[Last Call] Learn about multicloud storage options and how to improve your company's cloud strategy. Register Now

x
?
Solved

DLL Injection - beginner, but nice problem !

Posted on 2013-05-31
2
Medium Priority
?
1,618 Views
Last Modified: 2013-06-01
Hi Experts

I need to inject my code into another process's address space somehow, because I want to detect when a process wants to create a new window and to quickly grab the handle of that window be4 it is created !

Now I know there are 2 methods : Dll injecting ( creating a DLL and injecting it ?) and CreateRemoteThread & WriteProcessMemory ( which doesn't requires any DLL? )

I don't know too good whats all about all of this, atleast I know how to use APIs and Im coding in AutoIt :)

Could someone forward me on a good way - write some summary steps by steps I need to do, or atleast to tell me whether is hard to do what I want? Thankyou soo much experts !!
0
Comment
Question by:AlexMert
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 65

Accepted Solution

by:
btan earned 2000 total points
ID: 39212468
in general for dll injection, the dll is your remote sensor to listen in and signal when to act on certain trigger. This is one nice article - http://newgre.net/node/4

Typically it is creating the process in suspend mode, or enumerate running process and stop at the targeted process id or szExeFile. The key part is as you stated, based on targeted  process (in control), in its address memory space you inject the DLL, as follow
(1) get the location of the loadlibrary (LoadLibPTR),
(2) allocate sufficient memory space for your DLL (return youDLLaddressPtr),
(3) write in your DLL into the memory space allocated
(4) trigger your DLL loading using CreateRemoteThread with param LoadLibPTR and youDLLaddressPtr

http://resources.infosecinstitute.com/using-createremotethread-for-dll-injection-on-windows/
http://www.codeproject.com/Articles/20084/A-More-Complete-DLL-Injection-Solution-Using-Creat

There are other method like AppInit_DLLs and SetWindowsHookEx. Microsoft Detour library is another - primarily API hooking

I am not into AutoIT but this seems to suggest some code working ( By Shaggi)
http://www.autoitscript.com/forum/topic/137521-injecting-a-dll/

I suspect "CreateWindow" function (inside "user32.dll")  is the one of interest and probaby going simply for SetWindowsHookEx suffice. belos is an old old article describing overall and may be useful...
http://www.codeproject.com/Articles/2082/API-hooking-revealed
0
 

Author Comment

by:AlexMert
ID: 39213088
Could I pay someone to code this ? Thankyou
0

Featured Post

What’s Wrong with Your Cloud Strategy ?

Even as many CIOs are embracing a cloud-first strategy, the reality is that moving to the cloud is a lengthy process and the end-state is likely to be a blend of multiple clouds—public and private. Learn why multicloud solutions matter in this webinar by Nimble Storage.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This is about my first experience with programming Arduino.
In this post we will learn how to make Android Gesture Tutorial and give different functionality whenever a user Touch or Scroll android screen.
With the power of JIRA, there's an unlimited number of ways you can customize it, use it and benefit from it. With that in mind, there's bound to be things that I wasn't able to cover in this course. With this summary we'll look at some places to go…
Simple Linear Regression
Suggested Courses

650 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question