'SystemProcesses' parameter of Inject Library function
Posted: Thu Jan 19, 2017 9:13 am
Hi MadShi,
We were exploring the meaning of 'systemProcesses' parameter of Inject Library function in DLL injection section.
Currently, we are passing this as TRUE.
But we don't want to inject any dll in system processes,
If we pass it as FALSE, which all processes it will exclude.
We did a quick dry run, but it was still getting injected in conhost.exe.
We want to know what is the meaning of systemProcesses?
Does it mean processes running from System Account? Or processes which are part of core OS?
Awaiting your reply.
We were exploring the meaning of 'systemProcesses' parameter of Inject Library function in DLL injection section.
Currently, we are passing this as TRUE.
But we don't want to inject any dll in system processes,
If we pass it as FALSE, which all processes it will exclude.
We did a quick dry run, but it was still getting injected in conhost.exe.
We want to know what is the meaning of systemProcesses?
Does it mean processes running from System Account? Or processes which are part of core OS?
Awaiting your reply.