I would like to do what Iczelion's IczDump do... Make an external DLL having the same privileges as the "official" ones, by injecting it in some way... Is there somebody who know how to do this? Tanxalot, Sea
Of course, I do :) IczDump needs an injector prog that loads the program you want to work with with CreateProcess. It specifies CREATE_SUSPENDED flag so the target stays inactive. During that time, the injector modifies the code at the entrypoint to make the target load the iczdump dll into its process. After that, the injector calls ResumeThread to let the target run. The target will load the dll immediately. When the dll is loaded, it restores the target to its orginal condition and jump to the entrypoint again. So the target never knows that it loads iczdump dll.