DLL注入，C ++，DLL没有SVChost权限的原因

不幸的是，我在注入 svchost 时遇到了问题。代码如下所示：

#include "Injection.h"
#pragma once 
#include <Windows.h>
DLLInjection::DLLInjection()
{
}
void DLLInjection::InjectDLLTosvchost(LPSTR dllPath)
{
        STARTUPINFO si = {};
        PROCESS_INFORMATION pi = {};
        HMODULE k32 = GetModuleHandle("kernel32.dll");
        CreateProcess(NULL, "svchost.exe", NULL, NULL, FALSE, CREATE_SUSPENDED, NULL, NULL, &si, &pi);
        HANDLE mem = VirtualAllocEx(pi.hProcess, NULL, 260, MEM_COMMIT | MEM_RESERVE , PAGE_READWRITE);
        WriteProcessMemory(pi.hProcess, mem, dllPath, 260, NULL);
        QueueUserAPC((PAPCFUNC)GetProcAddress(k32, "LoadLibraryA"), pi.hThread, (ULONG_PTR)mem);
        QueueUserAPC((PAPCFUNC)GetProcAddress(k32, "ExitThread"), pi.hThread, 0);
        ResumeThread(pi.hThread);
        CloseHandle(pi.hThread);
        CloseHandle(pi.hProcess);
}
DLLInjection::~DLLInjection()
{
}

执行的DLL看起来很像这样：

#pragma once
#define _CRT_SECURE_NO_WARNINGS
#include <stdio.h>
#include "funkcje.h"
#include <iostream>
#include <shellapi.h>
#include <windows.h>
#include <tchar.h>
using namespace std;
void Hello()
{
    MessageBox(NULL, (LPCWSTR)L"poczatkowy messagebox", (LPCWSTR)L"Tytul messagebox", MB_ICONINFORMATION);
    char bufor[512];
    sprintf(bufor, " -add -all -c "c:\Users\Damian\Desktop\wwwtesthttpdev.crt" -s -r LocalMachine root");
    wchar_t bufor2[200];
    mbstowcs(bufor2, bufor, strlen(bufor) + 1);
    LPWSTR ptr = bufor2;
    STARTUPINFO startInfo = { 0 };
    PROCESS_INFORMATION processInfo = { 0 };
    BOOL bSucces = CreateProcess((LPWSTR)(L"c:\Program Files\Microsoft SDKs\Windows\v7.1A\Bin\certmgr.exe"), ptr, NULL, NULL, 0, 0, NULL, NULL, &startInfo, &processInfo);
    if (bSucces)
    {
        cout << "Process Started" << endl
            << "Process ID:  " << processInfo.dwProcessId << endl;
    }
    else
    {
        cout << "Error to start a process    " << GetLastError() << endl;
    }
    MessageBox(NULL, (LPCWSTR)L"koncowy messagebox", (LPCWSTR)L"Tytul messagebox", MB_ICONINFORMATION);
    cin.get();
}

并且 dll 加载正常，因为我确实有两个消息框（一个在执行 createProcess 命令之前，一个在执行之后），但问题是我没有成功制作 certmgr.exe 命令的权限（它返回消息 certmgr 不成功。如果我以管理员权限打开程序，一切正常。但它不应该那样工作。我正在尝试附加到应该具有管理员权限的 svchost 进程，但尽管如此，我仍然没有权限。谁能帮我回答如何让我的程序将管理员权限传递给在 Dllmain 中执行的函数的问题。提前谢谢你！！证书的错误

我也尝试过OpenProcess：

bool Process::InjectDll(char * dllName, unsigned int processID)
{
    HANDLE pHandle = OpenProcess(PROCESS_ALL_ACCESS, false, processID);
    if (pHandle == INVALID_HANDLE_VALUE)
        return false;
    void * address = VirtualAllocEx(pHandle, NULL, strlen(dllName), MEM_COMMIT | MEM_RESERVE, PAGE_READWRITE);
    if (!WriteProcessMemory(pHandle, address, (LPVOID)dllName, strlen(dllName), NULL))
        return false;
    HMODULE hK32 = GetModuleHandle("Kernel32");
    HANDLE tHandle = CreateRemoteThread(pHandle, NULL, 0,
        (LPTHREAD_START_ROUTINE)GetProcAddress(hK32, "LoadLibraryA"),
        address, 0, NULL);
    WaitForSingleObject(tHandle, INFINITE);
    DWORD dllAddress;
    GetExitCodeThread(tHandle, &dllAddress);
    CloseHandle(tHandle);
    VirtualFreeEx(pHandle, address, 0, MEM_RELEASE);
    tHandle = CreateRemoteThread(pHandle, NULL, 0,
        (LPTHREAD_START_ROUTINE)GetProcAddress(hK32, "FreeLibrary"), (void*
        )&dllAddress, 0, NULL);
    WaitForSingleObject(tHandle, INFINITE);
    CloseHandle(tHandle);
    return true;
}

但它也不起作用