Refactor build configuration and update main executable logic for GhostInjector

Author: woldann

.github/workflows/build.yml

@@ -7,6 +7,9 @@ on:
     branches: [ main, master ]
   workflow_dispatch:
 
+permissions:
+  contents: write
+
 jobs:
   build-windows-msvc:
     runs-on: windows-latest
@@ -27,32 +30,93 @@ jobs:
     - name: Build
       run: |
         cmake --build build --config Release
+        
+    - name: Rename executable
+      run: move build\Release\ghostinjector-*.exe build\Release\ghostinjector.exe
 
     - name: Check DLL dependencies
       shell: pwsh
       run: |
         Write-Host "=== Executable Info ==="
-        Get-ChildItem -Path build\Release\ghostinjector-*.exe | ForEach-Object {
+        Get-ChildItem -Path build\Release\ghostinjector.exe | ForEach-Object {
           Write-Host "File: $($_.Name)"
           Write-Host "Size: $([math]::Round($_.Length / 1MB, 2)) MB"
           Write-Host ""
         }
         Write-Host "=== Checking for MSVC Runtime Dependencies ==="
-        Write-Host "Note: This executable requires Visual C++ Redistributable (vcruntime140.dll, msvcp140.dll)"
+        Write-Host "Note: This executable requires Visual C++ Redistributable (vcruntime140.dll)"
     
     - name: Upload artifact
       uses: actions/upload-artifact@v4
       with:
         name: ghostinjector-windows-x64-msvc
-        path: build/Release/ghostinjector-*.exe
+        path: build/Release/ghostinjector.exe
         if-no-files-found: error
-        retention-days: 30
+        retention-days: 90
+    
+    - name: Get executable name
+      id: get-exe-name
+      shell: pwsh
+      run: |
+        $exePath = Get-ChildItem -Path build\Release\ghostinjector.exe | Select-Object -First 1
+        echo "exe-name=$($exePath.Name)" >> $env:GITHUB_OUTPUT
+        echo "exe-path=$($exePath.FullName)" >> $env:GITHUB_OUTPUT
+    
+    - name: Create/Update Latest Release
+      if: github.ref == 'refs/heads/main' && github.event_name == 'push'
+      uses: softprops/action-gh-release@v2
+      with:
+        tag_name: latest
+        name: Latest Build (Development)
+        body: |
+          ## 🚀 Latest Development Build
+          
+          **Commit:** ${{ github.sha }}
+          **Date:** ${{ github.event.head_commit.timestamp }}
+          **Message:** ${{ github.event.head_commit.message }}
+          
+          ### ⚠️ Requirements
+          - Windows 10/11 (64-bit)
+          - [Visual C++ Redistributable](https://aka.ms/vs/17/release/vc_redist.x64.exe)
+          
+          ### 📥 Download
+          Download `${{ steps.get-exe-name.outputs.exe-name }}` below
+          
+          ### 📖 Usage
+          ```
+          ghostinjector.exe <pid> <dll_path1> [dll_path2] ...
+          ```
+        files: build/Release/ghostinjector.exe
+        draft: false
+        prerelease: true
+        make_latest: true
+      env:
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
-    - name: Create Release (on tag)
-      if: startsWith(github.ref, 'refs/tags/')
-      uses: softprops/action-gh-release@v1
+    - name: Create Release (on version tag)
+      if: startsWith(github.ref, 'refs/tags/v')
+      uses: softprops/action-gh-release@v2
       with:
-        files: build/Release/ghostinjector-*.exe
+        name: Release ${{ github.ref_name }}
+        body: |
+          ## 📦 Release ${{ github.ref_name }}
+          
+          ### ⚠️ Requirements
+          - Windows 10/11 (64-bit)
+          - [Visual C++ Redistributable](https://aka.ms/vs/17/release/vc_redist.x64.exe)
+          
+          ### 📥 Download
+          Download the executable below
+          
+          ### 📖 Usage
+          ```
+          ghostinjector.exe <pid> <dll_path1> [dll_path2] ...
+          ```
+          
+          ### ✨ Features
+          - Support for multiple DLL injection
+          - Positional arguments support
+        files: build/Release/ghostinjector.exe
         draft: false
         prerelease: false
       env:

CMakeLists.txt

@@ -1,19 +1,18 @@
 cmake_minimum_required(VERSION 3.10)
-project(GhostInjector VERSION 1.0.2 LANGUAGES C CXX)
+project(GhostInjector VERSION 1.0.2 LANGUAGES C)
 
-set(CMAKE_CXX_STANDARD 11)
-set(CMAKE_CXX_STANDARD_REQUIRED ON)
-set(CMAKE_CXX_EXTENSIONS OFF)
+if(MSVC)
+    string(REPLACE "/MT" "/MD" CMAKE_C_FLAGS_RELEASE "${CMAKE_C_FLAGS_RELEASE}")
+endif()
 
-include(FetchContent)
+# Set C standard to C99 for the entire project
+set(CMAKE_C_STANDARD 99)
+set(CMAKE_C_STANDARD_REQUIRED ON)
+set(CMAKE_C_EXTENSIONS OFF)
 
-# Fetch cxxopts
-FetchContent_Declare(
-  cxxopts
-  GIT_REPOSITORY https://github.com/jarro2783/cxxopts.git
-  GIT_TAG v3.2.1
-)
-FetchContent_MakeAvailable(cxxopts)
+if(WIN32)
+    set(CMAKE_EXECUTABLE_SUFFIX ".exe")
+endif()
 
 add_subdirectory(Neptune)
 add_subdirectory(NThread)
@@ -22,26 +21,21 @@ add_subdirectory(NThreadOSUtils)
 set(GHOSTINJECTOR_INCLUDE_DIR ${CMAKE_CURRENT_SOURCE_DIR}/include)
 set(GHOSTINJECTOR_SOURCE_DIR ${CMAKE_CURRENT_SOURCE_DIR}/src)
 
-file(GLOB_RECURSE GHOSTINJECTOR_HEADERS CONFIGURE_DEPENDS ${GHOSTINJECTOR_INCLUDE_DIR}/*.h ${GHOSTINJECTOR_INCLUDE_DIR}/*.hpp)
-file(GLOB_RECURSE GHOSTINJECTOR_SOURCES CONFIGURE_DEPENDS ${GHOSTINJECTOR_SOURCE_DIR}/*.c ${GHOSTINJECTOR_SOURCE_DIR}/*.cpp)
+file(GLOB_RECURSE GHOSTINJECTOR_HEADERS CONFIGURE_DEPENDS ${GHOSTINJECTOR_INCLUDE_DIR}/*.h)
+file(GLOB_RECURSE GHOSTINJECTOR_SOURCES CONFIGURE_DEPENDS ${GHOSTINJECTOR_SOURCE_DIR}/*.c)
 
 string(TOLOWER ${PROJECT_NAME} PROJECT_NAME_LOWER)
 set(EXECUTABLE_NAME "${PROJECT_NAME_LOWER}-${PROJECT_VERSION}")
 
 add_executable(${EXECUTABLE_NAME} ${GHOSTINJECTOR_SOURCES})
 target_include_directories(${EXECUTABLE_NAME} PRIVATE ${GHOSTINJECTOR_INCLUDE_DIR})
-target_link_libraries(${EXECUTABLE_NAME} PRIVATE NThreadOSUtils cxxopts)
-
-# Dynamic linking - will use MSVC runtime DLLs (msvcp140.dll, vcruntime140.dll)
-# Removed: -static -static-libgcc -static-libstdc++
+target_link_libraries(${EXECUTABLE_NAME} PRIVATE NThreadOSUtils)
 
 target_compile_definitions(${EXECUTABLE_NAME} PRIVATE
-  LOG_LEVEL_2
+  LOG_LEVEL_1
   NEPTUNE_MODULERULES_HEADER="ntosutils_rules.h"
-  LOG_FORCE_COLOR
   NEPTUNE_ENABLE_MEMMEM
   VERSION=${PROJECT_VERSION}
   LOG_FILE_PATH=L"ghostinjector.log"
   LOG_ON_STDOUT=1
-)
-
+)

Neptune

@@ -0,0 +1,158 @@
+/**
+ * MIT License
+ *
+ * Copyright (c) 2025 Serkan Aksoy
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ * 
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software. 
+ * 
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <windows.h>
+
+#include "nerror.h"
+#include "ntosutils.h"
+#include "ntmem.h"
+#include "ntosutilswin.h"
+
+void print_usage() {
+    printf("GhostInjector - DLL Injection tool for Windows processes\n\n");
+    printf("Examples:\n");
+    printf("  ghostinjector.exe 1234 mydll.dll\n");
+    printf("  ghostinjector.exe 5678 first.dll second.dll third.dll\n\n");
+    printf("Usage:\n");
+    printf("  ghostinjector.exe <process_id> <dll_path> [dll_path2 ...]\n");
+    printf("  ghostinjector.exe -h | --help\n");
+}
+
+int main(int argc, char *argv[])
+{
+	if (HAS_ERR(neptune_init()))
+		return EXIT_FAILURE;
+
+	if (argc < 3 || strcmp(argv[1], "-h") == 0 || strcmp(argv[1], "--help") == 0) {
+		print_usage();
+		neptune_destroy();
+		return EXIT_SUCCESS;
+	}
+
+	uint32_t id = atoi(argv[1]);
+
+#ifdef LOG_LEVEL_1
+	LOG_INFO("Neptune initialized!");
+	LOG_INFO("ID: %u", id);
+	LOG_INFO("Number of DLLs to inject: %d", argc - 2);
+#endif
+
+	if (id == 0) {
+#ifdef LOG_LEVEL_1
+		LOG_ERROR("Invalid id: must be greater than 0");
+#endif
+		neptune_destroy();
+		return 0x11;
+	}
+
+	HMODULE kernel32 = GetModuleHandleA("kernel32");
+	if (kernel32 == NULL) {
+#ifdef LOG_LEVEL_1
+		LOG_ERROR("GetModuleHandleA failed");
+#endif
+		neptune_destroy();
+		return 0x20;
+	}
+
+	FARPROC load_library_func = GetProcAddress(kernel32, "LoadLibraryA");
+	if (load_library_func == NULL) {
+#ifdef LOG_LEVEL_1
+		LOG_ERROR("GetProcAddress failed");
+#endif
+		neptune_destroy();
+		return 0x21;
+	}
+
+#ifdef LOG_LEVEL_1
+	LOG_INFO("LoadLibraryA=%p", (void *)load_library_func);
+#endif
+
+	if (HAS_ERR(nosu_attach(id))) {
+#ifdef LOG_LEVEL_1
+		LOG_WARN("nosu_attach failed");
+#endif
+
+		if (HAS_ERR(nosu_find_thread_and_upgrade(id))) {
+#ifdef LOG_LEVEL_1
+			LOG_ERROR("nosu_find_thread_and_upgrade failed");
+#endif
+			neptune_destroy();
+			return 0x06;
+		}
+	}
+
+	for (int i = 2; i < argc; i++) {
+		const char *dll_path = argv[i];
+
+#ifdef LOG_LEVEL_1
+		LOG_INFO("Injecting DLL [%d/%d]: %s", i - 1, argc - 2, dll_path);
+#endif
+
+		size_t dll_path_len = strlen(dll_path);
+		size_t dll_path_size = dll_path_len + 1;
+
+		ntmem_t *ntmem = ntm_create_with_alloc_ex(dll_path_size + 1);
+		if (ntmem == NULL) {
+#ifdef LOG_LEVEL_1
+			LOG_ERROR("ntm_create failed for %s", dll_path);
+#endif
+			continue; 
+		}
+
+		void *local = NTM_LOCAL(ntmem);
+		memcpy(local, dll_path, dll_path_size);
+
+		void *dll_path_addr = ntm_push(ntmem);
+		if (dll_path_addr == NULL) {
+#ifdef LOG_LEVEL_1
+			LOG_ERROR("ntm_push failed for %s", dll_path);
+#endif
+			ntm_delete(ntmem);
+			continue;
+		}
+
+#ifdef LOG_LEVEL_1
+		LOG_INFO("DLL Path Address(%p)", dll_path_addr);
+#endif
+
+		void *load_library_ret = ntu_ucall((void *)load_library_func, dll_path_addr);
+
+#ifdef LOG_LEVEL_1
+		LOG_INFO("LoadLibrary returned: %p", load_library_ret);
+		if (load_library_ret != NULL) {
+			LOG_INFO("Successfully injected: %s", dll_path);
+		} else {
+			LOG_ERROR("Failed to inject: %s", dll_path);
+		}
+#endif
+
+		ntm_delete(ntmem);
+	}
+	ntu_destroy();
+	neptune_destroy();
+	return EXIT_SUCCESS;
+}