[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Delphi 7 - DLL Injection Freezing explorer.exe

Posted on 2012-08-20
6
Medium Priority
?
2,423 Views
Last Modified: 2012-08-20
Hi all.

I am injecting a DLL into explorer.exe and it works fine, but only for a little bit..Then explorer.exe freezes and the taskbar is unusable and explorer.exe needs to be restarted...

Injecting other DLL's seem to work fine..

In the code for my DLL it is using a While Loop (but I am using Sleep(1) to ensure it doesn't run up the cpu)..

I have also removed all creation of additional threads..meaning the DLL does not create any extra threads...

explorer.exe's memory does not seem to be running too high and neither is the cpu level...

I don't want to post the DLL code as it is private...so...

What are some ideas as to why this would freeze explorer.exe (or any other process I inject into as well).

Thanks.

Edit:
It seems that it freezes whenever I hover over these icons:
http://gyazo.com/3619a0842767fd5a36204609298ac96a.png?1345452121

Tested on Vista & Win7
0
Comment
Question by:DjRed
  • 3
  • 3
6 Comments
 
LVL 38

Accepted Solution

by:
Geert Gruwez earned 1500 total points
ID: 38310915
some ideas:
an endless loop with a while
an endless loop with a repeat
an endless loop with a goto >> god has forbidden this because of spaghetti coding

madshi has a very good site with a dll injection technique:
http://www.madshi.net/

see the madcodehook for sources
0
 
LVL 38

Expert Comment

by:Geert Gruwez
ID: 38310918
an injection technique means you inject your call in a chain
>> maybe you have broken the chain ?

original:
call first chain item
>> first chain item calls next chain item
>> next chain item calls next chain item

if a chain item doesn't call the next chain item, the chain is broken and a freeze happens
0
 
LVL 38

Expert Comment

by:Geert Gruwez
ID: 38310923
you are aware that your technique is used by a lot of virusses ?
this site is against creating or helping creating virusses ...

just a warning at the moment:
your private code statement is on the brink of asking the moderators to check this thread

you could have posted your injection technique code and the loop.
what the dll does is indeed your private code
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:DjRed
ID: 38310932
@ Geert_Gruwez

"you could have posted your injection technique code and the loop.
what the dll does is indeed your private code"

The loop is what the DLL does...it is my DLL code..

I am not programming malware.
0
 

Author Closing Comment

by:DjRed
ID: 38310939
Removing the endless loop help's but in the end that is what I need in my code....
0
 

Author Comment

by:DjRed
ID: 38311037
Seeing as the dll is injected into explorer.exe if i create a thread and the dll exists, the thread is actually running inside explorer.exe and still runs after the dll exists...

= win for me. doesn't lag out.
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The SignAloud Glove is capable of translating American Sign Language signs into text and audio.
If you are a mobile app developer and especially develop hybrid mobile apps then these 4 mistakes you must avoid for hybrid app development to be the more genuine app developer.
Simple Linear Regression
Screencast - Getting to Know the Pipeline

872 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question