dll-injection

问题 I have a DLL I inject into other processes using SetWindowsHookEx . Inside the DLL I increment the module's reference counter by calling GetModuleHandleEx so I can control when the module is unloaded. At this point the module reference count "should be" 2 from both of those API calls. When the calling process shuts down, it calls UnhookWindowsHookEx , decrementing the reference count to 1. The DLL has a thread that waits on a few things, one of them being the handle of the process that called

问题 I have a DLL I inject into other processes using SetWindowsHookEx . Inside the DLL I increment the module's reference counter by calling GetModuleHandleEx so I can control when the module is unloaded. At this point the module reference count "should be" 2 from both of those API calls. When the calling process shuts down, it calls UnhookWindowsHookEx , decrementing the reference count to 1. The DLL has a thread that waits on a few things, one of them being the handle of the process that called

问题 I have a DLL I inject into other processes using SetWindowsHookEx . Inside the DLL I increment the module's reference counter by calling GetModuleHandleEx so I can control when the module is unloaded. At this point the module reference count "should be" 2 from both of those API calls. When the calling process shuts down, it calls UnhookWindowsHookEx , decrementing the reference count to 1. The DLL has a thread that waits on a few things, one of them being the handle of the process that called

问题 I used EasyHook to hook into the SetClipboardData() function. HANDLE mySetClipBoardData (UINT uFormat, HANDLE hMem){ return SetClipboardData(uFormat, hMem); //return NULL; } I can either pass the data to the original function or return NULL. The goal is to prevent the user from copying specific files. This DLL will be injected into Explorer.exe and will be called whenever a user tries to copy a file. How to obtain the filename being copied? Is there any other way to achieve this? 回答1: Files

问题 I am working on a plugin for a document tagging software. I would like to intercept the MOVE operation in Windows explorer , and let the tagging software handle it instead . I was thinking about Hooks, DLL injection . The MOVE can be initiated by several ways by the user, and I need to intercept all of them. Does anyone have other ideas. It would be nice if you can post some example links too. TIA Sujay 回答1: Detours is the wrong solution for this problem. Instead, consider using something

问题 I want to detect dll injector.below code work as dll injector.I need Your help in c# source code which help me to detect then i will close my application.i search in google.com a lots but tired to get solution.please help and give me source code in c# public partial class Form1 : Form { [DllImport("kernel32")] public static extern IntPtr CreateRemoteThread( IntPtr hProcess, IntPtr lpThreadAttributes, uint dwStackSize, UIntPtr lpStartAddress, // raw Pointer into remote process IntPtr

问题 I'm using this code to inject my 64bit dll into a 64bit process on windows 7 64 bit,CreateRemoteThread return 200 but still the dll does not injected, I tested my dll with another source and it works fine, Process Explorer shows that my code does not work,What can be wrong with this code, I'm using delphi XE3 and i have compile the code on 64bit target platform. function InjectDLL(dwPID: DWORD; DLLPath: pwidechar): integer; var dwThreadID: Cardinal; hProc, hThread, hKernel: NativeUInt;

问题 I am facing a problem related to get out all the controls from some hooked process. My SpyDll launched into hooked process sucessfully, But when I check the statement Control control = Control.FromHandle(MainWindowHandle), it returns null into control object where "MainWindowhandle"is just a native main window handle of that hooked process, which you always take from .NET "Process" class after launching that process. But STRANGLY it happens that in some other hooked process which is the same

问题 Following code will inject dll and DllMain will be called. How I call specific function from DLL, not just DllMain? DWORD pid; HANDLE hd; LPVOID gp, rs, proc; gp = (LPVOID)GetProcAddress(GetModuleHandle(L"Kernel32.dll"), "LoadLibraryA"); pid = 6096; hd = OpenProcess(PROCESS_ALL_ACCESS, 0, pid); rs = (LPVOID)VirtualAllocEx(hd, 0, sizeof(DLL_NAME), MEM_RESERVE | MEM_COMMIT, PAGE_READWRITE); if (!WriteProcessMemory(hd, (LPVOID)rs, DLL_NAME, strlen(DLL_NAME), 0)) { printf("WriteProcessMemory %d",

问题 I'm trying to inject a simple executable into another executable that I made, unfortunately, whenever I inject the code into the executable, it says 'simpleinjected.exe has stopped working' then it closes. I'm using CreateRemoteThread to inject the code. This is what I have done so far. Injector.exe // the file that's injecting the code #include <stdio.h> #include <windows.h> #define procId 2844 #define executable "executable.exe" // located in same directory int main() { HANDLE hProc =