madshi.net

[francoisr]

I would like to inject a DLL only into newly created processes.

I vaguely recall reading something somewhere about a (new?) flag that would signal this, but now I cannot find any info on this in either the help files or in the source code.

My DLL is lightweight, but it requires a number of other system DLLs (ie WinInet.dll) that I don't really want to load into every process. I know that I could change all the static references in my DLL to dynamic ones, but that would be a lot of work for little gain. Either way, I would prefer to only load my DLL into either a specific (user selected) process or any newly created process.

Is there an undocumented flag on InjectLibrary that can specify this or am I mistaken? Is it possible at all?

[iconic]

Introduced in madCodeHook 2.5.9 the flag DONT_TOUCH_RUNNING_PROCESSES does what you seek.


--Iconic

[francoisr]

Thanks a lot. It is exactly what I was looking for.

[dcsoft]

[francoisr]

Hi David.

My code is unfortunately written in Delphi. It is small enough and doesn't require the VCL, so I could probably do a version 2 in VC someday.

Thanks for the tip.

Francois

[ISantos]

[madshi]

The latest version now always uninjects from all processes, regardless of whether the DONT_TOUCH_RUNNING_PROCESSES option was activated or not. Or in other words: The option now only affect injection, but not uninjection, anymore. Here's the download:

http://madshi.net/madCollection.exe (2.5.11.1)

[francoisr]

Is there any way that I can turn the DONT_TOUCH_RUNNING_PROCESSES option off after I had previously set it?

In other words, I need something like ClearMadCHookOption.

[madshi]

Hello,

and sorry for the late reply.

With madCodeHook 3.0 there are 2 new options called "INJECT_INTO_RUNNING_PROCESSES" and "UNINJECT_FROM_RUNNING_PROCESSES". For both the 2nd SetMadCHookOption parameter is defined to be a bool value (typecasted to LPCWSTR / PWideChar). So you can turn both options on/off.