Click to See Complete Forum and Search --> : DLL Injection
GordonFreeman
July 24th, 2005, 06:35 PM
i read about this registry key
hkey_local_machine\software\microsoft\
windows nt\currentversion\windows\appinit_dlls
if you register a dll there,then windows will load it in every process created after the system is rebooted
but this key is present only on nt-based windows OSes
is there a registry key with the same purpose on windows 9x/me ??
philkr
July 25th, 2005, 07:46 AM
http://support.microsoft.com/kb/134655/en-us
buzz123vn
July 27th, 2005, 10:34 PM
Hi there,
I like to use the "inject a DLL using remote threads" technique. This technique bases on some functions that windows offers for one process to manipulate another process. The technique comprises following steps:
1. use the VritualAllocEx function to allocate memory in the remote process's address space (the process that we want to inject a DLL into).
2. use the WriteProcessMemory function to copy the DLL's pathname to the memoty allocated in step 1
3. use the GetProcAddress function to get the real address of the LoadLibraryA or LoadLibraryW functions (in Kernel32.dll)
4. use the CreateRemoteThread function to create a thread in the remote process that calls the proper LoadLibrary function, passing it the address of the memoty allocated in step 1
(the detail information and example are in the book named "programming application for Microsoft windows" of Jeffrey Richter
buzz
codeguru.com
Copyright Internet.com Inc., All Rights Reserved.