DLL injected successfully, but it does not run!

Hi all,
using CreateRemoteThread and WriteProcessMemory
I injected a dll that brings up a message box!
but the DLL is loaded
only thing no message box!
The process is notepad!
Im using Dev c++ Mingw
help!
@OrionMaster: Please help on
this one!
Hi,

Did you check for any call errors especially in the VirtualAllocEx, WriteProcessMemory, CreateRemoteThread. Normally, these are the "risk" areas where these bugs arise. Check the error values and compare them and see why the error is caused.

They all worked fine!
and i can see in process explorer that the dll is injected
but no message box!
Hi,

Try to look here: http://stackoverflow.com/questions/16574333/c-dll-not-executing-function-after-injection

I cannot do much especially keeping in mind I do not posses the source code.

OR it could be that the target process is blocking DLL injections (Games maybe).
The process is notepad...
@OrionMaster:
Which is better, code injection or DLL injection, on your opinion???
Last edited on
Hi,

It really boils down to what you want to achieve, for example performing a DLL injection is more suitable for "exporting" large-chunks of code due to the compact design. However if you are more or less looking to export small amount of code like hooks or such, code injection is the way to go.

In my experience, of doing online jobs here and there - I am pretty sure that DLL injection is more used in commercial conditions keeping in mind *majority* of developers find code injection difficult OR too cumbersome.

When it comes to Security related programming, code injection is preferred due to dynamic support you EXE has over the remote thread, not to mention code injection is more difficult to hinder as there is no system call stub to block code injection, whereas DLL injection can be blocked with a filter hook on LdrLoadDll.

To be honest DLL injection is way simpler and BIG WOULD love to use it however DLL injections are just too easy to block.

Kind Regards,
OrionMaster

Thankyou very much!!!
Regards,
WindowsProgrammer777
Topic archived. No new replies allowed.