Here is what I was using instead "CreateRemoteThread" in my DHM Loader, A lot more stealthy and a lot less chance of getting detected compared to your normal "Injectors".
Function:
Code:
function InjectDllViaAPC(hProcess:DWORD; hThread:DWORD; szDllPath:string):Boolean;
var
dwPathSize: DWORD;
pMemory: Pointer;
dwWritten: DWORD;
begin
Result := FALSE;
dwPathSize := Length(szDllPath) + 1;
pMemory := VirtualAllocEx(hProcess, nil, dwPathSize, MEM_COMMIT, PAGE_READWRITE);
if (Assigned(pMemory)) then
begin
WriteProcessMemory(hProcess, pMemory, @szDllPath[1], dwPathSize, dwWritten);
if (dwPathSize = dwWritten) then
begin
if (QueueUserAPC(GetProcAddress(LoadLibraryA('kernel32.dll'), 'LoadLibraryA'), hThread, DWORD(pMemory))) then
Result := TRUE;
end;
end;
end;
Usage:
Code:
procedure TForm1.btn1Click(Sender: TObject);
var
strExecute: string;
ProcInfo: TProcessInformation;
StartInfo: TStartupInfo;
begin
strExecute:= 'Engine.exe -windowtitle \CombatArms\ -rez Engine.REZ -rez Game -authip 208.85.111.14 -authport 10001 -pcroom 0 -UserId';
ZeroMemory(@startInfo, SizeOf(TStartupInfo));
StartInfo.cb := SizeOf(TStartupInfo);
if (CreateProcessA(nil, PChar(strExecute), nil, nil, FALSE, 0, nil, nil, StartInfo, ProcInfo)) then
InjectDllViaAPC(ProcInfo.hProcess, ProcInfo.hThread, 'DMH.dll');
end;
Enjoy the stealth method of injecting your dll