Hello everybody.
I want to inject a process to run my codes in there.
But I can't use the DLL and some Windows Api functions to injected.
Also,CreateRemoteThread could not used.

So,problem is difficult to solve,but it's very funny,isn't it?

I tried to hook some functions,write shellcode to target process,then modified the function address,although the success,but this way is not good solution.

Who can help me think about it how to realize ,thanks.

DLL Proxies.. They work all the time, unless if the target process checks it (the DLL)before loading(i.e by way of CRC checksums) But you can still patch it.

Thanks for typedef reply.

I've tested DLL proxy,but it's not ok.
WriteProcessMemory,CreateRemoteThread,Dll proxy,all are not allowed.
Very abnormal condition,

Is there any other way?

There is another way called FWB (Firewall Bypass). Idea is something like this:

If you want to run both (Injected code and original application), then try to search "Reflective DLL Injection", It's the best method ever for now

Thanks for Overflowz reply.
I'll go to search about 'Reflective DLL Injection'.
The example above you said I have tried, but still be blocked.........
But Thanks everybody!
I will continue to find way!

Make sure you are logged in as an administrator. Many of the interprocess functions will fail for ordinary user access accounts.

Yea,my mean is the Antivirus software intercept it.

hihelp
Reflective DLL Injection is more advanced technique thus, AV's detect it really hard

Ok. The other way is to patch the process's entry point with a jump or find somewhere like a menu event and patch it with a jump to a LoadLibraryA API, that way the DLL can do the job.

@Overflowz
I've seen the Reflective DLL Injection article,but very hard to read...
Thank you so much!
@typedef
You said patch process,I've try it,^_^,Thannnks