I'm wanting an example showing how to use injection to inject function code into a exe that holds a function at an offset and running the new injection code at runtime?
Any suggestions?
This is what I came up with any thoughts on it would be helpful.
// Program entry point
int WINAPI WinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance,
LPTSTR lpCmdLine, int nCmdShow)
{
// Structures for creating the process
STARTUPINFO si = {0};
PROCESS_INFORMATION pi = {0};
BOOL result = FALSE;
// Strings for creating the program
char exeString[MAX_PATH + 1] = {0};
char workingDir[MAX_PATH + 1] = {0};
// Holds where the DLL should be
char dllPath[MAX_PATH + 1] = {0};
// Get the current directory
GetCurrentDirectory(MAX_PATH, workingDir);
// Build the full path to the EXE
_snprintf(exeString, MAX_PATH, "\"%s\\PINBALL.EXE\" -quick", workingDir);
// Set the static path of where the Inject DLL is, hardcoded for a demo
_snprintf(dllPath, MAX_PATH, "PinballCodecave.dll");
// Need to set this for the structure
si.cb = sizeof(STARTUPINFO);
// Try to load our process
result = CreateProcess(NULL, exeString, NULL, NULL, FALSE,
CREATE_SUSPENDED, NULL, workingDir, &si, p);
if(!result)
{
MessageBox(0, "Process could not be loaded!", "Error", MB_ICONERROR);
return -1;
}
// Inject the DLL, the export function is named 'Initialize'
Inject(pi.hProcess, dllPath, "Initialize");
// Resume process execution
ResumeThread(pi.hThread);