Page 2 of 2

Re: Unable to inject a dll using madcodehook driver for app

Posted: Wed May 25, 2016 5:27 am
by manutai
i want share the link of VM but not publicly should i mail you link or any other way .

Re: Unable to inject a dll using madcodehook driver for app

Posted: Wed May 25, 2016 6:34 am
by madshi
Yes, you can send it via email.

Re: Unable to inject a dll using madcodehook driver for app

Posted: Wed May 25, 2016 10:20 am
by manutai
I have sent you the link over mail.

Re: Unable to inject a dll using madcodehook driver for app

Posted: Sun Apr 28, 2019 10:33 pm
by Bevan Collins
sorry to drag up this old thread. Did this issue get resolved? I'm also unable to inject into App Store applications on Windows 10.0.17763 64bit.
I have tested using HookProcessCreation after adding "ALL APPLICATION PACKAGES" NTFS read/execute rights to the folder. Windows Photos app, candy crush, searchui.exe don't get injected even if system-wide injection happens before application launch.

Re: Unable to inject a dll using madcodehook driver for app

Posted: Sun Apr 28, 2019 11:05 pm
by iconic
Include INJECT_METRO_APPS in your InjectLibrary flags. Are you already doing this? That demo doesn't have that flag automatically added. Also, instead of adding the permissions yourself can you try placing your DLL in a folder where your DLL will automatically inherit such permissions from the containing folder, such as C:\Program Files, C:\Windows etc? Make sure you're also not using any *special* manifests inside your DLL, it can create issues.

*Edit*

You'll notice, in the above folders I mentioned, your DLL will also inherit the "ALL RESTRICTED APPLICATION PACKAGES" permissions.
Seems MS isn't done adding UWP (metro style) restrictions quite yet to newer builds of Windows 10

--Iconic

Re: Unable to inject a dll using madcodehook driver for app

Posted: Mon Apr 29, 2019 8:38 pm
by Bevan Collins
oops INJECT_METRO_APPS was missing, working now. Thanks iconic

Re: Unable to inject a dll using madcodehook driver for app

Posted: Mon Apr 29, 2019 9:45 pm
by iconic
Glad it's working for you now. Easy thing to overlook because it's a relatively new MCH flag :D

--Iconic