Important: Please read the Qt Code of Conduct - https://forum.qt.io/topic/113070/qt-code-of-conduct

Dll with Qt UI Form to inject in third-party process - Is it possible?



  • Hello, friends :)

    Im new with Qt Creator. Yesterday, i was trying to make a thing for 8 hours, but i failed. I didn't found anything that solves my problem (searched on YouTube, forums, Google and much places).

    What i want?

    • I want to make a Dll with a Qt form. Then, i want to inject this Dll (with a Dll injector) in a third-party process that i dont have the source.
    • Basically, i want to make a Dll with a main window and, when i inject this Dll in a specific process, this window needs to appear (i want to implement controls in this window after).

    I successfully managed about how to do it (create a simple window) but only as exe, but i really need it as a Dll.

    Can someone help me? Please :(



  • @PoisonXD said in Dll with Qt UI Form to inject in third-party process - Is it possible?:

    I successfully managed about how to do it (create a simple window) but only as exe, but i really need it as a Dll.

    Can't believe that you've googled without finding this



  • Hi, Pl45m4, thanks for your reply :)

    Yap, i found these tutorials, but i tried and it doesn't work :(

    The maximum i got after 8 hours of trying was that i made a Dll but, when i tried to inject the Dll in a third-party process at runtime, it fails (the injector gives me 0x000... error, but i know it's not a problem with the injector and i tried with anothers too).

    After this error, i saw in Qt IDE that the Dll project we can create is to use at link-time (so this is why im thinking that it was not "designed" for what i want)

    Sorry, i don't know if you understood me.



  • (Without making any promise whatsoever), @PoisonXD it might help if you posted a link to the injector tool you are using.

    Also, is "0x000" the full error from the tool? Or is there more, such as "0x0000ef03" or something like that? If so, please share the whole error.

    I don't think many people here in this forum are using DLL injectors to inject Qt code into a process that not much is known about (i.e. you do not have the source code of it).

    You say "I know it's not a problem with the injector". On what basis do you know this? I'm willing to buy into that theory (that the problem is not with the injector), but nonetheless knowing more details about the injector would be helpful in any case.

    I don't think your scenario is going to match the expertise of most participants here, but in any case more details are required.



  • Hi, KH :D

    The injector i used was one of the most famous, it's called Xenos Injector.
    I use this injector since much years, and considering my experience with Xenos, i know that when this problem appears, it's because it's an error with the Dll.

    Let's explain a little more:
    Using Qt 5.15.2 with MingW 32-bit compiler (the process i'm trying to inject is 32-bit, this is why it needs to be compiled in x32), in File > New File or Project > Library, i created a C++ Library. The thing is: after tried much things, i saw in the C++ Library description that this project type is to use as "a shared or static C++ Library for use with another project at linktime". Basically, it said all: it's to use at linktime, and not with an injector in a runtime program.
    After it, i tried to search for another Dll project type in Qt Creator, but we only have "Qt Quick 2 Extension Plugin" and "Qt Creator Plugin", so i think this is not what i want.

    The error the injector gives me when i inject the Dll is: 0xC0000135. I searched about this error on Google and it says it's netframework related, but i already have it installed here.

    Important note: the process isn't protected against Dll-injection or something like this. I already tested it with another Dll's for a long time.

    Someone knows something about it? :\



  • @PoisonXD said in Dll with Qt UI Form to inject in third-party process - Is it possible?:

    it's to use at linktime, and not with an injector in a runtime program

    This does seem important.

    "At linktime" seems unambiguous to me. But the hypothetical (text that does not appear in your IDE but that would hypothetically say) "for use with an injector"....

    "for use with an injector" would be a bit ambiguous to me. (But this could be entirely due to my ignorance of injectors.)

    Are DLL(s) that are meant to be "optional plugins" that the EXE is designed to open with dlopen or (on windows) GetModuleHandle or LoadLibrary.... are those sorts of plugins suitable for use in injectors?

    Qt definitely has a broader concept of plugins than just Qt Quick Extensions.

    However, the more significant Qt plugins are meant to me built by framework developers (as opposed to a Qt user that would typically be an end-user application developer). So for this reason (in my understanding) it is the case that Qt Creator (for application developers) does not have a template for the framework plugins.

    But if you look at wherever the Qt framework is installed on your system, you may find many plugins such as:

    qt5_dbg_install/plugins
    ├── audio
    │   ├── libqtaudio_alsa.so
    │   └── libqtmedia_pulse.so
    ├── imageformats
    │   ├── libqgif.so
    │   ├── libqicns.so
    │   ├── libqico.so
    │   ├── libqjpeg.so
    │   ├── libqpdf.so
    │   ├── libqsvg.so
    │   ├── libqtga.so
    │   ├── libqtiff.so
    │   ├── libqwbmp.so
    │   └── libqwebp.so
    ├── platforms
    │   ├── libqeglfs.so
    │   ├── libqlinuxfb.so
    │   ├── libqminimalegl.so
    │   ├── libqminimal.so
    │   ├── libqoffscreen.so
    │   ├── libqvnc.so
    │   ├── libqwayland-egl.so
    │   ├── libqwayland-generic.so
    │   ├── libqwayland-xcomposite-egl.so
    │   ├── libqwayland-xcomposite-glx.so
    │   └── libqxcb.so
    ├── printsupport
    │   └── libcupsprintersupport.so
    

    These are loaded after the executable is launched. In other words, loaded at runtime.

    But that supposes the that executable in question is a Qt-dependent executable in the first place.

    I guess you didn't explicitly mention that yet....

    • The process into which you attempt the injection... is that process any kind of Qt executable?

    If not, then your injected code would (I believe) need to run a Qt event loop. Normally that would be done in the application's main.

    Anyway, if you have built other C++ DLL(s) that are getting injected successfully, then I would start from one of those as your starting point, and attempt to add some "sprinkle" of Qt gradually. For example, take a DLL that is working, and link it against only libQt5Core, and initially only try to call something like qVersion as a way of saying "hello world, there is some tiny bit of Qt happening in my code now".

    (reference: https://doc.qt.io/qt-5/qtglobal.html#qVersion )

    Once you get that working (an injectable DLL linked to libQt5Core and calling qVersion), then you can grow the effort outward from there.

    Note that when I say to start from some other C++ DLL you built that does behave "injectably", I would also recommend that you continue using whatever kind of makefile and build chain you used for that DLL. You don't have to switch to Qt Creator (or even to qmake) to link your project against Qt.



  • Are DLL(s) that are meant to be "optional plugins" that the EXE is designed to open with dlopen or (on windows) GetModuleHandle or LoadLibrary.... are those sorts of plugins suitable for use in injectors?

    Nop

    But that supposes the that executable in question is a Qt-dependent executable in the first place.
    I guess you didn't explicitly mention that yet....
    The process into which you attempt the injection... is that process any kind of Qt executable?

    Nop, it was not made with Qt.

    If not, then your injected code would (I believe) need to run a Qt event loop. Normally that would be done in the application's main.

    Im really really dumb with Qt, but i will try to do something with this information. It's just sad because i can't find any example of what i want :(

    Thanks


Log in to reply