关于Win32核心编程中DLL注入后无反应的解决办法

#include
#include
HINSTANCE hProcess;
PWSTR pszLibFileRemote;
HINSTANCE hThread;
void StartInject(int ProcessID, char * DllName);
void OverInject(char * DllName);
void EnableDebugPrivilege(HANDLE processHandle);
int main(int argc, char* argv[])
{
int processid = 0;
char DllName[50] = "Win32DLL.dll";
while (1)
{
//ZeroMemory(DllName, sizeof(DllName));
printf("please input the process id:\n");
scanf("%d", &processid);

    EnableDebugPrivilege(GetCurrentThread());
    StartInject(processid, DllName);
    OverInject(DllName);
}
return 0;

}
void StartInject(int ProcessID, char * DllName)
{

//打开进程，申请访问;
hProcess = OpenProcess(PROCESS_ALL_ACCESS, 0, ProcessID);

if (hProcess == NULL)
{
    printf("进程不允许访问!");
    getchar();
    exit(0);
}
int cch = 1 + lstrlenW(DllName);
int cb = cch * sizeof(WCHAR);

pszLibFileRemote = (PWSTR)VirtualAllocEx(hProcess, NULL, cb, MEM_COMMIT, PAGE_READWRITE);//为DllName在远程线程空间分配内存；
if (pszLibFileRemote == NULL)
{
    printf("在远程线程空间为DllName分配内存失败！");
    getchar();
    exit(0);
}
if (!WriteProcessMemory(hProcess, pszLibFileRemote, (PVOID)DllName, cb, NULL))
{
    printf("在拷贝DllName到远程线程内存地址空间时失败！");
    getchar();
    exit(0);
}
/*得到LoadLibraryW在内核（kernel32.dll中的地址）*/
PTHREAD_START_ROUTINE pfnThreadRtn = (PTHREAD_START_ROUTINE)
    GetProcAddress(GetModuleHandle(TEXT("Kernel32")), "LoadLibraryW");
if (pfnThreadRtn == NULL)
{
    printf("在得到函数地址时出现错误：\n函数名：LoadLibraryW（加载动态链接库）");
    getchar();
    exit(0);
}
hThread = CreateRemoteThread(hProcess, NULL, 0,pfnThreadRtn, pszLibFileRemote, 0, NULL);
if (hThread == NULL)
{
    printf("创建远程线程失败，错误代码：%d",GetLastError());        
    getchar();
    exit(0);
}

}
void OverInject(char * DllName)
{
if (DllName != NULL)
VirtualFreeEx(hProcess, DllName, 0, MEM_RELEASE);

if (hThread != NULL)
    CloseHandle(hThread);

if (hProcess != NULL)
    CloseHandle(hProcess);

}

void EnableDebugPrivilege(HANDLE processHandle)
{
HANDLE hToken;
LUID sedebugnameValue;
TOKEN_PRIVILEGES tkp;

if (!OpenProcessToken(processHandle, TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hToken))
{
    printf("OpenProcessToken");
    return;
}
if (!LookupPrivilegeValue(NULL, SE_DEBUG_NAME, &sedebugnameValue))
{
    printf("LookupPrivilegeValue");
    CloseHandle(hToken);
    return;
}

tkp.PrivilegeCount = 1;
tkp.Privileges[0].Luid = sedebugnameValue;
tkp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;

if (!AdjustTokenPrivileges(hToken, FALSE, &tkp, sizeof tkp, NULL, NULL))
{
    printf("AdjustTokenPrivileges");
    CloseHandle(hToken);
}

}

然后DLL中是这样的：
#include
#include

int WINAPI DllMain(HINSTANCE hInstance, DWORD fdwReason, PVOID pvReserved)
{

switch (fdwReason)
{
case DLL_PROCESS_ATTACH:
//The DLL is being mapped into the process's address space.
MessageBoxW(NULL, "这是一个确定 取消的消息框！", "标题", MB_OKCANCEL);
break;

case DLL_THREAD_ATTACH:
//A thread is being created.
break;

case DLL_THREAD_DETACH:
//A thread is exiting cleanly.
break;

case DLL_PROCESS_DETACH:
//The DLL is being unmapped from the process's address space.
break;
}
/*MessageBoxW(NULL, "这是一个确定 取消的消息框！", "标题", MB_OKCANCEL);*/
return(TRUE);  // Used only for DLL_PROCESS_ATTACH

}