DetourCreateProcessWithDllEx does not work in some EXE

[liulangdeyeshou]

Instructions

When using DetourCreateProcessWithDllEx, I found some EXE (for example, the x86 console I developed) success, some (usually are some third party business program) failed. The DLL.cpp code I tested is as follows: ` #include "pch.h"

#include <stdio.h>

__declspec(dllexport) ULONG WINAPI DllMain( HMODULE hModule, DWORD ul_reason_for_call, LPVOID lpReserved ) { printf(“=====>DllMain...\n"); switch (ul_reason_for_call) { case DLL_THREAD_ATTACH: case DLL_THREAD_DETACH: case DLL_PROCESS_ATTACH: case DLL_PROCESS_DETACH: break; } return TRUE; }

` All of my own x86 consoles can show these content "=====> DllMain..." on the terminal. But third party business program can not. btw, all DetourCreateProcessWithDllEx returns TRUE, including third party business program.

What might be the cause of this problem? Did I miss something?

[mooooonlight]

I think the problem is simply because printf only prints strings to stdout, and when you open the console, you can see standard output, so you can see the "=====> DllMain...", and when you open the desktop application, there is no place to display standard output, so it looks like "failed", but it's actually successful. You can try popping up a MessageBox in the desktop application.

For example, i generated a dll from the above code in the issue: issue230.dll, use withdll.exe to inject it to notepad.exe(whitdll.exe use DetourCreateProcessWithDllEx too.), no "===> DllMain".

PS D:\Code\BCM\Detours\Detours\bin.X86> .\withdll.exe -d:issue230.dll notepad.exe
withdll.exe: Starting: `notepad.exe'
withdll.exe:   with `D:\Code\BCM\Detours\Detours\bin.X86\issue230.dll'

when i inject it to cmd.exe， i get this output in console.

PS D:\Code\BCM\Detours\Detours\bin.X86> .\withdll.exe -d:issue230.dll cmd
withdll.exe: Starting: `cmd'
withdll.exe:   with `D:\Code\BCM\Detours\Detours\bin.X86\issue230.dll'
==== = > DllMain...

[zeltrax00]

Use OutputDebugString and open DebugView to see log.