Process Hacker Discussion Forum

 
lapaz17
New User
Posts: 1
Joined: 29 Jul 2021 08:16

AppCertDLLs does not work in GUI apps, why?

29 Jul 2021 08:19

Hi, I was trying to automatically inject a dll to every process (including GUI) whenever it is started by a user . My DLL hooks DoDragDrop method of winapi and communicates with server to decide allow or disallow the drag & drop process. I use easyhook (particularly (http://easyhook.github.io/tutorials/nat ... ehook.html) tutorial) for hooking part. I created a gist for my code : (https://gist.github.com/lapaz17/51d1ccd ... 0050c5c188)

In (https://www.chadduffey.com/2020/06/Wind ... tence.html)url it says: Doesn’t work reliably against GUI applications. Stick to console apps. No wonder it didn't work in microsoft edge, and chrome.
I also tried code parts in these urls:
(https://www.securityfocus.com/archive/1/540310)
(https://www.cyberforum.ru/win-api/thread304222.html)
Finally , I already (https://en.wikipedia.org/wiki/DLL_injection)my dll.

Is there any other way apart from appcertdlls? Thank you in advance.

Edit: I can't use appinitdlls, some users might have secure boot enabled.

Edit2: Seems like dlls in some tutorials is under system32 ((https://stackoverflow.com/questions/435 ... d-by-virus), and (http://rsdn.org/forum/asm/2308423.1)) , and I moved (https://github.com/lapaz17/ss/blob/main/test.png) under system32 too, but it did not
work.