme Injector
Credits: DarthTon - Better manual map code (originally coded in C++, ported to C# by me, licensed under MIT). Darawk - Thread hijacking code concept. If your anti-virus detects this as a virus, ignore it or add an exclusion. It is not a virus, you can run it under a sandbox and log every single thing it does, it's harmless. Once the injector gets more popular, it will be labelled as 'riskware'. This means that using it can be risky because the DLLs you inject could be malicious. I am not responsible for the hacks you download. If you get 'System.Expection: The injection method used returned NULL', please right-click on the DLL you are injecting > Properties > Unblock > OK or use Manual Map injection. Note to moderators: All dependencies are tied to a specific GitHub commit and thus are not prone to tampering. Please refer here for the full list of URLs utilised by v3.7.3. Update checking is performed via the repo. To verify this, I highly encourage using Fiddler with HTTPS decryption enabled to verify these claims. Download ~gone
Last edited by SzwagiAQN; 20th February 2018 at 03:33 AM.Reason: made it obvious that new link isnt 3.7.3
master131 is offline
28th April 2017, 01:25 PM
#2
Super l337
Location: water
Reputation: 342 Rep Power: 100
Level up: 25%, 829 Points needed
Thanks, but i have a question, i got this error :
__________________
My soundcloud
Mistygris is offline
28th April 2017, 01:48 PM
#3
UnKnoWnCheaTeR
Location: I like sheep
Reputation: 9343 Rep Power: 237
Level up: 1%, 2,386 Points needed
__________________
Last edited by ummbop; 28th April 2017 at 02:40 PM.
ummbop is offline
28th April 2017, 01:54 PM
#4
Super l337
Location: water
Reputation: 342 Rep Power: 100
Level up: 25%, 829 Points needed
__________________
My soundcloud
Last edited by Mistygris; 28th April 2017 at 02:05 PM.
Mistygris is offline
28th April 2017, 02:32 PM
#5
God-Like
Join Date: Nov 2011
Reputation: 6115 Rep Power: 191
Originally Posted by Mistygris
Thanks, but i have a question, i got this error : https://image.noelshack.com/fichiers..sans-titre.png
v3.7 hasn't been approved yet. The imports resolution bug fix might resolve that problem. Also, I've fixed that problem where the function name appears as ' since it should be an ordinal.
master131 is offline
28th April 2017, 02:53 PM
#6
Super l337
Location: water
Reputation: 342 Rep Power: 100
Level up: 25%, 829 Points needed
Originally Posted by master131
v3.7 hasn't been approved yet. The imports resolution bug fix might resolve that problem. Also, I've fixed that problem where the function name appears as ' since it should be an ordinal.
I would like to know how you did the LdrpLoadDll injector. Google gave me nothing, even after scouring a few pages. I would like to know how you did the LdrpLoadDll injector. Google gave me nothing, even after scouring a few pages.
Aoba Fuse is offline
28th April 2017, 07:43 PM
#9
UC Supporter
Location: Earth
Reputation: -871 Rep Power: 0
ironer1 is offline
28th April 2017, 07:49 PM
#10
Member
Posts: 63
Level up: 10%, 720 Points needed
Would you care to elaborate on what exactly your Dll-Scrambling option is doing?
waiban is offline
28th April 2017, 07:57 PM
#11
str8 nubcake
Location: c://Users
Reputation: 992 Rep Power: 64
Level up: 57%, 388 Points needed
__________________
YappaDroppa is offline
28th April 2017, 08:01 PM
#12
Staff Disrespect / Violation - Rule #4
Location: Gas Chamber
Reputation: 5004 Rep Power: 0
sasai is offline
28th April 2017, 11:20 PM
#13
God-Like
Join Date: Nov 2011
Reputation: 6115 Rep Power: 191
Originally Posted by waiban
Would you care to elaborate on what exactly your Dll-Scrambling option is doing?
The advanced button should give an idea of the features that are carried out.
Originally Posted by Aoba Fuse
I would like to know how you did the LdrpLoadDll injector. Google gave me nothing, even after scouring a few pages. I would like to know how you did the LdrpLoadDll injector. Google gave me nothing, even after scouring a few pages.
It's an undocumented Windows function that varies between OS versions and is not exported by any modules. Windows debugging symbols are your friend.
Last edited by master131; 28th April 2017 at 11:32 PM.
master131 is offline
29th April 2017, 12:33 AM
#14
Member
Location: Coconut Tree
Reputation: 10 Rep Power: 71
Level up: 23%, 545 Points needed
Originally Posted by master131
It's an undocumented Windows function that varies between OS versions and is not exported by any modules. Windows debugging symbols are your friend.
how can you call it if it ain't exported? how windows debugging symbols help you?
Aoba Fuse is offline
30th April 2017, 12:27 PM
#15
n00bie
Location: USA
Reputation: 10 Rep Power: 51
Level up: 75%, 126 Points needed
Why is it that chrome detects 3.7 as a virus but the other versions aren't detected as virus? O.o Nevermind. It seems it was my Windows anti-virus causing chrome to block it as virus. Solved it. Thanks for creating this awesome program.
oreoclouds is offline
1st May 2017, 10:32 AM
#16
Member
Location: VM
Reputation: 414 Rep Power: 135
Level up: 66%, 314 Points needed
Good to see you working again on the injector! +rep
__________________
RoPMadM is offline
2nd May 2017, 11:46 AM
#17
n00bie
Posts: 11
Level up: 78%, 154 Points needed
windows defender tells me there is Trojan: Win32/Fuery.B!cl inside this program.
ravenul is offline
2nd May 2017, 12:56 PM
#18
n00bie
Posts: 3
Detected as Virus. I have to disable AV first
rbednarski is offline
2nd May 2017, 02:15 PM
#19
UnKnoWnCheaTeR
Location: 32.010195,118.719278
Reputation: 17789 Rep Power: 183
Level up: 81%, 540 Points needed
Originally Posted by ravenul
windows defender tells me there is Trojan: Win32/Fuery.B!cl inside this program.
Originally Posted by rbednarski
It's not virus. Read how we analyze files HERE
__________________
[3:46 PM] estk: std::to_wstring = bad code gen, a LOT slower than swprintf [3:46 PM] estk: hope he's using exceptio n handling if he's using container.at() [3:48 PM] estk: float division is slower than multiplication, divide by 100.f is same as multiply by .01
PolandCheater is offline
3rd May 2017, 10:54 PM
#20
n00bie
Location: U.S.A.
Reputation: -79 Rep Power: 0
Level up: 99%, 3 Points needed
How to use this for Battlefield 1?
underlyingboss3 is offline
Similar Threads
Thread
Thread Starter
Forum
Replies
Last Post
[Release] Extreme Injector v2 by master131
Oberon511
All Points Bulletin
23
12th June 2014 04:42 PM
[Help] Extreme Memory Injector V2
hylke35
ARMA 2
1
9th April 2014 02:07 PM
extreme injector
bhr166
Battlefield 4
8
18th February 2014 09:32 PM
[Help] Zea's aimbot [extreme injector]
jonathan1764
Battlefield Play4Free
3
6th May 2013 06:07 AM
[Help] Extreme Injector Error
maximalneraffee
Battlefield Play4Free
5
11th January 2013 02:09 PM
Tags
injection, dlls, fixed, injector, dll, bug, version, options, added, process
«Previous Thread Next Thread»
All times are GMT. The time now is 03:35 PM.
Posted by4 years ago
Archived
Open Extreme Injector v3. Far Cry 4 Minimum. Your thred is useless.as yea it deals with cracking the.exe of the game to run like crap on an out. I was using extreme injector v3 to inject dualcore.dll and easyhook64.dll in farcry4.exe and it was working fine but after upgrading to windows. Far Cry 4 Dual Core Fix. Called Extreme Injector V3 wich you install in your base. Processes >> Select the Extreme Injector.exe file and.
Far Cry 4 - Fix black screen issue on dual/triple/quad core CPUs and optimize performance
Alright so most of you will be familiar with the new fix for dual core that has surfaced, and it works great. For those who don't know, here you go: https://kickass.so/far-cry-4-dual-core-fixer-unlocker-t9894528.html Now the problem is that if you have a triple or quad core CPU and you get black screen (although highly unlikely on quad cores) and the above fix seems to start the game, the game will only utilize the first 2 cores out of your 3/4 cores.
To fix this, follow these steps: Cisco asa license key generator.
Start the game with the injector as instructed with the fix (go to above link)
Now if you monitor using MSI Afterburner you'll see only 2 cores are loaded up, rest are idle.
3. Alt + Tab out of the game. Move dualcore.dll from the 'bin' folder to somewhere else
Remember to cut not copy, there should be no dualcore.dll in 'bin' folder.
4. Run Extreme Injector v3.exe 5. Go to settings 6. In the bottom right, click on 'View Process Information' under Tools. A window will open which will show all the processes loaded by Far Cry. 7. Scroll down till you find dualcore.dll. Select it and press the unload button in the bottom right.
Now that the dll is unloaded, the game can load up all cores available. But it won't do it yet.
8. Open Task Manager 9. Go to details (for Windows 8/8.1/10) 10. Right click farcry4.exe and select affinity 11. Deselect core 0 and core 1. Click OK. Wait for a couple of seconds. 12. Right click farcry4.exe and select affinity again. This time select all cores and click OK.
And that's about it. You can monitor in-game that all cores are being utilized. I know it's quite a lengthy process, but well it's that or buy a new PC.
On a side note, the game performs surprisingly well. I'm running an AMD Phenom X3 8750B, 4GB, and a GTX 650 1GB OC'ed to 1.25 GHz, and at 1440x900 (my native res), all settings high, shadows and post fx low, fur on, foliage on, I get a solid 30-45 fps. And in extremely demanding situations, it drops to as low as 20-25 fps but never below that. After Watchdogs and AC Unity, I wasn't expecting to run this game at all, let alone at a playable frame rate.
And I know my CPU is a bottleneck, all three cores stay at 85-100% at all times and sometimes even my GPU usage falls due to CPU bottlenecking, but heck, I ain't even mad, it's amazing I'm getting a playable experience at high settings.
I hope I've helped you in some way. Have fun in Kyrat!