Looking for Some hints regarding manual mapping & Injection

[joshi205]

Hey, as the title stated, im looking for some guidance/resources regarding manually mapping a dll into wow, because im failing to do so and spend the better part of the last 3 weeks trying to do so without getting it to work.

I created a manual mapper more or less from scratch, that maps the dll file, relocates sections, resolves imports etc. and at the end calls the dll entry point.
The mapper works on all targets i tried, but not on wow. The dll isnt the problem either, it works fine with LoadLibrary from a remote thread.

I start wow suspended, clear the tls callbacks temporarily, map the dll into wow, then create the thread and call dll main. Then I restore the tls callbacks and resume wow. This "works" as far as the dllmain beeing called correctly and executed, but when the main wow thread resumes, it doesnt load wow, I just get a Message box saying that the init failed, and wow exits after the box.
If I dont clear the tls, the thread calling dll main wont run correctly and wow just crashes.
I tried a lot of other things, hijacking the main thread and redirecting it to call the dllmain, then redirecting it back to the tls callbacks, again, no luck.

I then tried well known manual map libraries with blackbone, and GH injectors manual map methods, thinking i maybe messed up somewhere (which is not unlikely) but they also fail with most methods.
KernelCalback and SetWindowsHook are working, which also hint at the creation of a new thread to call the dll main beeing the problem because of tls.

Is there something glaringly obvious im overlooking? I know i can just use loadlibrary and unlink from the peb and probably be okay, but at this point this thing annoys me so much that I want to understand whats happening and learn how to circumvent it.

[air999]

Load wow as normal process, manual map your dll into it. then try route main thread flow to your code (it's up to you). you need main thread to call lua etc. do not create new thread. do not hook wow .text section

[Van152]

check out hookloader, its an opensource injector that is using SetWindowsHookEx to inject your dll, its working flawless without any problem for me.
I use it currently but want to switch to kernel anyway later on