Xenos Injector v2.3.2 – Injector

Published: March 18, 2023/Others
  • Developer:
DarthTon
  • Version:
v2.3.2
UNDETECTED
Xenos Injector
0
0
  • Report
  • Table Of Index

This is one of the best free Undetected Xenos snapshots currently working! I use this medicine for every lie I have to inject. I only use it for GTA V, Fall Guys, CSGO, EFT, and many other popular games. Xenos Injector is a very good injector. Good place if you are looking for the latest version of Xenos injectors or generic injectors.

We recommend all modder use this Xenos injector to inject their DLL files. Since it is extremely easy to use and always works perfectly, I have never had any problems with this injector. The sweet part is its undetected injector, and it’s useful for many games.

Key Features

  1. Supports x86 and x64 processes and modules
  2. Kernel-mode injection feature (driver required)
  3. Manual map of kernel drivers (driver required)
  4. Injection of pure managed images without proxy dll
  5. Windows 7 cross-session and cross-desktop injection
  6. Injection into native processes (those having only ntdll loaded)
  7. Calling custom initialization routine after injection
  8. Unlinking module after injection
  9. Injection using thread hijacking
  10. Injection of x64 images into the WOW64 process
  11. Image manual mapping
  12. Injection profiles

Manual map features

  1. Relocations, import, delayed import, bound import
  2. Static TLS and TLS callbacks
  3. Security cookie
  4. Image manifests and SxS
  5. Make the module visible to GetModuleHandle, GetProcAddress, etc.
  6. Support for exceptions in private memory under DEP
  7. C++/CLI images are supported (use ‘Add loader reference’ in this case)

Kernel manual map features are mostly identical to user mode with few exceptions

  1. No C++ exception handling support for x64 images (only SEH)
  2. No static TLS
  3. No native loader compatibility
  4. Limited dependency path resolving. Only API set schema, SxS, target executable directory, and system directory
  5. Supported OS Win7 — Win10 x64

Additional notes

Injector has 2 versions — x86 and x64. Apart from obvious features, the x86 version supports the injection of x64 images into x64 processes; the x64 injector supports the injection of x86 and x64 images into WOW64 processes. However, this is only valid for native images. If you want to inject a pure managed DLL — use the same injector version as your target process.

The injection of x64 images into the WOW64 process is totally unpredictable. If you want to do this I would recommend using manual mapping with the manual imports option, because the native loader is more buggy than my implementation in this case (especially in Windows 7).

Restrictions

  • You can’t inject a 32-bit image into an x64 process.
  • Use the x86 version to manually map 32-bit images and the x86 version to map 64-bit images.
  • You can’t manually map pure managed images, only native injection is supported for them.
  • May not work properly on x86 OS versions.
  • Kernel injection is only supported on x64 OSes and requires Driver Test signing mode.

Process selection:

  • Existing — select an existing process from the list.
  • New — the new process will be launched before the injection.
  • Manual launch — after pressing the ‘Inject’ button, the injector will wait for the target process startup.

Images

  • List of images you want inject
  • Add — add a new image to the list. Drag’n’drop is also supported.
  • Remove — remove the selected image.
  • Clear — clear image list.

Advanced options

Injection type

  • Native inject — a common approach using LoadLibraryW LdrLoadDll in a newly created or existing thread.
  • Manual map — manually copying image data into target process memory without creating a section object.
  • Kernel(New thread) — kernel mode ZwCreateThreadEx into LdrLoadDll. Uses driver.
  • Kernel(APC) — kernel mode APC into LdrLoadDll. Uses driver.
  • Kernel(Manual map) — kernel manual mapping. Uses driver.

Native Loader options:

  • Unlink module — after injection, unlink the module from InLoadOrderModuleList, InMemoryOrderModuleList, InInitializationOrderModuleList, HashLinks, and LdrpModuleBaseAddressIndex.
  • Erase PE — after injection, erase PE headers.
  • Use existing thread — LoadLibrary and init routine will be executed in the context of the random non-suspended thread.

Manual map options:

  • Add loader reference — Insert module record into InMemoryOrderModuleList/LdrpModuleBaseAddressIndex and HashLinks. Used to make module functions (e.g., GetModuleHandle, GetProcAddress) work with the manually mapped images.
  • Manually resolve imports — Image import and delayed import dlls will be also manually mapped instead of being loaded using LdrLoadDll.
  • Wipe headers — Erase module header information after injection. Also affects manually mapped imports.
  • Ignore TLS — Don’t process image static TLS data and call TLS callbacks.
  • No exception support — Don’t create custom exception handlers that enable out-of-image exception support under DEP.
  • Conceal memory — Make image memory visible as PAGE_NO_ACESS to memory query functions

Command Line

Process command line arguments

Init routine:

  1. If you are injecting a native (not pure IL) image, this is the name of the exported function that will be called after the injection is done. This export is called a void (__stdcall)(wchar_t) function.
  2. If you are injecting a pure managed image, this is the name of the public method that will be executed using ICLRRuntimeHost::ExecuteInDefaultAppDomain.

Init argument:

  1. A string that is passed into the init routine

Close after injection:

  1. Close injector after successful injection

Inject delay:

  1. Delay before injection start

Inject interval:

  1. The delay between each image

Menu options:

Profiles⇒Load — load injection profile
Profiles⇒Save — save current settings into the profile

Tools⇒Eject modules — open module ejection dialog
Tools⇒Protect self — make injector process protected (driver required)

Command line options:
–load — start injector and load target profile specified by
–run — immediately execute profile specified by without GUI

Kernel injection methods require the system to run in Test mode.

Common problems

  1. Failed to load BlackBone driver.
  2. A process has requested access to an object but has not been granted those access rights.
  3. Injection failed with error code 0xC0000225. Injector failed to resolve one or more dll dependencies. Make sure you have all required dlls and proper CRT libraries. In the case of kernel manual mapping, dependencies should be placed near the target process executable or in the system32 (SysWOW64 for 32-bit processes) folder.

How to use Xenos Injector

  • Download the zip archive, which contains the injector itself. You can start the download process by clicking the lime download button at the bottom of this post.
  • Open Xenos Injector Run As Administrator.
  • Select the process for which game you want to insert the DLL.
  • Click “Add” to add the required DLL.
  • Click on “Advanced
  • In the Native Injection Options section, select Unlink Module and Remove PE Headers.
  • In the General Options section, set the Injection Interval to 11900 and the Injection Interval to 750.
  • Click OK
  • Click on the button and launch the contest.
Source Code
  • The file has been verified!
September 6, 2024
  • Version:
v2.3.2

Leave the first comment

Agree to our Privacy Policy and Safety Policy before downloading!