Detour框架注入样本无法正常启动(0x000007b)

Detour框架的主要功能为hook、注入，百度上多数的信息是hook的，而我没有找到注入的完整代码，在尝试自己写的过程中，发生了致命错误

 

 

 

查看官方文档：

错误原因是dll中没有导出函数：__declspec

可以参考官方提供的sample\einst\edll系列中的代码进行修改

官方dll代码如下：

 1 #include 
 2 #include 
 3 #include 
 4 
 5 #pragma comment(lib, "detours.lib")
 6 
 7 typedef struct _CPrivateStuff
 8 {
 9     DETOUR_SECTION_HEADER   header;
10     DETOUR_SECTION_RECORD   record;
11     CHAR                    szMessage[32];
12 }CPrivateStuff;
13 
14 #pragma data_seg(".detour")
15 
16 static CPrivateStuff private_stuff = {
17     DETOUR_SECTION_HEADER_DECLARE(sizeof(CPrivateStuff)),
18     {
19         (sizeof(CPrivateStuff) - sizeof(DETOUR_SECTION_HEADER)),
20         0,
21         { /* d9ab8a40-f4cc-11d1-b6d7-006097b010e3 */
22             0xd9ab8a40,
23             0xf4cc,
24             0x11d1,
25             { 0xb6, 0xd7, 0x00, 0x60, 0x97, 0xb0, 0x10, 0xe3 }
26         }
27     },
28     "The First Dll!"
29 };
30 #pragma data_seg()
31 
32 __declspec(dllexport) VOID WINAPI EDll1Function(VOID)
33 {
34     return;
35 }
36 
37 __declspec(dllexport) ULONG WINAPI
38 DllMain(HINSTANCE hInstance, DWORD dwReason, PVOID lpReserved)
39 {
40     (void)hInstance;
41     (void)dwReason;
42     (void)lpReserved;
43     return TRUE;
44 }

注入代码：

#include 
#include 
#include 
#pragma comment(lib, "detours.lib")

int main()
{
    char DirPath[MAX_PATH];
    char DLLPath[MAX_PATH];

    STARTUPINFO si = { 0 };
    PROCESS_INFORMATION pi = { 0 };

    ZeroMemory(&si, sizeof(STARTUPINFO));
    ZeroMemory(&pi, sizeof(PROCESS_INFORMATION));
    si.cb = sizeof(STARTUPINFO);
    si.dwFlags = STARTF_USESHOWWINDOW;
    si.wShowWindow = SW_SHOW;

    GetCurrentDirectory(MAX_PATH, DirPath);
    sprintf_s(DLLPath, MAX_PATH, "%s\\dll32.dll", DirPath);

    DetourCreateProcessWithDllEx(NULL, "C:\\Windows\\System32\\notepad.exe", NULL, NULL, TRUE, CREATE_DEFAULT_ERROR_MODE, NULL, NULL, &si, &pi, DLLPath, NULL);
    return 0;
}