How does DLL injection in Windows typically start?

DLL injection in Windows typically begins with the process of opening the target process. This is achieved through the use of the ‘OpenProcess’ function. When an attacker or an application wants to inject a DLL into a process, the first step is to gain a handle to that process. This handle allows the injector to perform operations, such as reading from or writing to the process's memory.

Once the target process is open, the subsequent steps usually involve allocating memory within that process's address space, writing the path of the DLL to that allocated memory, and then creating a remote thread to load the DLL. The ability to open a process with the required permissions is critical, as attempting to manipulate another process's memory without this step would not be possible.

This initial action of acquiring a handle through ‘OpenProcess’ is foundational and paves the way for further actions to successfully carry out the DLL injection. Other techniques, like memory allocation and execution, rely on this fundamental process being completed first.