SetWindowsHookEx()
Using SetWindowsHookEx() to perform Remote Process Injection
HHOOK SetWindowsHookExA(
int idHook,
HOOKPROC lpfn,
HINSTANCE hmod,
DWORD dwThreadId
);
- Using a process ID get a thread ID which we want to hook into
GetThreadID()
- Load the DLL library, and get the address of the exported function you are going to call
LoadLibrary()LoadLibraryEx()GetProcAddress()
- Find a Window associated with the process name
FindWindow()
- Get the Window Thread ID
GetWindowThreadProcessId()
- Set a Hook into this thread ID so that when the event triggers, our DLL exported function gets called
SetWindowsHookEx()
- Optionally Unhook
UnhookWindowsHookEx()