[Question] Injection Problems <Windows8>

[artfulwave]

Lately , after i have upgraded from "windows 7 64-bit ultimate " to " windows 8 64-bit Pro "..All the injection methods seems to be impossible, i have tried to use all the injectors which i have coded and was working on win7 but failed, as soon as the DLL get injected the game/testd3d9.exe/etc crashes tried to run them in compatibility mode and still **** fails .
->CreateRemoteThread ( Fails )
-> NtCreateThread and its wrapper RtlCreateUserThread. ( Fails )
->Even when i downloaded win8 injector fails cheat engine too what`s more fails ? right , winject..
I think that`s enough to understand my problem pretty well, any solution guys ?

[Requi]

Ran as admin?

[artfulwave]

Quote:

Originally Posted by Requι

Ran as admin?

-_- Already running it as admin ( i have even added Run as admin manf in some of them / And tried by disabling UAC but failed too) ... Any other ?

[Dr. Coxxy]

are you injecting a 32bit compiled dll in a 64bit process or vice versa?

[artfulwave]

Quote:

Originally Posted by Dr. Coxxy

are you injecting a 32bit compiled dll in a 64bit process or vice versa?

Iam injecting a 32-bit Compiled DLL into 32-bit Process ( Crysis/Wolfteam/d3d9test).

[MrSm!th]

Why do those functions fail? What about GetLastError()?

[artfulwave]

Quote:

Originally Posted by MrSm!th

Why do those functions fail? What about GetLastError()?

That`s the wearied part of the problem.Indeed , the functions totally success but by than the program (which i have injected the DLL to) crashes
GetLastError() won`t be useful on this case because already no exception occurs
Any other idea ? :/

[Nightblizard]

Show us some Code of your .dll. I'm pretty sure you've done something wrong in there.

[artfulwave]

Quote:

Originally Posted by Nightblizard

Show us some Code of your .dll. I'm pretty sure you've done something wrong in there.

Huh ? Something what ?Dont be pretty sure.Even Cheat engine speed hack fails to get injected and i had n`t said that " I am too noobish and cant write a inject-able DLL" and i have tested more than 25 DLL not just a single one.

but well..what particularly you want to see in my code ?

[Nightblizard]

Quote:

Originally Posted by artfulwave

Huh ? Something what ?Dont be pretty sure.Even Cheat engine speed hack fails to get injected and i had n`t said that " I am too noobish and cant write a inject-able DLL" and i have tested more than 25 DLL not just a single one.

but well..what particularly you want to see in my code ?

Well, I'm pretty sure since it's working fine for me. And if it isn't your Code then you're doing something else wrong.


Some quick stuff for testing purposes:


Looks like this on my Win8 virtual Machine:



Virustotal:




If you want to test the .dll file itself make sure to use an injector which allows you to call exported functions since I'm not using DllMain. I've exported "Start" which will give you the "HAI" MessageBox and "End" which will give you the "BYE BYE" MessageBox.

[artfulwave]

Quote:

Originally Posted by Nightblizard

Well, I'm pretty sure since it's working fine for me. And if it isn't your Code then you're doing something else wrong.

If you want to test the .dll file itself make sure to use an injector which allows you to call exported functions since I'm not using DllMain. I've exported "Start" which will give you the "HAI" MessageBox and "End" which will give you the "BYE BYE" MessageBox.

Well , you are right..I am doing it this way->

Quote:

BOOL WINAPI DllMain(HMODULE hDll, DWORD dwReason, LPVOID lpReserved) {

switch(dwReason) {
case DLL_PROCESS_ATTACH:
blah blah blah

than i should re-write my DLL and Injector to support calling exported functions right ?

Quote:

#define Export __declspec(dllexport) // To export from DLL

but this means that Dllmain became useless ?

[MrSm!th]

Yes, then it would stay empty. Although that might be an advancement as Nightblizzard would suggest, it will not solve your problem I think.
Maybe it's really about your dlls or your target.

[Nightblizard]

Quote:

Originally Posted by artfulwave

Well , you are right..I am doing it this way->

than i should re-write my DLL and Injector to support calling exported functions right ?

That really depends on the "bla bla bla". However, you should only initialize stuff within DllMain, do not do anything else in it! It is not only very bad practise, it also might cause weird behavior like you're expecting right now.

Quote:

Originally Posted by artfulwave

but this means that Dllmain became useless ?

In most cases it does, yes. But as I've said, if you want to initialize stuff, then DllMain ist the place to do it. But even then you have to keep some things in mind like "don't call stuff that might block your thread" or "don't call stuff that might load another .dll" and other things like that.

You might want to read Microsofts remarks on DllMain to know what's okay an what isn't:

[artfulwave]

Quote:

Originally Posted by Nightblizard

you should only initialize stuff within DllMain, do not do anything else in it! It is not only very bad practise,

I know that pretty well i meant by blah blah CreateThread(....);/break; and the others cases case DLLDEATTACH case blah blah : break;
that all i meant by blah blah..
At the moment i do n`t even need to load any additional DLL(s)..And if i want to do so or anything else i will make a function like this

Quote:

void initialize(void) {
MessageBox(NULL,L"Any solution ??",L"Damn Problem",MB_OK | MB_ICONEXCLAMATION);
}

Quote:

Originally Posted by MrSm!th

it will not solve your problem Maybe it's really about your dlls or your target.

he is definitely right you have told me about a way that would work but why i cant inject the DLL by the normal way ? and if i wanna to use someone`s else stuff he won`t compile a special one for me..
I think the problem still hadn`t been solved :/
Any other idea ?