DetourCopyPayloadToProcess

Copy a payload into a target process.

Definition

BOOL DetourCopyPayloadToProcess(
    _In_                     HANDLE hProcess,
    _In_                     REFGUID rguid,
    _In_reads_bytes_(cbData) LPCVOID pvData,
    _In_                     DWORD cbData
);

Parameters

hProcess : Process into which payload should be copied.

rguid : GUID of the specified payload.

pvData : Pointer to payload data.

pcbData : Size in bytes of payload data.

Return value

Returns TRUE if the payload was successfully copied to the target process; otherwise, returns FALSE.

Error codes

On failure, DetourCopyPayloadToProcess will return FALSE. Extended error code information may be retrieved by calling GetLastError.

Remarks

DetourCopyPayloadToProcess allocated a region of memory in the target process using the VirtualAllocEx API. It then uses the WriteProcessMemory API to create an artificial PE binary module in the target memory. In the artificial module, DetourCopyPayloadToProcess creates a .detours section with the specified payload data.

Code in the target process can find the payload by enumerating through all modules using the DetourEnumerateModules API and querying each module for the payload using the DetourFindPayload API.

Related Samples

Tracebld, WithDll.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

DetourCopyPayloadToProcess

DetourCopyPayloadToProcess

Definition

Parameters

Return value

Error codes

Remarks

Related Samples

Overview

API Reference

Clone this wiki locally