public void Set(string currentValue, string oldValue)
{
NtStatus status;
UnicodeString currentValueStr;
UnicodeString oldValueStr;
currentValueStr = new UnicodeString(currentValue);
oldValueStr = new UnicodeString(oldValue);
try
{
if ((status = Win32.LsaSetSecret(
this,
ref currentValueStr,
ref oldValueStr
)) >= NtStatus.Error)
{
Win32.Throw(status);
}
}
finally
{
currentValueStr.Dispose();
oldValueStr.Dispose();
}
}
public static void SetCurrentVariable(string name, string value)
{
NtStatus status;
UnicodeString nameStr;
UnicodeString valueStr;
nameStr = new UnicodeString(name);
try
{
valueStr = new UnicodeString(value);
try
{
if ((status = Win32.RtlSetEnvironmentVariable(
IntPtr.Zero,
ref nameStr,
ref valueStr
)) >= NtStatus.Error)
{
Win32.ThrowLastError(status);
}
}
finally
{
valueStr.Dispose();
}
}
finally
{
nameStr.Dispose();
}
}
public void ChangePassword(string oldPassword, string newPassword)
{
NtStatus status;
UnicodeString oldPasswordStr;
UnicodeString newPasswordStr;
oldPasswordStr = new UnicodeString(oldPassword);
newPasswordStr = new UnicodeString(newPassword);
try
{
if ((status = Win32.SamChangePasswordUser(
this,
ref oldPasswordStr,
ref newPasswordStr
)) >= NtStatus.Error)
{
Win32.Throw(status);
}
}
finally
{
oldPasswordStr.Dispose();
newPasswordStr.Dispose();
}
}
public static LsaSecretHandle Create(LsaSecretAccess access, LsaPolicyHandle policyHandle, string name)
{
NtStatus status;
UnicodeString nameStr;
IntPtr handle;
nameStr = new UnicodeString(name);
try
{
if ((status = Win32.LsaCreateSecret(
policyHandle,
ref nameStr,
access,
out handle
)) >= NtStatus.Error)
{
Win32.Throw(status);
}
}
finally
{
nameStr.Dispose();
}
return(new LsaSecretHandle(handle, true));
}
public LsaSecretHandle(LsaPolicyHandle policyHandle, string name, LsaSecretAccess access)
{
NtStatus status;
UnicodeString nameStr;
IntPtr handle;
nameStr = new UnicodeString(name);
try
{
if ((status = Win32.LsaOpenSecret(
policyHandle,
ref nameStr,
access,
out handle
)) >= NtStatus.Error)
{
Win32.Throw(status);
}
}
finally
{
nameStr.Dispose();
}
this.Handle = handle;
}
public static SamAliasHandle Create(SamAliasAccess access, SamDomainHandle domainHandle, string name, out int aliasId)
{
NtStatus status;
UnicodeString nameStr;
IntPtr handle;
nameStr = new UnicodeString(name);
try
{
if ((status = Win32.SamCreateAliasInDomain(
domainHandle,
ref nameStr,
access,
out handle,
out aliasId
)) >= NtStatus.Error)
{
Win32.Throw(status);
}
}
finally
{
nameStr.Dispose();
}
return(new SamAliasHandle(handle, true));
}
/// <summary>
/// Opens a SAM server.
/// </summary>
/// <param name="serverName">The name of the server.</param>
/// <param name="access">The desired access to the server.</param>
public SamServerHandle(string serverName, SamServerAccess access)
{
NtStatus status;
ObjectAttributes oa = new ObjectAttributes();
UnicodeString serverNameStr;
IntPtr handle;
serverNameStr = new UnicodeString(serverName);
try
{
if ((status = Win32.SamConnect(
ref serverNameStr,
out handle,
access,
ref oa
)) >= NtStatus.Error)
{
Win32.Throw(status);
}
}
finally
{
serverNameStr.Dispose();
}
this.Handle = handle;
}
public Sid LookupDomain(string name)
{
NtStatus status;
UnicodeString nameStr;
IntPtr domainId;
nameStr = new UnicodeString(name);
try
{
if ((status = Win32.SamLookupDomainInSamServer(
this,
ref nameStr,
out domainId
)) >= NtStatus.Error)
{
Win32.Throw(status);
}
}
finally
{
nameStr.Dispose();
}
using (var domainIdAlloc = new SamMemoryAlloc(domainId))
return(new Sid(domainIdAlloc));
}
public static PortComHandle Connect(string portName)
{
UnicodeString portNameStr = new UnicodeString(portName);
SecurityQualityOfService securityQos = new SecurityQualityOfService(SecurityImpersonationLevel.SecurityImpersonation, true, false);
IntPtr handle;
try
{
Win32.NtConnectPort(
out handle,
ref portNameStr,
ref securityQos,
IntPtr.Zero,
IntPtr.Zero,
IntPtr.Zero,
IntPtr.Zero,
IntPtr.Zero
).ThrowIf();
}
finally
{
portNameStr.Dispose();
}
return(new PortComHandle(handle, true));
}
public string RetrievePrivateData(string name)
{
NtStatus status;
UnicodeString nameStr;
IntPtr privateData;
nameStr = new UnicodeString(name);
try
{
if ((status = Win32.LsaRetrievePrivateData(
this,
ref nameStr,
out privateData
)) >= NtStatus.Error)
{
Win32.Throw(status);
}
}
finally
{
nameStr.Dispose();
}
using (var privateDataAlloc = new LsaMemoryAlloc(privateData))
return(privateDataAlloc.ReadStruct <UnicodeString>().Read());
}
public void StorePrivateData(string name, string privateData)
{
NtStatus status;
UnicodeString nameStr;
UnicodeString privateDataStr;
nameStr = new UnicodeString(name);
privateDataStr = new UnicodeString(privateData);
try
{
if ((status = Win32.LsaStorePrivateData(
this,
ref nameStr,
ref privateDataStr
)) >= NtStatus.Error)
{
Win32.Throw(status);
}
}
finally
{
nameStr.Dispose();
privateDataStr.Dispose();
}
}
/// <summary>
/// Opens a LSA policy object.
/// </summary>
/// <param name="systemName">The name of the system on which the policy resides.</param>
/// <param name="access">The desired access to the policy.</param>
public LsaPolicyHandle(string systemName, LsaPolicyAccess access)
{
NtStatus status;
ObjectAttributes oa = new ObjectAttributes();
UnicodeString systemNameStr;
IntPtr handle;
systemNameStr = new UnicodeString(systemName);
try
{
if ((status = Win32.LsaOpenPolicy(
ref systemNameStr,
ref oa,
access,
out handle
)) >= NtStatus.Error)
{
Win32.Throw(status);
}
}
finally
{
systemNameStr.Dispose();
}
this.Handle = handle;
}
public Luid LookupPrivilegeValue(string name)
{
NtStatus status;
UnicodeString nameStr;
Luid luid;
nameStr = new UnicodeString(name);
try
{
if ((status = Win32.LsaLookupPrivilegeValue(
this,
ref nameStr,
out luid
)) >= NtStatus.Error)
{
Win32.Throw(status);
}
}
finally
{
nameStr.Dispose();
}
return(luid);
}
public static SymbolicLinkHandle Create(SymbolicLinkAccess access, string name, ObjectFlags objectFlags, DirectoryHandle rootDirectory, string linkTarget)
{
ObjectAttributes oa = new ObjectAttributes(name, objectFlags, rootDirectory);
IntPtr handle;
try
{
UnicodeString linkTargetString = new UnicodeString(linkTarget);
try
{
Win32.NtCreateSymbolicLinkObject(
out handle,
access,
ref oa,
ref linkTargetString
).ThrowIf();
}
finally
{
linkTargetString.Dispose();
}
}
finally
{
oa.Dispose();
}
return(new SymbolicLinkHandle(handle, true));
}
public string LookupPrivilegeDisplayName(string name)
{
NtStatus status;
UnicodeString nameStr;
IntPtr displayName;
short language;
nameStr = new UnicodeString(name);
try
{
if ((status = Win32.LsaLookupPrivilegeDisplayName(
this,
ref nameStr,
out displayName,
out language
)) >= NtStatus.Error)
{
Win32.Throw(status);
}
}
finally
{
nameStr.Dispose();
}
using (var displayNameAlloc = new LsaMemoryAlloc(displayName))
{
return(displayNameAlloc.ReadStruct <UnicodeString>().Read());
}
}
public static PortComHandle Connect(string portName)
{
NtStatus status;
UnicodeString portNameStr = new UnicodeString(portName);
SecurityQualityOfService securityQos =
new SecurityQualityOfService(SecurityImpersonationLevel.SecurityImpersonation, true, false);
IntPtr handle;
try
{
if ((status = Win32.NtConnectPort(
out handle,
ref portNameStr,
ref securityQos,
IntPtr.Zero,
IntPtr.Zero,
IntPtr.Zero,
IntPtr.Zero,
IntPtr.Zero
)) >= NtStatus.Error)
{
Win32.ThrowLastError(status);
}
}
finally
{
portNameStr.Dispose();
}
return(new PortComHandle(handle, true));
}
public static TmHandle Create(
TmAccess access,
string name,
ObjectFlags objectFlags,
DirectoryHandle rootDirectory,
string logFileName,
TmOptions createOptions
)
{
ObjectAttributes oa = new ObjectAttributes(name, objectFlags, rootDirectory);
UnicodeString logFileNameStr = new UnicodeString(logFileName);
IntPtr handle;
try
{
Win32.NtCreateTransactionManager(
out handle,
access,
ref oa,
ref logFileNameStr,
createOptions,
0
).ThrowIf();
}
finally
{
logFileNameStr.Dispose();
oa.Dispose();
}
return(new TmHandle(handle, true));
}
public static void SetCurrentVariable(string name, string value)
{
NtStatus status;
UnicodeString nameStr;
UnicodeString valueStr;
nameStr = new UnicodeString(name);
try
{
valueStr = new UnicodeString(value);
try
{
if ((status = Win32.RtlSetEnvironmentVariable(
IntPtr.Zero,
ref nameStr,
ref valueStr
)) >= NtStatus.Error)
Win32.Throw(status);
}
finally
{
valueStr.Dispose();
}
}
finally
{
nameStr.Dispose();
}
}
public Sid LookupSid(string name, out SidNameUse nameUse, out string domainName)
{
NtStatus status;
UnicodeString nameStr;
IntPtr referencedDomains;
IntPtr sids;
nameStr = new UnicodeString(name);
try
{
if ((status = Win32.LsaLookupNames2(
this,
0,
1,
new UnicodeString[] { nameStr },
out referencedDomains,
out sids
)) >= NtStatus.Error)
{
Win32.ThrowLastError(status);
}
}
finally
{
nameStr.Dispose();
}
using (var referencedDomainsAlloc = new LsaMemoryAlloc(referencedDomains))
using (var sidsAlloc = new LsaMemoryAlloc(sids))
{
LsaTranslatedSid2 translatedSid = sidsAlloc.ReadStruct <LsaTranslatedSid2>();
nameUse = translatedSid.Use;
if (nameUse == SidNameUse.Invalid || nameUse == SidNameUse.Unknown)
{
domainName = null;
return(null);
}
if (translatedSid.DomainIndex != -1)
{
LsaReferencedDomainList domains = referencedDomainsAlloc.ReadStruct <LsaReferencedDomainList>();
MemoryRegion trustArray = new MemoryRegion(domains.Domains);
LsaTrustInformation trustInfo = trustArray.ReadStruct <LsaTrustInformation>(translatedSid.DomainIndex);
domainName = trustInfo.Name.Read();
}
else
{
domainName = null;
}
return(new Sid(translatedSid.Sid));
}
}
public static TransactionHandle Create(
TransactionAccess access,
string name,
ObjectFlags objectFlags,
DirectoryHandle rootDirectory,
Guid unitOfWorkGuid,
TmHandle tmHandle,
TransactionOptions createOptions,
long timeout,
string description
)
{
NtStatus status;
ObjectAttributes oa = new ObjectAttributes(name, objectFlags, rootDirectory);
IntPtr handle;
if (unitOfWorkGuid == Guid.Empty)
{
unitOfWorkGuid = Guid.NewGuid();
}
try
{
UnicodeString descriptionStr = new UnicodeString(description);
try
{
if ((status = Win32.NtCreateTransaction(
out handle,
access,
ref oa,
ref unitOfWorkGuid,
tmHandle ?? IntPtr.Zero,
createOptions,
0,
0,
ref timeout,
ref descriptionStr
)) >= NtStatus.Error)
{
Win32.Throw(status);
}
}
finally
{
descriptionStr.Dispose();
}
}
finally
{
oa.Dispose();
}
return(new TransactionHandle(handle, true));
}
/// <summary>
/// Unloads a driver.
/// </summary>
/// <param name="serviceName">The service name of the driver.</param>
public static void UnloadDriver(string serviceName)
{
UnicodeString str = new UnicodeString("\\REGISTRY\\MACHINE\\SYSTEM\\CurrentControlSet\\Services\\" + serviceName);
try
{
Win32.NtUnloadDriver(ref str).ThrowIf();
}
finally
{
str.Dispose();
}
}
public void DeleteValue(string name)
{
UnicodeString nameStr = new UnicodeString(name);
try
{
Win32.NtDeleteValueKey(this, ref nameStr).ThrowIf();
}
finally
{
nameStr.Dispose();
}
}
public string GetVariable(string name)
{
NtStatus status;
UnicodeString nameStr;
UnicodeString valueStr;
nameStr = new UnicodeString(name);
try
{
using (var data = new MemoryAlloc(100))
{
valueStr = new UnicodeString();
valueStr.Buffer = data;
valueStr.MaximumLength = (ushort)data.Size;
status = Win32.RtlQueryEnvironmentVariable_U(
this,
ref nameStr,
ref valueStr
);
if (status == NtStatus.BufferTooSmall)
{
// Resize and try again (+2 for the null terminator).
data.Resize(valueStr.Length + 2);
valueStr.Buffer = data;
valueStr.MaximumLength = (ushort)(valueStr.Length + 2);
status = Win32.RtlQueryEnvironmentVariable_U(
this,
ref nameStr,
ref valueStr
);
}
if (status >= NtStatus.Error)
{
Win32.ThrowLastError(status);
}
return(valueStr.Read());
}
}
finally
{
nameStr.Dispose();
}
}
/// <summary>
/// LoadLibraryEx constructor to load a dll and be responsible for freeing it.
/// </summary>
/// <param name="dllName">full path name of dll to load</param>
/// <param name="flags"></param>
/// <remarks>Throws exceptions on failure. Most common failure would be file-not-found, or that the file is not a loadable image.</remarks>
public NativeLibrary(string dllName, LoadLibraryFlags flags)
{
UnicodeString str = new UnicodeString(dllName);
IntPtr ptr;
NtStatus result = Win32.LdrLoadDll(null, (int)flags, ref str, out ptr);
if (result.IsError())
{
this.MarkAsInvalid();
}
str.Dispose();
}
public static ResourceManagerHandle Create(
ResourceManagerAccess access,
string name,
ObjectFlags objectFlags,
DirectoryHandle rootDirectory,
TmHandle tmHandle,
Guid guid,
ResourceManagerOptions createOptions,
string description
)
{
NtStatus status;
ObjectAttributes oa = new ObjectAttributes(name, objectFlags, rootDirectory);
IntPtr handle;
try
{
UnicodeString descriptionStr = new UnicodeString(description);
try
{
if ((status = Win32.NtCreateResourceManager(
out handle,
access,
tmHandle,
ref guid,
ref oa,
createOptions,
ref descriptionStr
)) >= NtStatus.Error)
{
Win32.ThrowLastError(status);
}
}
finally
{
descriptionStr.Dispose();
}
}
finally
{
oa.Dispose();
}
return(new ResourceManagerHandle(handle, true));
}
public void DeleteValue(string name)
{
NtStatus status;
UnicodeString nameStr = new UnicodeString(name);
try
{
if ((status = Win32.NtDeleteValueKey(this, ref nameStr)) >= NtStatus.Error)
{
Win32.ThrowLastError(status);
}
}
finally
{
nameStr.Dispose();
}
}
public string GetVariable(string name)
{
UnicodeString nameStr = new UnicodeString(name);
try
{
using (MemoryAlloc data = new MemoryAlloc(100))
{
UnicodeString valueStr = new UnicodeString
{
Buffer = data,
MaximumLength = (ushort)data.Size
};
NtStatus status = Win32.RtlQueryEnvironmentVariable_U(
this,
ref nameStr,
ref valueStr
);
if (status == NtStatus.BufferTooSmall)
{
// Resize and try again (+2 for the null terminator).
data.ResizeNew(valueStr.Length + 2);
valueStr.Buffer = data;
valueStr.MaximumLength = (ushort)(valueStr.Length + 2);
status = Win32.RtlQueryEnvironmentVariable_U(
this,
ref nameStr,
ref valueStr
);
}
status.ThrowIf();
return(valueStr.Text);
}
}
finally
{
nameStr.Dispose();
}
}
public void ChangePassword(string oldPassword, string newPassword)
{
UnicodeString oldPasswordStr = new UnicodeString(oldPassword);
UnicodeString newPasswordStr = new UnicodeString(newPassword);
try
{
Win32.SamChangePasswordUser(
this,
ref oldPasswordStr,
ref newPasswordStr
).ThrowIf();
}
finally
{
oldPasswordStr.Dispose();
newPasswordStr.Dispose();
}
}
/// <summary>
/// Unloads a driver.
/// </summary>
/// <param name="serviceName">The service name of the driver.</param>
public static void UnloadDriver(string serviceName)
{
var str = new UnicodeString(
"\\REGISTRY\\MACHINE\\SYSTEM\\CurrentControlSet\\Services\\" + serviceName);
try
{
NtStatus status;
if ((status = Win32.NtUnloadDriver(ref str)) >= NtStatus.Error)
{
Win32.Throw(status);
}
}
finally
{
str.Dispose();
}
}
public static void SetCurrentVariable(string name, string value)
{
UnicodeString nameStr = new UnicodeString(name);
UnicodeString valueStr = new UnicodeString(value);
try
{
Win32.RtlSetEnvironmentVariable(
IntPtr.Zero,
ref nameStr,
ref valueStr
).ThrowIf();
}
finally
{
valueStr.Dispose();
nameStr.Dispose();
}
}
public static void SetCurrentVariable(string name, string value)
{
UnicodeString nameStr = new UnicodeString(name);
UnicodeString valueStr = new UnicodeString(value);
try
{
Win32.RtlSetEnvironmentVariable(
IntPtr.Zero,
ref nameStr,
ref valueStr
).ThrowIf();
}
finally
{
valueStr.Dispose();
nameStr.Dispose();
}
}
public void Set(string currentValue, string oldValue)
{
UnicodeString currentValueStr = new UnicodeString(currentValue);
UnicodeString oldValueStr = new UnicodeString(oldValue);
try
{
Win32.LsaSetSecret(
this,
ref currentValueStr,
ref oldValueStr
).ThrowIf();
}
finally
{
currentValueStr.Dispose();
oldValueStr.Dispose();
}
}
/// <summary>
/// Unloads a driver.
/// </summary>
/// <param name="serviceName">The service name of the driver.</param>
public static void UnloadDriver(string serviceName)
{
UnicodeString str = new UnicodeString("\\REGISTRY\\MACHINE\\SYSTEM\\CurrentControlSet\\Services\\" + serviceName);
try
{
Win32.NtUnloadDriver(ref str).ThrowIf();
}
finally
{
str.Dispose();
}
}
/// <summary>
/// Unloads a driver.
/// </summary>
/// <param name="serviceName">The service name of the driver.</param>
public static void UnloadDriver(string serviceName)
{
var str = new UnicodeString(
"\\REGISTRY\\MACHINE\\SYSTEM\\CurrentControlSet\\Services\\" + serviceName);
try
{
NtStatus status;
if ((status = Win32.NtUnloadDriver(ref str)) >= NtStatus.Error)
Win32.ThrowLastError(status);
}
finally
{
str.Dispose();
}
}
public void SetVariable(string name, string value)
{
IntPtr environment = _environment;
UnicodeString nameStr = new UnicodeString(name);
UnicodeString valueStr = new UnicodeString(value);
try
{
Win32.RtlSetEnvironmentVariable(
ref environment,
ref nameStr,
ref valueStr
).ThrowIf();
}
finally
{
valueStr.Dispose();
nameStr.Dispose();
}
_environment = environment;
}
public string GetVariable(string name)
{
NtStatus status;
UnicodeString nameStr;
UnicodeString valueStr;
nameStr = new UnicodeString(name);
try
{
using (var data = new MemoryAlloc(100))
{
valueStr = new UnicodeString();
valueStr.Buffer = data;
valueStr.MaximumLength = (ushort)data.Size;
status = Win32.RtlQueryEnvironmentVariable_U(
this,
ref nameStr,
ref valueStr
);
if (status == NtStatus.BufferTooSmall)
{
// Resize and try again (+2 for the null terminator).
data.ResizeNew(valueStr.Length + 2);
valueStr.Buffer = data;
valueStr.MaximumLength = (ushort)(valueStr.Length + 2);
status = Win32.RtlQueryEnvironmentVariable_U(
this,
ref nameStr,
ref valueStr
);
}
if (status >= NtStatus.Error)
Win32.Throw(status);
return valueStr.Read();
}
}
finally
{
nameStr.Dispose();
}
}
public unsafe static void CopyProcessParameters(
ProcessHandle processHandle,
IntPtr peb,
ProcessCreationFlags creationFlags,
string imagePathName,
string dllPath,
string currentDirectory,
string commandLine,
EnvironmentBlock environment,
string windowTitle,
string desktopInfo,
string shellInfo,
string runtimeInfo,
ref StartupInfo startupInfo
)
{
UnicodeString imagePathNameStr;
UnicodeString dllPathStr;
UnicodeString currentDirectoryStr;
UnicodeString commandLineStr;
UnicodeString windowTitleStr;
UnicodeString desktopInfoStr;
UnicodeString shellInfoStr;
UnicodeString runtimeInfoStr;
// Create the unicode strings.
imagePathNameStr = new UnicodeString(imagePathName);
dllPathStr = new UnicodeString(dllPath);
currentDirectoryStr = new UnicodeString(currentDirectory);
commandLineStr = new UnicodeString(commandLine);
windowTitleStr = new UnicodeString(windowTitle);
desktopInfoStr = new UnicodeString(desktopInfo);
shellInfoStr = new UnicodeString(shellInfo);
runtimeInfoStr = new UnicodeString(runtimeInfo);
try
{
NtStatus status;
IntPtr processParameters;
// Create the process parameter block.
status = Win32.RtlCreateProcessParameters(
out processParameters,
ref imagePathNameStr,
ref dllPathStr,
ref currentDirectoryStr,
ref commandLineStr,
environment,
ref windowTitleStr,
ref desktopInfoStr,
ref shellInfoStr,
ref runtimeInfoStr
);
if (status >= NtStatus.Error)
Win32.Throw(status);
try
{
// Allocate a new memory region in the remote process for
// the environment block and copy it over.
int environmentLength;
IntPtr newEnvironment;
environmentLength = environment.GetLength();
newEnvironment = processHandle.AllocateMemory(
environmentLength,
MemoryProtection.ReadWrite
);
processHandle.WriteMemory(
newEnvironment,
environment,
environmentLength
);
// Copy over the startup info data.
RtlUserProcessParameters* paramsStruct = (RtlUserProcessParameters*)processParameters;
paramsStruct->Environment = newEnvironment;
paramsStruct->StartingX = startupInfo.X;
paramsStruct->StartingY = startupInfo.Y;
paramsStruct->CountX = startupInfo.XSize;
paramsStruct->CountY = startupInfo.YSize;
paramsStruct->CountCharsX = startupInfo.XCountChars;
paramsStruct->CountCharsY = startupInfo.YCountChars;
paramsStruct->FillAttribute = startupInfo.FillAttribute;
paramsStruct->WindowFlags = startupInfo.Flags;
paramsStruct->ShowWindowFlags = startupInfo.ShowWindow;
if ((startupInfo.Flags & StartupFlags.UseStdHandles) == StartupFlags.UseStdHandles)
{
paramsStruct->StandardInput = startupInfo.StdInputHandle;
paramsStruct->StandardOutput = startupInfo.StdOutputHandle;
paramsStruct->StandardError = startupInfo.StdErrorHandle;
}
// TODO: Add console support.
// Allocate a new memory region in the remote process for
// the process parameters.
IntPtr newProcessParameters;
IntPtr regionSize = paramsStruct->Length.ToIntPtr();
newProcessParameters = processHandle.AllocateMemory(
IntPtr.Zero,
ref regionSize,
MemoryFlags.Commit,
MemoryProtection.ReadWrite
);
paramsStruct->MaximumLength = regionSize.ToInt32();
processHandle.WriteMemory(newProcessParameters, processParameters, paramsStruct->Length);
// Modify the process parameters pointer in the PEB.
processHandle.WriteMemory(
peb.Increment(Peb.ProcessParametersOffset),
&newProcessParameters,
IntPtr.Size
);
}
finally
{
Win32.RtlDestroyProcessParameters(processParameters);
}
}
finally
{
imagePathNameStr.Dispose();
dllPathStr.Dispose();
currentDirectoryStr.Dispose();
commandLineStr.Dispose();
windowTitleStr.Dispose();
desktopInfoStr.Dispose();
shellInfoStr.Dispose();
runtimeInfoStr.Dispose();
}
}
public void SetVariable(string name, string value)
{
NtStatus status;
IntPtr environment = _environment;
UnicodeString nameStr;
UnicodeString valueStr;
nameStr = new UnicodeString(name);
try
{
valueStr = new UnicodeString(value);
try
{
if ((status = Win32.RtlSetEnvironmentVariable(
ref environment,
ref nameStr,
ref valueStr
)) >= NtStatus.Error)
Win32.ThrowLastError(status);
}
finally
{
valueStr.Dispose();
}
}
finally
{
nameStr.Dispose();
}
_environment = environment;
}
