Question

I'm trying to learn the basics of dll injection, so I created a really simple hello-world type DLL and an injector based off of code I found online. I wasn't able to find anything that works out of the box, so I had to make a few adjustments.

Injection Code, DLL Code

I'm running these on 64-bit windows. I'm compiling with Visual Studio 2010. The injector is a win32 console app, and the dll is win32 as well. I'm trying to inject my code into an existing notepad process (also 32-bit). All of this is running on Windows 7 x64.

When I run the injector, it fails every time at CreateRemoteThread, with GetLastError returning 5 (i.e. ERROR_ACCESS_DENIED). I've confirmed that the dll path is correct (although changing it to a bogus path gives the same behavior), and I've confirmed that the path is getting written to notepad's memory at the correct address using Cheat Engine. I'm having a difficult time with this because I'm not sure how to debug the problem further.

What could be causing CreateRemoteThread to fail?

Was it helpful?

Solution

The problem is that notepad.exe is a 64-bit process in 64-bit windows, and I was trying to inject with a 32-bit process.

OTHER TIPS

I also come up with the same problem. My situation is this:

  1. My system is 64-bit and the notepad is also 64-bit.

  2. But the injector is the 32-bit process.

My solution is to replace the 64-bit notepad with the 32-bit notepad in the system directory.

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top