主要代码如下:
#include <Windows.h>
#include <stdlib.h>
#include <stdio.h>
#include "detours.h"
#pragma comment(lib, "detours.lib")
int main() {
STARTUPINFO si = { sizeof(si) };
PROCESS_INFORMATION pi;
LPCWSTR targetApp = L".\\Victim.exe";
LPCSTR hookDll = ".\\MyHook64.dll";
BOOL result = DetourCreateProcessWithDllExW(
targetApp, NULL, NULL, NULL, FALSE,
0, NULL, NULL,
&si, &pi, hookDll, NULL
);
if (!result) {
printf("Failed to start process!, Error: %d\n", GetLastError());
return 1;
}
printf("Process started and DLL injected!\n");
WaitForSingleObject(pi.hProcess, INFINITE);
DWORD exitCode;
GetExitCodeProcess(pi.hProcess, &exitCode);
printf("Target process exited with code: 0x%x\n", exitCode);
return 0;
}
然而,运行时却首先出现了 Process started and DLL injected! 的输出,然后又出现了 0xc000007b 的报错。此外,直接使用 CreateProcess 来运行 Victim.exe 时,不会出现错误,而在 Victim.exe 中使用 LoadLibrary 加载 MyHook.dll 时,也没有出现错误,并且成功实现了 Hook 功能。那么,为什么 DetourCreateProcessWithDllEx 会失败呢?