I know how to create a dll and link a program to that dll. But I have seen code for and heard of dlls that are executed everytime a program is. Somthing to the effect of CBT dlls? How do you make these?
I know how to create a dll and link a program to that dll. But I have seen code for and heard of dlls that are executed everytime a program is. Somthing to the effect of CBT dlls? How do you make these?
An executable only used the DLL's that it's linked against [or that it's DLL's are linked against]. Of course, some DLL's will be used by just about any application, such as kernel32.dll - even if the app itself isn't making system calls directly, it's pretty darn difficult to NOT make some system call throughout the entire program [and still do something meaningful within the program].
--
Mats
Compilers can produce warnings - make the compiler programmers happy: Use them!
Please don't PM me for help - and no, I don't do help over instant messengers.
Actually, there's a registry in NT-based systems that lists DLLs that are loaded into every process. Global hooks also involve DLLs being loaded into every process. Jeffrey Richter's "Programming Applications for Microsoft Windows" contains a whole chapter on DLL injection.
All the buzzt!
CornedBee
"There is not now, nor has there ever been, nor will there ever be, any programming language in which it is the least bit difficult to write bad code."
- Flon's Law
The only DLLs that are always loaded into every application are kernel32.dll and ntdll.dll since they participate in the initialization and/or exiting of the application. Ntdll does some general initialization and kernel32.dll calls the program entry point.
Well, technically global DLLs don't exist. Applications cannot share initialized memory, so they also cannot share DLL modules.
Last edited by maxorator; 03-12-2008 at 09:50 AM.
"The Internet treats censorship as damage and routes around it." - John Gilmore
I didn't want to use any hooks for "injection". If do, then security systems will say "this program's actions could harm your computer" which isn't so bad, it's just that almost everyone interprets that as "this program is going to destroy your computer". (I guess that's why the best publicly availible security system isn't at all popular.)
So I think that registry key is just what I was looking for.
Thanks for the replies.
Last edited by Yarin; 03-14-2008 at 10:06 AM.