O'Reilly logo

Windows® via C/C++, Fifth Edition by Christophe Nasarre, Jeffrey Richter

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Injecting Code with CreateProcess

If your process is spawning the process into which you want to inject code, things get a little easier. For one, your process (the parent process) can create the new process suspended. This approach allows you to alter the child process’ state without affecting its execution, because it hasn’t started executing anything yet. But the parent process also gets a handle to the child process’ primary thread. Using this handle, you can alter what code the thread executes. You can solve the problem mentioned in the previous section because you can set the thread’s instruction pointer to execute the code in the memory-mapped file.

Here is one way for your process to control what code the child process’ primary thread executes: ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required