readme.txt

Dll进程注入 一种简单的方法隐藏进程 在dll中运行代码

(c) Janis Elsts AKA White Shadow
Updated : 21.09.2006
See also : http://w-shadow.com/
DLL injection code based on dllinject sample by Rezmond (www.projectbionet.com).
Freeware for non-commercial use.
  
This sample application + dll demonstrates how you can use DLL-injection to hide from NT Task Manager. Basically what you need to do is place most of your code in a dll (see testdll.dpr for a simple example), inject that DLL in an inconspicious process (like explorer.exe) and create a thread for your code to run in. Then you can do almost anything you could do in a normal Delphi application. See uDLLForm.pas for some notes and examples.

This only works on Windows NT.

To preserve system stability, the library is injected to calc.exe (so make sure you have Calculator running if you run this demo unmodified). In a real application you'd probably want to use explorer.exe as your host process.

To run the demo :
    1. Compile testdll.dpr
    2. Compile dllinject.dpr
    3. Run calc.exe
    4. Run dllinject.exe