API tools faq
paste
Advertisement
Guest User

bs

a guest
Nov 21st, 2014
153
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 1.73 KB | None | 0 0
raw download clone embed print report
  1. #include <windows.h>
  2. #include <winternl.h>
  3. #include <stdio.h>
  4.  
  5. __declspec(noinline)
  6. __declspec(naked)
  7. typedef struct _PROCESS_BASIC_INFORMATION
  8. {
  9. NTSTATUS ExitStatus;
  10. PPEB PebBaseAddress;
  11. ULONG_PTR AffinityMask;
  12. KPRIORITY BasePriority;
  13. HANDLE UniqueProcessId;
  14. HANDLE InheritedFromUniqueProcessId;
  15. } PROCESS_BASIC_INFORMATION, *PPROCESS_BASIC_INFORMATION;
  16.  
  17. NTSTATUS CallNtQueryInformationProcess(
  18. NTSTATUS NtQueryInformationProcess(
  19. __in HANDLE ProcessHandle,
  20. __in PROCESSINFOCLASS ProcessInformationClass,
  21. __out_bcount(ProcessInformationLength) PVOID ProcessInformation,
  22. __in ULONG ProcessInformationLength,
  23. __out_opt PULONG ReturnLength
  24. )
  25. )
  26. {
  27. __asm {
  28. mov eax, 0x00A1 /* WIndows Server 2003 SP1 */
  29. mov edx, 0x7FFE0300 /* KUSER_SHARED_DATA syscall stub */
  30. call dword ptr [edx] /* call the stub code */
  31. ret
  32. }
  33. }
  34.  
  35. int main(int argc, char *argv[])
  36. {
  37. int i =0;
  38. PROCESS_BASIC_INFORMATION basicInfo;
  39. __try {
  40. NTSTATUS i= CallNtQueryInformationProcess(NtCurrentProcess(),ProcessInformationClass, &basicInfo, sizeof(basicInfo), NULL);
  41. i=basicInfo.UniqueProcessId;
  42.  
  43. }
  44. __finally{
  45.  
  46. }
  47. return i;
  48. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!