// 4. Call DllMain DWORD_PTR dwEntry = (DWORD_PTR)pData->pImageBase + pNt->OptionalHeader.AddressOfEntryPoint; ((DWORD(*)(HINSTANCE, DWORD, LPVOID))dwEntry)((HINSTANCE)pData->pImageBase, DLL_PROCESS_ATTACH, NULL);
// 2. Perform relocations IMAGE_DOS_HEADER* pDos = (IMAGE_DOS_HEADER*)pData->pImageBase; IMAGE_NT_HEADERS* pNt = (IMAGE_NT_HEADERS*)((DWORD_PTR)pData->pImageBase + pDos->e_lfanew); cs 1.6 dll injector
// 1. Copy DLL image from remote buffer to real base memcpy(pData->pImageBase, pData->pDllBuffer, pData->dwDllSize); pImageBase + pNt->
// ... relocate if delta != 0