Printable View
Hello friend, last three years I have work on the C language and now I have very brief knowledge about this language. Now I want to work on the MSDN. Hence, I decided to do DLL injection logic. I only know that this DLL is an Dynamic Link Library. If anyone having knowledge about this type of MSDN issues, then please send me the suggestion for how to do this. Thanks in advance for any type of suggestions over this complicated issue.
I think you have noble in this field and hence you mention that you have familiar with C language and want to do dll injection logic. There is no relation between the DLL and with C language. In actual case, this is an Windows specific stuff need to identify a lot about Windows programming. This will be help to identify the programming language that helpful to certain Windows API entries. This is also helpful for construct DLL.
Using Freeware you can able to write codes for DLL injection. The ollydbg is also helpful to do this task. Using VC++ you can capable to catch access to process memory using Pid and dll file. Then you need to manually entering the PID. But you need to write code to create it by itself. The process name can’t help in this case. For inject DLL you need to acquire the data intermediate data. This is receiving manipulated in the memory. Then use this and it help to solve the problem.
In system memory I search it but there is no process present. All process possesses entire 4GB of virtual memory address space. The space possibly regions allocated for particular purpose with unallocated regions. Other thing is that the process address space is unsafe to be alongside packed with the regions of allocated memory. You need to read Jeffrey Richter's "Programming Windows Application" book. This will be helping you a lot.
I also faced the similar problem in this system. Then I read several article and I found the correct solution over this problem. First I discover the starting address of file but there is no need to discover the ending address of the process in the file. The kernel32.dll file is help to all processes. I used this file for accessing the address of the process. Hence you need to use this file and it really help to solve such complicated problem.
The DLL injection is a procedure used to run code inside the address space of another process by forcing it to load a dynamic-link library. In Microsoft Windows, the registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs will be loaded into every process. This will be links to User32.dll and this DLL will connect itself to the process. Then use this type of help and it really work for such kind of risky operation.