When injecting DLL into services.exe on Windows, InjectLibrary returns that the injection was successful, but the actual DLL is not loaded by services.exe.
Please refer to the following code when using InjectLibrary
InjectLibraryW(L"TestDll", L"C:\\Test\\test.dll", ALL_SESSIONS, INJECT_SYSTEM_PROCESSES | INJECT_METRO_APPS, L"services.exe")
Is DLL Injection impossible in Windows' services.exe process?
Re: Is DLL Injection impossible in Windows' services.exe process?
Services.exe is a "protected process" in Windows starting with Windows 8.1 forward so it can't be injected, at least not in the traditional sense any way You can see this in tools such as Process Hacker under the general tab once you double-click it. Protected processes have been around since Vista and, as of Windows 8.1, most system processes are now "protected" such as CSRSS.
--Iconic
--Iconic