I was very giddy hooking into another process might prove so simple. I've been using Easyhook for a while to hook into various loaded APIs. But I needed to hook into GetPrivateProfileInt to help out an old app, only prob was the approach I'd been using (overwriting
the LoadLibrary strings prior to letting the app go) would not get there before it is too late.
The setup seems very simple...
DbgAttachDebugger(); //does this do anything??
NTSTATUS InjectionStatus =
DbgDetachDebugger(); //guess not...
The DLL exports the proper entrypoint as described in the docs ("_NativeInjectionEntryPoint@4") except it's not possible to export with the underscore (http://msdn.microsoft.com/en-us/library/f6xx1b1z%28VS.80%29.aspx -- see bit about the underscore)
and I looked at the import table in the .dll and there was no underscore there either.
I don't however suspect that is the problem, because the docs say STATUS_INVALID_PARAMETER_4 means the library cannot be loaded. Funny because I load the library from the same process everytime, just never at this point I suppose.
There should be nothing in the way of this working. I tried every variation I could imagine over the course of what at least seemed like hours.
I've not had a ton of success attracting help here in the past.
But whatever you can spare would be a blessing.