edit
 

edit.

Sorry, that program still has bugs.

Ignore this post.

well here is another way :)
VirtualAllocEx() some space in remote process, WriteProcessMemory() the module name you want to inject to that address.

CreateRemoteThread(), set lpStartAddress to the address of LoadLibrary and lpParameter to the address of written module name.

but maybe you wanted to use the same technique.

that is really a funny (and nasty!) hack :)

well, duh, perhaps you could have left out the description of the method even though the program has bugs. :mad:

Now i am all intrigued wanting to know how nasty the hack is. :rolleyes:

You can read about this technique in Jeffrey Richter's book "Programming Applications for Microsoft Windows" (part IV, chapter 22). The hack doesn't seem to be nasty.

Jeff's method is really not that good.

He proposes 7 different techniques in his book, which one are you refering to?
And why is it "really not that good"?
If you know any better techniques, then do share :)

dll injectition is always risky because you never know if you are really overwriting the right offsets. you could try out the detour library by microsoft, this is always useful for cracking purposes.

Try search "dll injection" or "code injection" here or google or codeguru/project. There are tons of articles on this subject, and quite a few show excellent ways to perform code injection.

Thanks. Detours uses techniques for dll injection which are covered in jeff's book.
So there's nothing new to be found there, which is what i was asking for.

You've more or less ignored all my questions. I merely wanted you to elaborate on your opinion...