what it will happen if i don't use SYSTEM_PROCESSES

c++ / delphi package - dll injection and api hooking
Post Reply
Aquarius_1983
Posts: 17
Joined: Sun Apr 03, 2005 7:39 am

what it will happen if i don't use SYSTEM_PROCESSES

Post by Aquarius_1983 »

InjectLibrary((ALL_SESSIONS or SYSTEM_PROCESSES) and (not CURRENT_PROCESS), 'your.dll');


IF I DON'T USE SYSTEM_PROCESSES ,WHETHER I DON'T INJECT SYSTEM_PROCESS.
// the following flags may only be used in combination with the first 3 flags
SYSTEM_PROCESSES = $10; // include this flag to include system processes + services
CURRENT_PROCESS = $8; // exclude this flag to exclude injection into yourself
madshi
Site Admin
Posts: 10753
Joined: Sun Mar 21, 2004 5:25 pm

Post by madshi »

What is your question exactly? If you don't use SYSTEM_PROCESSES, the your dll will not be injected into system processes. What is unclear with that?
JPMetal
Posts: 8
Joined: Tue Jun 14, 2005 6:25 pm

Post by JPMetal »

What do you mean by system processes? The process with PID 4 or 8? Is useless to inject it since it runs only kernel mode threads.
madshi
Site Admin
Posts: 10753
Joined: Sun Mar 21, 2004 5:25 pm

Post by madshi »

System processes in this case includes services, winlogon, etc...
Post Reply