DLL injection

In computer programming, DLL injection is a technique used for running code within the address space of another process by forcing it to load a dynamic-link library.

[1][2][3] For example, the injected code could hook system function calls,[4][5] or read the contents of password textboxes, which cannot be done the usual way.

If this fails the DLL is locally freed, the former address range is marked as reserved, and the LoadLibrary() call is tried again.

function calls, to DLLs loaded by the foreign process are adjusted according to the dependencies of the copied DLL.

Luckily DLLs usually have preferred loading addresses which are honored by the kernel's loader.