private bool CreateProcessACallback(string lpApplicationName, string lpCommandLine, IntPtr lpProcessAttributes, IntPtr lpThreadAttributes, bool bInheritHandles, uint dwCreationFlags, IntPtr lpEnvironment, string lpCurrentDirectory, IntPtr lpStartupInfo, out ProcessInformation lpProcessInformation) { // Start the process suspended var result = UnsafeNativeMethods.CreateProcessA(lpApplicationName, lpCommandLine, lpProcessAttributes, lpThreadAttributes, bInheritHandles, dwCreationFlags | UnsafeNativeMethods.CreateSuspended, lpEnvironment, lpCurrentDirectory, lpStartupInfo, out lpProcessInformation); // Inject the hooking DLL (and resume the process) RemoteHooking.Inject(lpProcessInformation.dwProcessId, EntryPoint.AssemblyStrongName, EntryPoint.AssemblyStrongName, // Custom arguments _implementationDir, _registryFilter, _relaunchControl); return result; }
public static extern bool CreateProcessA(string lpApplicationName, string lpCommandLine, IntPtr lpProcessAttributes, IntPtr lpThreadAttributes, bool bInheritHandles, uint dwCreationFlags, IntPtr lpEnvironment, string lpCurrentDirectory, IntPtr lpStartupInfo, out ProcessInformation lpProcessInformation);