DLL Injection Framework
Code injection is messy. Hooking via JMP patching is even messier. So I’ve tried to clean things up as much as possible by putting the heavy-lifting in a C++ class.
DLL Injection Framework C++ Source (zip)
You can get a rough idea of the exposed functionality from the class’s public function list:
bool CallThreadProc(const char* thread_proc_name, void* parameter, DWORD timeout_ms, DWORD &exit_code); static DWORD GetProcessIDFromWindow(const char* class_name, const char* window_name); void* GetRemoteProcAddress(const char* proc_name); void* GetRemoteProcAddress(const char* proc_name, const char* module_path); HMODULE GetRemoteModuleHandle(HMODULE local_handle); HMODULE InjectDLL(DWORD process_id); HDLLHOOK InstallDLLHook(const char* existing_module_path, const char* existing_function_name, const char* hook_function_name); HDLLHOOK InstallCodeHook(void* existing_function_address, const char* hook_function_name); bool RemoveAllHooks(); bool RemoveHook(HDLLHOOK handle); void RemoveDLL();
I provide no documentation beyond the brief descriptions given in the header and this following example. It should all be sufficiently self-explanatory though. This snippet injects a DLL into Windows Calculator, which is assumed to be running, then installs two hooks (one by name and another by address) from the user-supplied HookDLL.
// Create the injection object DLLInjection injection("E:/Temp/HookDLL.dll"); // Find Calc.exe by its window DWORD process_id = injection.GetProcessIDFromWindow("SciCalc", "Calculator"); // Inject the DLL HMODULE remote_module = injection.InjectDLL(process_id); // Hook a DLL function (User32!SetWindowTextW) HDLLHOOK swtw_hook = injection.InstallDLLHook("C:/Windows/System32/User32.dll", "SetWindowTextW", "SetWindowTextHookW"); // Hook a function manually (Calc!0100F3CF) HDLLHOOK manual_hook = injection.InstallCodeHook(reinterpret_cast<void*> (0x0100F3CF), "SomeOtherHook"); // Remove the hooks injection.RemoveHook(swtw_hook); injection.RemoveHook(manual_hook);