Original: Wang Shaohua transferred from: http://www.zdnet.com.cn/developer/code/story/0,2000081534,39142983-1,00.htm Step 1: First create a function myfunc in your process, we will put It is running in another process, where Windows calculator is a target process. Static DWORD WINAPI MyFunc (LPVOID PDATA) {// DO Something //// PDATA input item can be any type value // Here we will enter a DWORD value to make an example, and return return * (DWORD * PDATA;} static void aftermyfunc (}) {} There is a tip of TTATIC VOID AFTERMYFUNC (Void); for the following to determine our code size Step 2: Locate the target process, here is a calculator hWnd hstart = :: FindWindow (Text ("Scicalc"), NULL); Step 3: Get the target process handle, use two less common functions (of course, if you often do the projects of threads / processes, it is very familiar. ), But useful DWORD PID, TID; TID = :: getWindowThreadProcessId (hstart, & pid); HProcess = OpenProcess (Process_Access, False, PID); Step 4: With variable address space in the target process, here we allocate 10 bytes, and set to read and write Page_Readwrite, of course, can also be read-only, other signs, here is not explained.
