Click here to Skip to main content
13,506,708 members
Rate this:
Please Sign up or sign in to vote.
See more:
Good day.

I've made a DLL in which I export a function. I attach the DLL to a process and then I want to call that function in that process space from another process.

Here's the exported function:

__declspec(dllexport) DWORD WINAPI doSomething(LPVOID param)
    MessageBox(NULL, "doSomething()", "", 0);
    if (Switch::getInstance().currentStatus() == ON) {
    } else {

    return 0;

I figured it could be done the same way you do DLL injection so I just went ahead and made a small test app like this:

assert(hProcess != NULL);

HMODULE dllModule = LoadLibrary("Switch.dll");
assert(dllModule != NULL);

FARPROC functionStart = GetProcAddress(dllModule, "?doSomething@@YGKPAX@Z");
assert(functionStart != NULL);

assert(CreateRemoteThread(hProcess, NULL, 0, (LPTHREAD_START_ROUTINE)functionStart, NULL, 0, NULL) != NULL);

printf("Switch toggled\n");


The idea is that instead of supplying the address of LoadLibrary (the way it's done during dll injection) to CreateRemoteThread I supply the address to my function.

Anyway, I inject the dll into the target process and then run the above code but the target proces crashes with 0xC0000005 error code (access violation if I'm not wrong).

Any ideas what's wrong?
Posted 8-May-11 10:38am

1 solution

Rate this: bad
Please Sign up or sign in to vote.

Solution 1

Crashes where exactly?

You need to run this under the debugger to find the exact line it crashes on. Usually, knowing what is happening leads to a solution.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
Top Experts
Last 24hrsThis month

Advertise | Privacy |
Web01 | 2.8.180417.1 | Last Updated 8 May 2011
Copyright © CodeProject, 1999-2018
All Rights Reserved. Terms of Service
Layout: fixed | fluid

CodeProject, 503-250 Ferrand Drive Toronto Ontario, M3C 3G8 Canada +1 416-849-8900 x 100