Advertisement
Guest User

Untitled

a guest
Jul 26th, 2010
954
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
C++ 1.27 KB | None | 0 0
  1. #include "stdafx.h"
  2. #include <string>
  3. #include <iostream>
  4.  
  5. int _tmain(int argc, _TCHAR* argv[])
  6. {
  7.     LPCONTEXT lpThreadContext = 0;
  8.     STARTUPINFO siStartupInfo;
  9.     PROCESS_INFORMATION piProcessInfo;
  10.    
  11.     memset(&siStartupInfo, 0, sizeof(siStartupInfo));
  12.     memset(&piProcessInfo, 0, sizeof(piProcessInfo));
  13.  
  14.     siStartupInfo.cb = sizeof(siStartupInfo);
  15.  
  16.     if (CreateProcessW(L"C:\\Windows\\System32\\notepad.exe", NULL, 0, 0, false, CREATE_SUSPENDED, 0, 0, &siStartupInfo, &piProcessInfo) != false)
  17.     {
  18.         // Success.  Try to access the thread context
  19.         std::wcout << "CreateProcessW() returned true!" << std::endl;
  20.        
  21.         if (GetThreadContext(piProcessInfo.hThread, lpThreadContext)) // On x86-64 Win7, this returns 998: ERROR_NOACCESS
  22.         {
  23.             std::wcout << "GetThreadContext(): Success!  Thread context retrieved." << std::endl;
  24.         }
  25.         else
  26.         {
  27.             std::wcout << "GetThreadContext(): Unable to retrieve thread context: " << GetLastError() << std::endl;
  28.         }
  29.  
  30.         // Terminate notepad.exe
  31.         TerminateThread(piProcessInfo.hThread, 0);
  32.         TerminateProcess(piProcessInfo.hProcess, 0);
  33.     }
  34.     else
  35.     {
  36.         std::wcout << "CreateProcessW() returned false: " << GetLastError() << std::endl;
  37.     }
  38.  
  39.     // Cleanup
  40.     CloseHandle(piProcessInfo.hProcess);
  41.     CloseHandle(piProcessInfo.hThread);
  42.  
  43.     return 0;
  44. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement