PE-inject documentation

The InjectFile function injects a DLL file into host Windows executable.

DWORD InjectFile(
 LPCSTR lpInputFile, 	// host application (will be injected)
 LPCSTR lpOutputFile, 	// name of file in which the result will be stored
 LPCSTR lpDllFile, 	// injection DLL
 LPVOID lpExtraData,	// pointer to extra data
 DWORD dwExtraDataSize,	// size of extra data
 DWORD dwFlags		// injection options
);

Parameters

lpInputFile

Points to a null-terminated string containing the host application file name. File must be a 32-bit Windows Portable executable.

lpOutputFile

Points to a null-terminated string containing the name of resulting file. If the file exists, it will be overwritten.

lpDllFile

Points to a null-terminated string containing the name of DLL file, which will be injected into host application.

lpExtraData

Pointer to a memory location containing extra data, which should be included into resulting executable. The pointer to extra data will be passed to BeforeHandlers and AfterHandlers functions in the STUB_CONFIGURATION structure. This parameter can be NULL to indicate that no extra data should be included.

dwExtraDataSize

Determines the size of extra data. If lpExtraData is NULL, the dwExtraData parameter should be zero.

dwFlags

Set of bit flags that specify how the executable should be processed. To configure the behavior, use one or more of the following values:

INJECT_FLAG_DOIMPORTS: tells the PE-inject stub to process import table of host application. If you do not specify this flag, you will have to process them in BeforeHandlers or AfterHandlers.
INJECT_FLAG_JUMPTOOEP: this will save the entry point of host executable and jump to it, after all startup operations finished. If you do not specify it, it won't be saved, you will have to save it manually and manually perform the jump to entrypoint.
INJECT_FLAG_HANDLERELOC: enables relocation handling routines. If you do not specify this, you will have to handle relocations manually.
INJECT_FLAG_STRIPRELOCS: this will strip away the relocations. This is possible only for EXE files, DLL's can't have the relocatins stripped. If specified, it will reduce resulting executable size by a few kilobytes.
INJECT_FLAG_COMPRESSDLL: enables the compression of injected DLL file. It will reduce resulting executable size at the cost of several miliseconds delay while unpacking the linked DLL everytime the host application is executed.
JCALG1 compression by Jeremy Collake is being used.
INJECT_FLAG_BACKUPTLS: this will make a backup of Tread Local Storage. It is recommended to keep this option enabled, unless you know what you are doing :)

Return Values
If the function succeeds, the return value is zero.
If the function fails, the return value is nonzero and the error code is one of INJECT_ERR_... constants.