Skip to content
This repository has been archived by the owner on Sep 15, 2024. It is now read-only.

MellowNight/2D-Injector

Repository files navigation

2D-injector

2D Injector: An AetherVisor-based DLL injector.

In the proof of concept code, I use NPT to stealthily map an unsigned payload DLL in the same address space as OWClient.dll (Overwolf's overlay DLL). Not only does the 2D injector bypass memory permission scans and DLL certificate checks, but it also renders the payload DLL invisible and unreadable.

This was tested and is undetected on Fortnite and EFT, but the major caveat was injector caused FPS drops with cheats.

I can see this being used for things other than cheating, such as debugging heavily protected apps or hiding from EDR.


image


FULL INFORMATION HERE: https://mellownight.github.io/BEInjector.html

Acknowledgements:

To red0x0002 https://www.github.com/red0x0002 : Thank you to for helping me test the injector and giving me tips.

USAGE:

  1. Compile AetherVisor.sys: https://github.com/MellowNight/AetherVisor
  2. Compile Injector-driver
  3. Compile Injector-client with three parameters in injection_info.h : HOST_DLL_PATH, HOST_DLL_NAME, and ENTRYPOINT_NAME
  4. kdmapper.exe AetherVisor.sys
  5. kdmapper.exe injector-driver.sys
  6. Run Injector-client as administrator
  7. Follow the prompt, provide the target PID and path to your own cheat DLL

About

Hiding unsigned DLL inside a signed DLL

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Contributors 3

  •  
  •  
  •