ElliotKillick
Another technique?
Hey, I was diving into this subject while opening this bug that drove me crazy (If you have answer I would be happy to hear what you think about that). Anyway I was thinking of another technique: Within DllMain, creating a thread that waits on DllMain to finish, and only then resumes to run the payload. If it sounds good to you let me know and I can PR that.
Hey, I was diving into this subject while opening this bug that drove me crazy (If you have answer I would be happy to hear what you think about that). Anyway I was thinking of another technique: Within DllMain, creating a thread that waits on DllMain to finish, and only then resumes to run the payload. If it sounds good to you let me know and I can PR that.
Or you can just use QueueUserAPC like so:
VOID CALLBACK CallWithoutLoaderLock(ULONG_PTR dwParam)
{
// Do your stuff here
}
BOOL APIENTRY DllMain( HINSTANCE hinstDLL,
DWORD ul_reason_for_call,
LPVOID lpReserved
)
{
switch (ul_reason_for_call)
{
case DLL_PROCESS_ATTACH:
if (!QueueUserAPC(CallWithoutLoaderLock, GetCurrentThread(), 0))
std::abort();
case DLL_THREAD_ATTACH:
case DLL_THREAD_DETACH:
case DLL_PROCESS_DETACH:
break;
}
return TRUE;
}
