Grand Theft Auto 5

Grand Theft Auto 5 (GTA V): Xenos Injector (v2.3.2) [x86.x64]

Описание и инструкции

Актуальная версия Xenos Injector обновленная для Windows10 RS4, данное обновление стало официально доступно 30 апреля 2018 года. Особенности:Работает на Windows 7 и и заканчивая 10. Поддерживает процессы и модули x86 и x64. Инжект изображений в процессы. Полная настройка инжекта под Ваши личные цели. Закрытие сразу после инжекта. Возможность выбрать процесс, в который нужно будет заинжектить перед тем, как его запустить. Как использовать:Открыть инжектор от имени администратора. Выбрать в графе Process нужный Вам процесс, в который вы собираете инжектить. Далее нажать на кнопку Add и выбрать нужный Вам .dll файл для инжекта. Нажмите Advanced. В разделе Native Injection Options отметьте Unlink module и Erase PE Headers. В разделе General Options сделайте Inject Delay равным 11900 и Inject Interval равным 750. Нажмите ОК. Нажмите Inject и запустите игру.


- Win10 RS4 update support

- Win10 Fall Creators update support
- STATUS_UNSUCCESSFUL codes refactored
- Bug fixes

- Win10 Creators Update support
- Unified injection and manual mapping (injector -> target) : x86->x86, x64->x64, x86->x64, x64->x86
- Bug fixes, stability improvements

- Bug fixes, stability improvements

- Win 10 10586 driver compatibility
- Minor GUI usability fixes
- Create process: working dir changed

- Command line options
- Separate x86/x64 profiles
- Pure IL exe manual mapping

- VS 2015 runtime
- Win10 RTM support

- Win10 build 9926 support
- Win8.1 bug fixes

- Fixed BSOD under win7 and win8.1 systems
- Major kernel manual map bug fixes
- Kernel logs

- Some logging

- Kernel manual map for user-mode dlls
- Process handle access rights escalation

- New GUI
- Injection image list
- Auto-injection
- Injection profiles
- Injection delay timers
- Kernel injection improvements - module unlinking and init routine invocation
- Win10 tech preview support

- ManuapMap: 'Hide mapped memory region' flag
- Manual map of system drivers
- Self-protection option (Tools -> Protect self)
- Improved injection into suspended process
- 'Close after injection' flag

- Kernel injection methods
- Various bug fixes

- Save/load last programm configuration
- Added command line for process launcher
- ManualMap: Discardable sections aren't mapped now (e.g. ".reloc")

- Added module view
- Module unloading

- Fixed bug with remote memory deallocation after manual mapping
- Exception handler aren't created now if process has DEP turned off.


Process selection:
Existing - select existing process from the list
New - new process will be launched before injection
Manual launch - after pressing 'Inject' button, injector will wait for target process startup
List of images you want inject
Add - add new image to the list. Drag'n'drop is also supported
Remove - remove selected image
Clear - clear image list

Advanced options:Injection type:
Native inject - common approach using LoadLibraryW \ LdrLoadDll in newly created or existing thread
Manual map - manual copying image data into target process memory without creating section object
Kernel(New thread) - kernel mode ZwCreateThreadEx into LdrLoadDll. Uses driver
Kernel(APC) - kernel mode APC into LdrLoadDll. Uses driver
Kernel(Manual map) - kernel manual mapping. Uses driver

Native Loader options:
Unlink module - after injection, unlink module from InLoadOrderModuleList, InMemoryOrderModuleList, InInitializationOrderModuleList, HashLinks and LdrpModuleBaseAddressIndex.
Erase PE - after injection, erase PE headers
Use existing thread - LoadLibrary and init routine will be executed in the context of random non-suspended thread.

Manual map options:
Add loader reference - Insert module record into InMemoryOrderModuleList/LdrpModuleBaseAddressIndex and HashLinks. Used to make module functions (e.g. GetModuleHandle, GetProcAddress) work with manually mapped image.
Manually resolve imports - Image import and delayed import dlls will be also manually mapped instead of being loaded using LdrLoadDll.
Wipe headers - Erase module header information after injection. Also affects manually mapped imports.
Ignore TLS - Don't process image static TLS data and call TLS callbacks.
No exception support - Don't create custom exception handlers that enable out-of-image exception support under DEP.
Conceal memory - Make image memory visible as PAGE_NO_ACESS to memory query functions

Command Line:
Process command line arguments

Init routine:
If you are injecting native (not pure IL) image, this is name of exported function that will be called after injection is done. This export is called as void ( __stdcall* )(wchar_t*) function.
If you are injecting pure managed image, this is name of public method that will be executed using ICLRRuntimeHost::ExecuteInDefaultAppDomain.

Init argument:
String that is passed into init routine

Close after injection:
Close injector after successful injection

Inject delay:
Delay before injection start

Inject interval:
Delay between each image

Escalate handle access:
Bypass handle acess filters. Driver is required

Menu options:

Profiles->Load - load injection profile
Profiles->Save - save current settings into profile

Tools->Eject modules - open module ejection dialog
Tools->Protect self - make injector process protected (driver required)

Command line options:
--load - start injector and load target profile specified by
--run - immediately execute profile specified by without GUI

Kernel injection methods require system running in Test mode.

Комментарии (9)