anyone familiar with DetourCreateProcessWithDllA() Sparkie?

[thefool]

what are you talking about? why cant he do anything with the dll? you realize what posibilities this have?
Think about it. If you pop in a dll in an app which have administrative rights, what then? Whoops

[DarkDragon]

what are you talking about? why cant he do anything with the dll? you realize what posibilities this have?
Think about it. If you pop in a dll in an app which have administrative rights, what then? Whoops

Nothing, because the program doesn't call your dll functions -_-. You first need to edit the import table.

[thefool]

NO! i say.
your dll can have a nice function wich it calls when the dll is loaded The case is the same with this.

AttachProcess(Instance), DetachProcess(Instance), AttachThread(Instance) and DetachThread(Instance).

[DarkDragon]

NO! i say.
your dll can have a nice function wich it calls when the dll is loaded The case is the same with this.

AttachProcess(Instance), DetachProcess(Instance), AttachThread(Instance) and DetachThread(Instance).

There is no sense of calling the dll yourself in the other process for your process, so you need to edit the import table so the other process knows your dll . Just injecting isn't very useful. Get called by the other process is more useful. Get called by your own process through the other process is NOT useful!

[thefool]

actually it has several uses. You just cant see them! those uses are evil, and some are good.

You can use it for many things, of course the other way has more uses. But i think he asked for this, not about changing import table, although that is an interesting subject too.

[dell_jockey]

actually it has several uses. You just cant see them! those uses are evil, and some are good.

That is the exact reason I asked my questions at the beginning of this thread....

[thefool]

but darkdragon dont understand!