Awesome
WinCodeInjection
This repository contains 2 samples:
- Dll Injector with a Dll to inject
- Code Injector
The Dll Injector sample use the undocumented function NtCreateThreadEx to launch a remote thread. If you want to use CreateRemoteThread, you have to remember that starting with Win Vista (Session Separation) a process situated in a session can't access to a process in a different session.
The Code injector performs a change on the image relocation table to adjust it to the new base. In this sample I use the simple CreateRemoteThread to insert a custom function in another process.