Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #include "stdafx.h"
- #include <string>
- #include <iostream>
- int _tmain(int argc, _TCHAR* argv[])
- {
- LPCONTEXT lpThreadContext = 0;
- STARTUPINFO siStartupInfo;
- PROCESS_INFORMATION piProcessInfo;
- memset(&siStartupInfo, 0, sizeof(siStartupInfo));
- memset(&piProcessInfo, 0, sizeof(piProcessInfo));
- siStartupInfo.cb = sizeof(siStartupInfo);
- if (CreateProcessW(L"C:\\Windows\\System32\\notepad.exe", NULL, 0, 0, false, CREATE_SUSPENDED, 0, 0, &siStartupInfo, &piProcessInfo) != false)
- {
- // Success. Try to access the thread context
- std::wcout << "CreateProcessW() returned true!" << std::endl;
- if (GetThreadContext(piProcessInfo.hThread, lpThreadContext)) // On x86-64 Win7, this returns 998: ERROR_NOACCESS
- {
- std::wcout << "GetThreadContext(): Success! Thread context retrieved." << std::endl;
- }
- else
- {
- std::wcout << "GetThreadContext(): Unable to retrieve thread context: " << GetLastError() << std::endl;
- }
- // Terminate notepad.exe
- TerminateThread(piProcessInfo.hThread, 0);
- TerminateProcess(piProcessInfo.hProcess, 0);
- }
- else
- {
- std::wcout << "CreateProcessW() returned false: " << GetLastError() << std::endl;
- }
- // Cleanup
- CloseHandle(piProcessInfo.hProcess);
- CloseHandle(piProcessInfo.hThread);
- return 0;
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement