Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #include <stdio.h>
- #include <errno.h>
- #if defined(__linux__)
- #include <unistd.h>
- #define GETPID 39
- pid_t
- getpid_syscall (void)
- {
- pid_t pid = syscall(GETPID);
- return pid;
- }
- #elif defined(_WIN32)
- #include <windows.h>
- #include <winternl.h>
- #include <conio.h>
- /* we define a pid integer to be of DWORD size */
- typedef DWORD pid_t;
- __declspec(noinline)
- __declspec(naked)
- NTSTATUS
- CallNtQueryInformationProcess(HANDLE ProcessHandle, PROCESSINFOCLASS ProcessInformationClass, PVOID ProcessInformation, ULONG ProcessInformationLength, PULONG ReturnLength)
- {
- __asm {
- mov eax, 0x00a1 /* TODO: syscall nummer hier */
- mov edx, 0x7FFE0300 /* KUSER_SHARED_DATA syscall stub */
- call dword ptr [edx] /* call the stub code */
- ret
- }
- }
- pid_t
- getpid_syscall (void)
- {
- /* TODO: call CallNtQueryInformationProcess with the right parameters and
- * extract and return the process id
- *
- * see: https://msdn.microsoft.com/en-us/library/windows/desktop/ms684280(v=vs.85).aspx
- */
- return CallNtQueryInformationProcess();
- }
- #else
- /* if neither linux, nor windows, we can't proceed. */
- #error neither windows nor linux?
- #endif
- int
- main (void)
- {
- /* produce user mode API pid */
- pid_t pid_getpid = getpid();
- /* produce syscall API pid */
- pid_t pid_syscall = getpid_syscall();
- /* error handling is always useful */
- if (pid_syscall <= 0)
- {
- perror("getpid_syscall");
- return 1;
- }
- /* print both and exit */
- printf("%d\n%d\n", pid_getpid, pid_syscall);
- return 0;
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
