Get current process Id from DLL

Question

I have trying to hook WinApi using AppInitHook. So it works perfectly but I need to hook only some processes not all. The question is how to get process id where dll is loaded? For example dll was loaded for MyApp.exe, how can I get this process id?

Regarsd!

ps sorry im not hardcore WinApi programmer and my question mybe so easy, but its now hard for me)

score 2 · Answer 1 · answered Oct 31 '13 at 20:27

2

Look at the GetCurrentProcessId() function.

answered Oct 31 '13 at 20:27

Remy Lebeau

555,201
31
458
770

score 0 · Answer 2 · answered Aug 28 '16 at 17:42

0

To do something when DLL is loaded, you need to define DllMain function as in the code example below. Then you can get process ID when the process gets attached to the DLL (also in the code example).

BOOL APIENTRY DllMain(HMODULE hModule, DWORD  reasonForCall, LPVOID lpReserved)
{
    hModule; lpReserved;
    switch (reasonForCall) {
    case DLL_PROCESS_ATTACH:
    {
        uint32_t pid = GetCurrentProcessId();
        // Do something depending on the process ID in |pid|
        break;
    }
    case DLL_THREAD_ATTACH:
    case DLL_THREAD_DETACH:
    case DLL_PROCESS_DETACH:
        break;
    }
    return TRUE;
}

answered Aug 28 '16 at 17:42

Serge Rogatch

13,865
7
86
158

Actually do very little. Doing much of anything from DllMain is dangerous. – Steve Aug 28 '16 at 18:03
@Steve, why? Keeping this http://stackoverflow.com/questions/4496233/which-is-called-first-dllmain-or-global-static-object-constructor in mind, I think it's mostly safe. – Serge Rogatch Aug 28 '16 at 19:07
Google it. You'll get a truck load of reasons. The reason is that the loader lock is held in DllMain. – Steve Aug 30 '16 at 02:36

Get current process Id from DLL

2 Answers2