Untitled

#ifdef linux

#include <stdio.h>
#include <unistd.h>
#include <linux/unistd.h>

int main() {
    int pidSyscall = (int) syscall(__NR_gettid);
    int pidUsermode = (int) getpid();

printf("linux");
    // check for invalid return value
    if (0 > pidSyscall) {
        perror("syscall(__NR_gettid)");
        fprintf(stderr, "%d\n", pidSyscall);
        return 1;
    }

    // check for invalid return value
	// (even if getpid() should not be able to produce an error because it is always succesfull, we are just too careful :P)
    if (0 > pidUsermode) {
        perror("getpid()");
        fprintf(stderr, "%d\n", pidUsermode);
        return 1;
    }

    printf("syscall: %d\nusermode-API: %d\n", pidSyscall, pidUsermode);
    return 0;
}

/* EndIf linux */
#elif _WIN32

#include <windows.h>
#include <winternl.h>
#include <stdio.h>

#include <process.h>

__declspec(noinline)
__declspec(naked)

NTSTATUS CallNtQueryInformationProcess(
        HANDLE ProcessHandle,
        PROCESSINFOCLASS ProcessInformationClass,
        PVOID ProcessInformation,
        ULONG ProcessInformationLength,
        PULONG ReturnLength)
{
        __asm {
                mov eax, 0x000000a1 // OS: Windows Server 2003 SP1 x86
                mov edx, 0x7FFE0300 /* KUSER_SHARED_DATA syscall stub */
                call dword ptr [edx] /* call the stub code */
                ret
            }
}

int printError(const char *msg, DWORD err) {
	LPSTR lpMsgBuf;
	if (FormatMessage(FORMAT_MESSAGE_ALLOCATE_BUFFER|
                      FORMAT_MESSAGE_FROM_SYSTEM |
                      FORMAT_MESSAGE_IGNORE_INSERTS,
                      NULL,
                      err, // Usually you put in GetLastError() directly here, we just use the parameter err (more flexible in case you would want to get the error from somewhere else)
                      MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT), // Default language
                      (LPTSTR) &lpMsgBuf,
                      0,
                      NULL ))
	{
		fprintf(stderr,"%s : %s\n",msg,lpMsgBuf);
		LocalFree(lpMsgBuf);
	}
	else {  // just in case FormatMessage fails with an error
		fprintf(stderr,"Error at FormatMessage: %d\n", err=GetLastError());
	}
	return err;
}

int main(int argc, char *argv[])
{
    NTSTATUS status;
    unsigned long pidSyscall = 0;
    unsigned long pidUsermode = 0;
    PROCESS_BASIC_INFORMATION outInfo;
    PULONG outLength;

	//GetCurrentProcess() returns a pseudo-handle, which is valid only in the context of the process who creates it
	//It's interpreted as the current process handle
	//Using DuplicateHandle creates a "real" handle of the current process (which is valid in context of other processes)
    HANDLE inHandle;
    status = DuplicateHandle(GetCurrentProcess(),
                             GetCurrentProcess(),
                             GetCurrentProcess(),
                             &inHandle,
                             0,
                             FALSE,
                             DUPLICATE_SAME_ACCESS);
	printf("windows");
     /* Error handling */
     if(!status) {
         return printError("DuplicateHandle", GetLastError());
     } /* EndOf Error Handling */

    status = CallNtQueryInformationProcess(inHandle,
                                           0,
                                           &outInfo,
                                           sizeof(outInfo),
                                           outLength);

    /* Error handling */
    if(status != 0) {
            return printError("CallNtQueryInformationProcess", GetLastError());
    } /* EndOf Error Handling */

    pidSyscall = outInfo.UniqueProcessId;
    pidUsermode = GetCurrentProcessId(); //User-mode function
    //pidUsermode = _getpid();    //also works, but also just calls GetCurrentProcessId()

    printf("syscall: %lu\n usermode-API: %lu\n", pidSyscall, pidUsermode);
    return 0;
}

#endif /* _WIN32 */