views:

632

answers:

4

I was wondering if its possible to inject a thread into a remote app domain running in a separate process.

My guess is that I could do this using the debugging interfaces (ICorDebug) but I was wondering if there is any other way?

+1  A: 

There was recently an announcement of a new facility Mono provides to do just this. See this post on assembly injection.

Rob Walker
A: 

Mike Stall has an interesting sample on how to use CreateRemoteThread to inject remote threads in managed apps.

This answer is still incomplete, cause I would like to run new code in the remote appdomain. I guess I could try creating 1 new thread that loads a library for me, and another that will call a place in my new library to do the work.

Sam Saffron
A: 

There's another way by using SetThreadContext, and by changing the EIP of the target process. However i don't know how you would do that in C#.

Ghirai
A: 

This can be done there is sample code in snoop It sets up a hook, and using managed c++ tells the appdomain to load an assembly. Really impressive ...

Sam Saffron