Closed bbbscarter closed 6 years ago
Hi Simon,
When you use CreateProcess/InjectDllByHandle
, are you using the CREATE_SUSPENDED
flag too? (CreateProcess/Inject/ResumeThread)
Regards, Mauro.
When using CreateProcessWithDll I wasn't using CREATE_SUSPENDED, but digging into the code it seems to do that anyway. Happy to give that a go if you think that will change things?
When using normal CreateProcess and then manually calling InjectDll I was using CREATE_SUSPENDED - but then I have no way of knowing if my dll has actually started before I resume it. (Plus, InjectDll does work with .net assemblies). On 03/11/2015 13:14:46, Mauro Leggieri notifications@github.com wrote: Hi Simon, When you use CreateProcess/InjectDllByHandle, are you using the CREATE_SUSPENDED flag? (CreateProcess/Inject/ResumeThread) Regards, Mauro. — Reply to this email directly or view it on GitHub [https://github.com/nektra/Deviare-InProc/issues/4#issuecomment-153348345].
CreateProcessWithDll
creates the process suspended, injects the code and resumes it. By the time you execute InjectDll
, because you used CreateProcess
without CREATE_SUSPENDED
flag, the process may be initialized and entrypoint changed to .net internals.
I suspect the problem is how .NET processes changes entrypoints and the injector code never executed.
I'll see in depth in these days.
Thank you for reporting the issue.
Thanks!
Just to clarify:
Hi! I'm having problems injecting a 32bit dll into a 32bit C# app.
Symptoms are as follows:
It looks like it's fairly easy to repro - I just did a test by creating an empty C# console app which sleeps for a few seconds, and my simple test dll fails to start.
Let me know if I'm doing anything stupid, or if you need more information.
Thanks!
Simon