Comment on page


Use SetThreadContext() to perform Remote Process Injection.
BOOL SetThreadContext(
HANDLE hThread,
const CONTEXT *lpContext
  • Get a handle to an existing process on the system or create a new sacrificial process
    • OpenProcess()
    • CreateProcess()
    • CreateProcessAsUser()
  • Get a Handle to the thread of the process
    • OpenThread()
  • Allocate some memory in the chosen remote process
    • VirtualAllocEx()
  • Get the current thread context
    • GetThreadContext()
  • Write shell-code to the remote process, or write a DLL to the remote process
    • GetProcAddress()
    • LoadLibrary()
    • WriteProcessMemory()
  • Update EIP/RIP for the thread to our shell-code
    • SetThreadContext()