asked on

CreateRemoteThread without DLL (inject function)

Hi

I have reviewed some articles in internet and they are talking about DLL injection into another process, I also saw some articles about function injection with CreateRemoteThreadEx that injects a function into another process.

I want a piece of example code which will inject a thread function into notepad.exe and that thread shows messagebox each X second.

Please advice about it.

Thanks from now!

jkr

See http://www.codeproject.com/KB/threads/winspy.aspx#section_3 ("III. The CreateRemoteThread & WriteProcessMemory Technique") which uses the latter API to avoid the creation of a separate DLL. The article comes with full source code and demo apps.

CSecurity

ASKER

I checked that, that is too complicated with a lot of things, I need just a MessageBox sample demo which injects a thread which only shows messagebox into notepad.exe, if possible please just show me a simple code

ASKER CERTIFIED SOLUTION

jkr

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

RishadanPort

I found this article, which shows an indepth look at DLL Injection. It also shows some sample code. I am not sure if it will help you.

http://bluenotch.com/files/Shewmaker-DLL-Injection.pdf

RishadanPort

p8 shows it using a MessageBox

CSecurity

ASKER

I injected my function but I get exception when my thread exits
Rishadan, I don't want DLL Injection, I want thread/function injection

CSecurity

ASKER

I attached my code, just replace PID manually with notepad.exe 's PID in this line:

hProcess = OpenProcess(PROCESS_CREATE_THREAD | PROCESS_QUERY_INFORMATION | PROCESS_VM_OPERATION | PROCESS_VM_WRITE | PROCESS_VM_READ, false, 3728);

Please rename test.txt to Test.cpp, open it in MS VC++ 6.

Please tell me what's wrong in the code
Test.txt

jkr

May I ask why you graded that as a 'C'?

CSecurity

ASKER

No solution, just a comment provided, I solved task and problem myself