When the driver runs, the wow64 process under the 64-bit system of win8.1 can't get up. Has anyone encountered this problem?

wbenny / injdrv

proof-of-concept Windows Driver for injecting DLL into user-mode processes using APC

MIT License

1.14k stars 278 forks source link

When the driver runs, the wow64 process under the 64-bit system of win8.1 can't get up. Has anyone encountered this problem? #8

Open wumn290 opened 5 years ago

wumn290 commented 5 years ago

I use InjMethodThunk to cause the wow64 process to fail to start, but when I use InjMethodThunkless, I can inject 64-bit DLL into the wow64 process, but loading 32-bit DLL in this 64-bit DLL will fail.

wooddii commented 4 years ago

Hello, just use CapturedInjectionInfo->ForceUserApc = FALSE - works on all Windows x64.