C# DLL Injection - Call Method of Running Application2019 Community Moderator ElectionCorrect Way to Load Assembly, Find Class and Call Run() MethodCalling the base constructor in C#Call a function from an injected DLLHow to call asynchronous method from synchronous method in C#?Calling function in injected DLLHOOK C# method in DLLCalling function in unmanaged injected dllC++ & Windows - DLL Injection by NtCreateThreadEx function is not workedDebugging .DLL Injection Issue - Breakpoint On Supposedly Executing Code Not Being Hitcalling an managed dll from an unmanaged dll file (that is injected into the running process)Executing code in main thread via dll injection
Help prove this basic trig identity please!
Synchronized implementation of a bank account in Java
How do hiring committees for research positions view getting "scooped"?
Comment Box for Substitution Method of Integrals
Why is there so much iron?
Do native speakers use "ultima" and "proxima" frequently in spoken English?
PTIJ What is the inyan of the Konami code in Uncle Moishy's song?
A Ri-diddley-iley Riddle
Fewest number of steps to reach 200 using special calculator
Existence of a celestial body big enough for early civilization to be thought of as a second moon
If "dar" means "to give", what does "daros" mean?
Am I eligible for the Eurail Youth pass? I am 27.5 years old
Is there a hypothetical scenario that would make Earth uninhabitable for humans, but not for (the majority of) other animals?
PTIJ: Why do we blow Shofar on Rosh Hashana and use a Lulav on Sukkos?
Print a physical multiplication table
Geography in 3D perspective
What is the term when voters “dishonestly” choose something that they do not want to choose?
Turning a hard to access nut?
Calculate the frequency of characters in a string
In what cases must I use 了 and in what cases not?
Can a medieval gyroplane be built?
Can a wizard cast a spell during their first turn of combat if they initiated combat by releasing a readied spell?
How does 取材で訪れた integrate into this sentence?
How to generate binary array whose elements with values 1 are randomly drawn
C# DLL Injection - Call Method of Running Application
2019 Community Moderator ElectionCorrect Way to Load Assembly, Find Class and Call Run() MethodCalling the base constructor in C#Call a function from an injected DLLHow to call asynchronous method from synchronous method in C#?Calling function in injected DLLHOOK C# method in DLLCalling function in unmanaged injected dllC++ & Windows - DLL Injection by NtCreateThreadEx function is not workedDebugging .DLL Injection Issue - Breakpoint On Supposedly Executing Code Not Being Hitcalling an managed dll from an unmanaged dll file (that is injected into the running process)Executing code in main thread via dll injection
Lets say I have an executable 'foobar.exe' written in C# and now compiled, running on a Windows box. One of the functions in the application is the following (example):
public static async Task LoadBox(string msg)
System.Windows.Forms.MessageBox.Show(msg);
I would like to write a DLL in C# that calls this method in the application. The DLL, say 'injected.dll', will be injected into the running 'foobar.exe' process using the injector referenced here: http://www.codingvision.net/miscellaneous/c-inject-a-dll-into-a-process-w-createremotethread
Is it possible from the newly injected DLL to call the public function in the original exe? If so, any example code in C# would be appreciated.
c# dll-injection
asked Mar 6 at 21:59
acelivesacelives
133
add a comment |
Lets say I have an executable 'foobar.exe' written in C# and now compiled, running on a Windows box. One of the functions in the application is the following (example):
public static async Task LoadBox(string msg)
System.Windows.Forms.MessageBox.Show(msg);
I would like to write a DLL in C# that calls this method in the application. The DLL, say 'injected.dll', will be injected into the running 'foobar.exe' process using the injector referenced here: http://www.codingvision.net/miscellaneous/c-inject-a-dll-into-a-process-w-createremotethread
Is it possible from the newly injected DLL to call the public function in the original exe? If so, any example code in C# would be appreciated.
c# dll-injection
asked Mar 6 at 21:59
acelivesacelives
133
If the DLL is a .NET DLL, there's no need for using Windows API calls. Just useAssembly.LoadFromand similar (note that links to a "best practices" doc for loading assemblies).
– Heretic Monkey
Mar 6 at 22:04
Related, if not a dupe: Correct Way to Load Assembly, Find Class and Call Run() Method
– Heretic Monkey
Mar 6 at 22:07
To clarify, I will not be modifying the 'foobar.exe' application to load the DLL. Foobar.exe is a third-party application (which is written in C#), that I have identified a method within that I would like to call while the foobar.exe application is already running, by injecting a DLL into the running process and invoking its LoadBox method.
– acelives
Mar 6 at 22:13
My friend and I are discussing this right now. There is no way (within reason) to accomplish this. I have used injection many times but that wasn't trying to go across managed boundaries. It seems as if nobody is even reading your "running" requirement. I would speculate that C++/CLI 'might' give you a shot at it but that will be extremely difficult to say the least. Another option? Dissasemble the exe and do whatever you want to it.
– Señor CMasMas
Mar 6 at 22:17
Yeah, it is disassembled (decompiled, thanks MSIL!), and has been patched to do what I want. I'm really just curious about writing an executable that injects itself into the running process and then invokes the method, to bypass a check made by the program before it runs LoadBox(), so that I don't have to use a patched binary.
– acelives
Mar 6 at 22:55
add a comment |
Lets say I have an executable 'foobar.exe' written in C# and now compiled, running on a Windows box. One of the functions in the application is the following (example):
public static async Task LoadBox(string msg)
System.Windows.Forms.MessageBox.Show(msg);
I would like to write a DLL in C# that calls this method in the application. The DLL, say 'injected.dll', will be injected into the running 'foobar.exe' process using the injector referenced here: http://www.codingvision.net/miscellaneous/c-inject-a-dll-into-a-process-w-createremotethread
Is it possible from the newly injected DLL to call the public function in the original exe? If so, any example code in C# would be appreciated.
c# dll-injection
asked Mar 6 at 21:59
acelivesacelives
133
Lets say I have an executable 'foobar.exe' written in C# and now compiled, running on a Windows box. One of the functions in the application is the following (example):
public static async Task LoadBox(string msg)
System.Windows.Forms.MessageBox.Show(msg);
I would like to write a DLL in C# that calls this method in the application. The DLL, say 'injected.dll', will be injected into the running 'foobar.exe' process using the injector referenced here: http://www.codingvision.net/miscellaneous/c-inject-a-dll-into-a-process-w-createremotethread
Is it possible from the newly injected DLL to call the public function in the original exe? If so, any example code in C# would be appreciated.
c# dll-injection
c# dll-injection
asked Mar 6 at 21:59
acelivesacelives
133
asked Mar 6 at 21:59
acelivesacelives
133
asked Mar 6 at 21:59
acelivesacelives
133
asked Mar 6 at 21:59
acelivesacelives
133
asked Mar 6 at 21:59
acelivesacelives
133
133
If the DLL is a .NET DLL, there's no need for using Windows API calls. Just useAssembly.LoadFromand similar (note that links to a "best practices" doc for loading assemblies).
– Heretic Monkey
Mar 6 at 22:04
Related, if not a dupe: Correct Way to Load Assembly, Find Class and Call Run() Method
– Heretic Monkey
Mar 6 at 22:07
To clarify, I will not be modifying the 'foobar.exe' application to load the DLL. Foobar.exe is a third-party application (which is written in C#), that I have identified a method within that I would like to call while the foobar.exe application is already running, by injecting a DLL into the running process and invoking its LoadBox method.
– acelives
Mar 6 at 22:13
My friend and I are discussing this right now. There is no way (within reason) to accomplish this. I have used injection many times but that wasn't trying to go across managed boundaries. It seems as if nobody is even reading your "running" requirement. I would speculate that C++/CLI 'might' give you a shot at it but that will be extremely difficult to say the least. Another option? Dissasemble the exe and do whatever you want to it.
– Señor CMasMas
Mar 6 at 22:17
Yeah, it is disassembled (decompiled, thanks MSIL!), and has been patched to do what I want. I'm really just curious about writing an executable that injects itself into the running process and then invokes the method, to bypass a check made by the program before it runs LoadBox(), so that I don't have to use a patched binary.
– acelives
Mar 6 at 22:55
add a comment |
If the DLL is a .NET DLL, there's no need for using Windows API calls. Just useAssembly.LoadFromand similar (note that links to a "best practices" doc for loading assemblies).
– Heretic Monkey
Mar 6 at 22:04
Related, if not a dupe: Correct Way to Load Assembly, Find Class and Call Run() Method
– Heretic Monkey
Mar 6 at 22:07
To clarify, I will not be modifying the 'foobar.exe' application to load the DLL. Foobar.exe is a third-party application (which is written in C#), that I have identified a method within that I would like to call while the foobar.exe application is already running, by injecting a DLL into the running process and invoking its LoadBox method.
– acelives
Mar 6 at 22:13
My friend and I are discussing this right now. There is no way (within reason) to accomplish this. I have used injection many times but that wasn't trying to go across managed boundaries. It seems as if nobody is even reading your "running" requirement. I would speculate that C++/CLI 'might' give you a shot at it but that will be extremely difficult to say the least. Another option? Dissasemble the exe and do whatever you want to it.
– Señor CMasMas
Mar 6 at 22:17
Yeah, it is disassembled (decompiled, thanks MSIL!), and has been patched to do what I want. I'm really just curious about writing an executable that injects itself into the running process and then invokes the method, to bypass a check made by the program before it runs LoadBox(), so that I don't have to use a patched binary.
– acelives
Mar 6 at 22:55
If the DLL is a .NET DLL, there's no need for using Windows API calls. Just use
Assembly.LoadFrom and similar (note that links to a "best practices" doc for loading assemblies).– Heretic Monkey
Mar 6 at 22:04
If the DLL is a .NET DLL, there's no need for using Windows API calls. Just use
Assembly.LoadFrom and similar (note that links to a "best practices" doc for loading assemblies).– Heretic Monkey
Mar 6 at 22:04
Related, if not a dupe: Correct Way to Load Assembly, Find Class and Call Run() Method
– Heretic Monkey
Mar 6 at 22:07
Related, if not a dupe: Correct Way to Load Assembly, Find Class and Call Run() Method
– Heretic Monkey
Mar 6 at 22:07
To clarify, I will not be modifying the 'foobar.exe' application to load the DLL. Foobar.exe is a third-party application (which is written in C#), that I have identified a method within that I would like to call while the foobar.exe application is already running, by injecting a DLL into the running process and invoking its LoadBox method.
– acelives
Mar 6 at 22:13
To clarify, I will not be modifying the 'foobar.exe' application to load the DLL. Foobar.exe is a third-party application (which is written in C#), that I have identified a method within that I would like to call while the foobar.exe application is already running, by injecting a DLL into the running process and invoking its LoadBox method.
– acelives
Mar 6 at 22:13
My friend and I are discussing this right now. There is no way (within reason) to accomplish this. I have used injection many times but that wasn't trying to go across managed boundaries. It seems as if nobody is even reading your "running" requirement. I would speculate that C++/CLI 'might' give you a shot at it but that will be extremely difficult to say the least. Another option? Dissasemble the exe and do whatever you want to it.
– Señor CMasMas
Mar 6 at 22:17
My friend and I are discussing this right now. There is no way (within reason) to accomplish this. I have used injection many times but that wasn't trying to go across managed boundaries. It seems as if nobody is even reading your "running" requirement. I would speculate that C++/CLI 'might' give you a shot at it but that will be extremely difficult to say the least. Another option? Dissasemble the exe and do whatever you want to it.
– Señor CMasMas
Mar 6 at 22:17
Yeah, it is disassembled (decompiled, thanks MSIL!), and has been patched to do what I want. I'm really just curious about writing an executable that injects itself into the running process and then invokes the method, to bypass a check made by the program before it runs LoadBox(), so that I don't have to use a patched binary.
– acelives
Mar 6 at 22:55
Yeah, it is disassembled (decompiled, thanks MSIL!), and has been patched to do what I want. I'm really just curious about writing an executable that injects itself into the running process and then invokes the method, to bypass a check made by the program before it runs LoadBox(), so that I don't have to use a patched binary.
– acelives
Mar 6 at 22:55
add a comment |
1 Answer
1
active
oldest
votes
My approach would be to use the concepts of Reflection. We could make the EXE load an assembly through reflection, discover a Type and invoke a method on this Type and then pass an instance of a class in your EXE to this method, which in turn does a call back. A round about way - but it would work.
You can use the method System.Reflection.Assembly.LoadFrom( to load an assembly compiled for .NET. This is a fairly old technique, nothing new about it. Dependency contains and applications that are meant to load plugins post deployment are written using this method.
Step 1
Load the plugin assembly into the current Appdomain using System.Reflection.LoadFrom
Step 2
Find the Type in this plugin assembly by using Assembly.GetTypes()
Step 3
Pass an instance of a class defined in your EXE into the plugin and have the plugin do a call back. This is what an event call back would actually do.
Link
https://docs.microsoft.com/en-us/dotnet/api/system.activator.createinstance?view=netframework-4.7.2#System_Activator_CreateInstance_System_AppDomain_System_String_System_String_System_Boolean_System_Reflection_BindingFlags_System_Reflection_Binder_System_Object___System_Globalization_CultureInfo_System_Object___
answered Mar 6 at 22:10
Sau001Sau001
13517
add a comment |
Your Answer
StackExchange.ifUsing("editor", function ()
StackExchange.using("externalEditor", function ()
StackExchange.using("snippets", function ()
StackExchange.snippets.init();
);
);
, "code-snippets");
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "1"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f55032834%2fc-sharp-dll-injection-call-method-of-running-application%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
My approach would be to use the concepts of Reflection. We could make the EXE load an assembly through reflection, discover a Type and invoke a method on this Type and then pass an instance of a class in your EXE to this method, which in turn does a call back. A round about way - but it would work.
You can use the method System.Reflection.Assembly.LoadFrom( to load an assembly compiled for .NET. This is a fairly old technique, nothing new about it. Dependency contains and applications that are meant to load plugins post deployment are written using this method.
Step 1
Load the plugin assembly into the current Appdomain using System.Reflection.LoadFrom
Step 2
Find the Type in this plugin assembly by using Assembly.GetTypes()
Step 3
Pass an instance of a class defined in your EXE into the plugin and have the plugin do a call back. This is what an event call back would actually do.
Link
https://docs.microsoft.com/en-us/dotnet/api/system.activator.createinstance?view=netframework-4.7.2#System_Activator_CreateInstance_System_AppDomain_System_String_System_String_System_Boolean_System_Reflection_BindingFlags_System_Reflection_Binder_System_Object___System_Globalization_CultureInfo_System_Object___
answered Mar 6 at 22:10
Sau001Sau001
13517
add a comment |
My approach would be to use the concepts of Reflection. We could make the EXE load an assembly through reflection, discover a Type and invoke a method on this Type and then pass an instance of a class in your EXE to this method, which in turn does a call back. A round about way - but it would work.
You can use the method System.Reflection.Assembly.LoadFrom( to load an assembly compiled for .NET. This is a fairly old technique, nothing new about it. Dependency contains and applications that are meant to load plugins post deployment are written using this method.
Step 1
Load the plugin assembly into the current Appdomain using System.Reflection.LoadFrom
Step 2
Find the Type in this plugin assembly by using Assembly.GetTypes()
Step 3
Pass an instance of a class defined in your EXE into the plugin and have the plugin do a call back. This is what an event call back would actually do.
Link
https://docs.microsoft.com/en-us/dotnet/api/system.activator.createinstance?view=netframework-4.7.2#System_Activator_CreateInstance_System_AppDomain_System_String_System_String_System_Boolean_System_Reflection_BindingFlags_System_Reflection_Binder_System_Object___System_Globalization_CultureInfo_System_Object___
answered Mar 6 at 22:10
Sau001Sau001
13517
add a comment |
My approach would be to use the concepts of Reflection. We could make the EXE load an assembly through reflection, discover a Type and invoke a method on this Type and then pass an instance of a class in your EXE to this method, which in turn does a call back. A round about way - but it would work.
You can use the method System.Reflection.Assembly.LoadFrom( to load an assembly compiled for .NET. This is a fairly old technique, nothing new about it. Dependency contains and applications that are meant to load plugins post deployment are written using this method.
Step 1
Load the plugin assembly into the current Appdomain using System.Reflection.LoadFrom
Step 2
Find the Type in this plugin assembly by using Assembly.GetTypes()
Step 3
Pass an instance of a class defined in your EXE into the plugin and have the plugin do a call back. This is what an event call back would actually do.
Link
https://docs.microsoft.com/en-us/dotnet/api/system.activator.createinstance?view=netframework-4.7.2#System_Activator_CreateInstance_System_AppDomain_System_String_System_String_System_Boolean_System_Reflection_BindingFlags_System_Reflection_Binder_System_Object___System_Globalization_CultureInfo_System_Object___
answered Mar 6 at 22:10
Sau001Sau001
13517
My approach would be to use the concepts of Reflection. We could make the EXE load an assembly through reflection, discover a Type and invoke a method on this Type and then pass an instance of a class in your EXE to this method, which in turn does a call back. A round about way - but it would work.
You can use the method System.Reflection.Assembly.LoadFrom( to load an assembly compiled for .NET. This is a fairly old technique, nothing new about it. Dependency contains and applications that are meant to load plugins post deployment are written using this method.
Step 1
Load the plugin assembly into the current Appdomain using System.Reflection.LoadFrom
Step 2
Find the Type in this plugin assembly by using Assembly.GetTypes()
Step 3
Pass an instance of a class defined in your EXE into the plugin and have the plugin do a call back. This is what an event call back would actually do.
Link
https://docs.microsoft.com/en-us/dotnet/api/system.activator.createinstance?view=netframework-4.7.2#System_Activator_CreateInstance_System_AppDomain_System_String_System_String_System_Boolean_System_Reflection_BindingFlags_System_Reflection_Binder_System_Object___System_Globalization_CultureInfo_System_Object___
answered Mar 6 at 22:10
Sau001Sau001
13517
answered Mar 6 at 22:10
Sau001Sau001
13517
answered Mar 6 at 22:10
Sau001Sau001
13517
answered Mar 6 at 22:10
Sau001Sau001
13517
13517
add a comment |
add a comment |
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f55032834%2fc-sharp-dll-injection-call-method-of-running-application%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
If the DLL is a .NET DLL, there's no need for using Windows API calls. Just use
Assembly.LoadFromand similar (note that links to a "best practices" doc for loading assemblies).– Heretic Monkey
Mar 6 at 22:04
Related, if not a dupe: Correct Way to Load Assembly, Find Class and Call Run() Method
– Heretic Monkey
Mar 6 at 22:07
To clarify, I will not be modifying the 'foobar.exe' application to load the DLL. Foobar.exe is a third-party application (which is written in C#), that I have identified a method within that I would like to call while the foobar.exe application is already running, by injecting a DLL into the running process and invoking its LoadBox method.
– acelives
Mar 6 at 22:13
My friend and I are discussing this right now. There is no way (within reason) to accomplish this. I have used injection many times but that wasn't trying to go across managed boundaries. It seems as if nobody is even reading your "running" requirement. I would speculate that C++/CLI 'might' give you a shot at it but that will be extremely difficult to say the least. Another option? Dissasemble the exe and do whatever you want to it.
– Señor CMasMas
Mar 6 at 22:17
Yeah, it is disassembled (decompiled, thanks MSIL!), and has been patched to do what I want. I'm really just curious about writing an executable that injects itself into the running process and then invokes the method, to bypass a check made by the program before it runs LoadBox(), so that I don't have to use a patched binary.
– acelives
Mar 6 at 22:55