waliedassar

Bypass Non-Killable Process

Feb 12th, 2013
448
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. //http://waleedassar.blogspot.com
  2. //http://www.twitter.com/waleedassar
  3.  
  4. //Bypass for the non-killable process bug
  5. //ZwSuspendProcess @ange4771 (Ange Albertini)
  6.  
  7. #include "stdafx.h"
  8. #include "windows.h"
  9. #include "stdio.h"
  10.  
  11. #define PROCESS_SUSPEND_RESUME  0x800
  12.  
  13. extern "C"
  14. {
  15.     int __stdcall ZwSuspendProcess(HANDLE);
  16. }
  17.  
  18. void main()
  19. {
  20.     unsigned long pid=0;
  21.     printf("Enter process id ");
  22.     scanf("%d",&pid);
  23.     if(!pid) return;
  24.  
  25.     HANDLE hProcess=OpenProcess(PROCESS_SUSPEND_RESUME,FALSE,pid);
  26.     if(!hProcess) return;
  27.     int ret=ZwSuspendProcess(hProcess);
  28.     printf("Ret is %x\r\n",ret);
  29.     CloseHandle(hProcess);
  30. }
RAW Paste Data

Adblocker detected! Please consider disabling it...

We've detected AdBlock Plus or some other adblocking software preventing Pastebin.com from fully loading.

We don't have any obnoxious sound, or popup ads, we actively block these annoying types of ads!

Please add Pastebin.com to your ad blocker whitelist or disable your adblocking software.

×