#include <WinAPISys.au3>
#include <WinAPIProc.au3>
#include <WinAPIMem.au3>
#include <WinAPIHObj.au3>
#include <Memory.au3>


Func _InjectDll($sPid, $sDllPath)
   $tModulePath = DllStructCreate('wchar[255]')
   DllStructSetData($tModulePath, 1, $sDllPath)
   If not ProcessExists($sPid) or not FileExists($sDllPath) or not StringRight($sDllPath, 4) = '.dll' Then Return SetError(1, 0, False)
   $sModuleHandle = _WinAPI_GetModuleHandle('kernel32.dll')
   $sFunctionStartAddress = _WinAPI_GetProcAddress($sModuleHandle, 'LoadLibraryW')
   If $sFunctionStartAddress = 0 Then Return SetError(2, 0, False)
   $sProcessHandle = _WinAPI_OpenProcess($PROCESS_ALL_ACCESS, False, $sPid, True)
   If @error Then Return SetError(4, 0, False)
   $sMemoryAlloc = _MemVirtualAllocEx($sProcessHandle, 0, DllStructGetSize($tModulePath), BitOR($MEM_COMMIT, $MEM_RESERVE), $PAGE_READWRITE)
   $sResult = _WinAPI_WriteProcessMemory($sProcessHandle, $sMemoryAlloc, DllStructGetPtr($tModulePath), DllStructGetSize($tModulePath), 0)
   If $sResult = False Then Return SetError(5, 0, False)
   $sDllReturn = DllCall('kernel32.dll', 'handle', 'CreateRemoteThread', 'handle', $sProcessHandle, 'ptr', 0, 'ulong_ptr', 0, 'ptr', $sFunctionStartAddress, 'ulong_ptr', $sMemoryAlloc, 'dword', 0, 'dword*', 0)
   If @error or $sDllReturn[0] = 0 Then Return SetError(6, 0, False)
   $sThreadHandle = $sDllReturn[0]
   _WinAPI_CloseHandle($sThreadHandle)
   _WinAPI_CloseHandle($sProcessHandle)
   Return True
EndFunc