external shit

1. bool Process::Attach ( const std::string& Name )
2. {
3.     PROCESSENTRY32 pe32 = { 0 };
4.        
5.     pe32.dwSize = sizeof(PROCESSENTRY32);
6.  
7.     HANDLE hSnapshot = CreateToolhelp32Snapshot ( TH32CS_SNAPPROCESS, 0 );
8.  
9.     if ( hSnapshot == INVALID_HANDLE_VALUE )
10.     {
11.         Util::DbgPrint ( "CreateToolhelp32Snapshot failed! (Invalid handle value) [Process::Attach] %i", GetLastError () );
12.         return false;
13.     }
14.  
15.     if ( !Process32First ( hSnapshot, &pe32 ) )
16.     {
17.         CloseHandle ( hSnapshot );
18.         Util::DbgPrint ( "Process32First failed! (Return value is false) [Process::Attach] %i", GetLastError () );
19.         return false;
20.     }
21.  
22.     do
23.     {
24.         if ( Name.compare ( pe32.szExeFile ) == 0 )
25.         {
26.             m_dwProcessId = pe32.th32ProcessID;
27.             break;
28.         }
29.     }
30.     while ( Process32Next ( hSnapshot, &pe32 ) );
31.  
32.     CloseHandle ( hSnapshot );
33.  
34.     NTSTATUS Status;
35.  
36.     OBJECT_ATTRIBUTES ObjectAttributes;
37.  
38.     CLIENT_ID ClientId;
39.  
40.     ClientId.UniqueProcess = UlongToHandle(m_dwProcessId);
41.     ClientId.UniqueThread = 0;
42.  
43.     ObjectAttributes.Length = sizeof(OBJECT_ATTRIBUTES);
44.     ObjectAttributes.Attributes = 0;
45.     ObjectAttributes.RootDirectory = 0;
46.     ObjectAttributes.ObjectName = 0;
47.     ObjectAttributes.SecurityDescriptor = 0;
48.     ObjectAttributes.SecurityQualityOfService = 0;
49.  
50.     Status = Import::NtOpenProcess ( &m_hProcessHandle, DEFAULT_ACCESS_P, &ObjectAttributes, &ClientId );
51.  
52.     if ( !NT_SUCCESS(Status) )
53.     {
54.         Util::DbgPrint ( "NtOpenProcess failed! (Invalid return value) [Process::Attach] %i", Status );
55.         return false;
56.     }
57.  
58.     DWORD_PTR dwPointer = 0;
59.  
60.     Status = Import::NtQueryInformationProcess ( m_hProcessHandle, ProcessWow64Information, &dwPointer, sizeof(DWORD_PTR), 0 );
61.  
62.     if ( !NT_SUCCESS(Status) )
63.     {
64.         CloseHandle ( m_hProcessHandle );
65.         Util::DbgPrint ( "NtQueryInformationProcess failed! (Invalid return value) [Process::Attach] %i", Status );
66.         return false;
67.     }
68.  
69.     Status = Import::NtReadVirtualMemory ( m_hProcessHandle, (PVOID)dwPointer, &m_PEB, sizeof(PEB), 0 );
70.  
71.     if ( !NT_SUCCESS(Status) )
72.     {
73.         CloseHandle ( m_hProcessHandle );
74.         Util::DbgPrint ( "NtReadVirtualMemory failed! (Invalid return value) [Process::Attach] %i", Status );
75.         return false;
76.     }
77.  
78.     hSnapshot = INVALID_HANDLE_VALUE;
79.  
80.     MODULEENTRY32 me32 = { 0 };
81.  
82.     me32.dwSize = sizeof(MODULEENTRY32);
83.  
84.     hSnapshot = CreateToolhelp32Snapshot ( TH32CS_SNAPMODULE, m_dwProcessId );
85.  
86.     if ( hSnapshot == INVALID_HANDLE_VALUE )
87.     {
88.         CloseHandle ( m_hProcessHandle );
89.         Util::DbgPrint ( "CreateToolhelp32Snapshot failed! (Invalid handle value) [Process::Attach] %i", GetLastError () );
90.         return false;
91.     }
92.  
93.     if ( !Module32First ( hSnapshot, &me32 ) )
94.     {
95.         CloseHandle ( hSnapshot );
96.         CloseHandle ( m_hProcessHandle );
97.         return false;
98.     }
99.  
100.     do
101.     {
102.         m_ModuleArray.push_back ( Module ( (DWORD_PTR)me32.modBaseAddr, (DWORD_PTR)me32.modBaseSize, me32.szModule ) );
103.     }
104.     while ( Module32Next ( hSnapshot, &me32 ) );
105.  
106.     CloseHandle ( hSnapshot );
107. }