i inject my dll to winlogon.exe but it run a second and after that it not run any function of the dll what is the problem?

this question  related  to  othe question  

my dll  run perfect when i  inject it to  any program  like notepad.exe

but i want it to  run with winlogon.exe

can any body help me to solve the problem?
LVL 1
sa3qAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

js-profiCommented:
winlogon cannot be injected. you need to replace gina.dll and provide all services of the gina. that is far beyond the possibilities of a normal development.
0
sa3qAuthor Commented:
gina dll is not easy and want much work and want from me to perform all the functionality of gina  that's horibol  i want easy sol
0
CSecurityCommented:
You need to debug your DLL, like put some messages in file for each line. For example

WriteLog("I was here: Line 1");
DoSomething();
WriteLog("I was here: Line 2");
DoSomethingElse();
WriteLog("I was here: Line 3");

etc.

And see which part fails. show me that failure and I'll tell you how to fix
0
Get your problem seen by more experts

Be seen. Boost your question’s priority for more expert views and faster solutions

sa3qAuthor Commented:
i made the debug  befor

i found  that it run  the infinte loop  but it didn't do  any thing  from  the objective  why?
0
CSecurityCommented:
Show me where it goes into loop, I need details. How can I help you without any detail?
0
CSecurityCommented:
You said there is no solution, but there is nothing you asked or provided so we can answer. I don't see here any question or details of your problem. As I said how can I help you on a loop when I don't know ANYTHING about it. Simply send more details and I'll tell you the source of problem.
0
sa3qAuthor Commented:
i removed any thing from  the loop  i  made message box and sleep  in the loop

but  when i inject in winlogon   nothing  done

but if i inject it in  any application  it run  the message box  

that's all
0
js-profiCommented:
winlogon is controlled by gina. it cannot be injected. the request to delete should be granted.
0
CSecurityCommented:
You can't wait for message box, that's your fault. Those message will apear in background and you cannot see that. As I said above, write LOG, write to LOG file some stuff to see if it works. As I said if it didn't worked for Winlogon, try svchost or any other process which exists at level you need. You can for example enumerate processes and write it to file to understand running processes in that time and test log writing. But before anything else, write some stuff to log file to see if it works.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
CSecurityCommented:
>> winlogon is controlled by gina. it cannot be injected. the request to delete should be granted.

You are wrong! You can inject DLL or code into winlogon process. Too much viruses/keyloggers does it:
http://blog.novirusthanks.org/tag/winlogonexe-inject/
http://www.rohitab.com/discuss/index.php?showtopic=16449
0
js-profiCommented:
we are talking of different things. your links describe cases where the winlogon.exe file was injected by malware. a not injected winlogon at runtime is controled by gina and no interference is possible to my knowledge. sa3q asked how he could hook the winlogon and the answer is, it is impossible.
0
CSecurityCommented:
He don't want to hook, he simply want to inject a DLL into winlogon and that's possible. That's all
0
js-profiCommented:
:)
0
CSecurityCommented:
Overally a lot of details has been provided, AFAIK it's #4 for me. At least asker should provide more details, then #4
0
sa3qAuthor Commented:
CSecurity:

i tried to write to file      it write only one time and not repeat writting to file

while(1)

{

//code for wite to file
}

this is the problem
0
sa3qAuthor Commented:
yes  that's right it  run  the application  only if i logg off

the winlogon.exe be frozen  all  time and unfreez only in loggoff after that it run  perfect

i will  open a new question  about run  this application  from remote desktop
because it didn't open it  i don't know why
0
sa3qAuthor Commented:
yes  that's right it  run  the application  only if i logg off

the winlogon.exe be frozen  all  time and unfreez only in loggoff after that it run  perfect

i will  open a new question  about run  this application  from remote desktop
because it didn't open it  i don't know why
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Editors IDEs

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.