/// <summary>
/// Creates a thread that runs in the remote process.
/// </summary>
/// <param name="address">
/// A pointer to the application-defined function to be executed by the thread and represents
/// the starting address of the thread in the remote process.
/// </param>
/// <param name="isStarted">Sets if the thread must be started just after being created.</param>
/// <returns>A new instance of the <see cref="RemoteThread"/> class.</returns>
public RemoteThread Create(IntPtr address, bool isStarted = true)
{
// Create the thread
var ret = ThreadCore.NtQueryInformationThread(
ThreadCore.CreateRemoteThread(MemorySharp.Handle, address, IntPtr.Zero, ThreadCreationFlags.Suspended));
// Get the native thread previously created
// Loop until the native thread is retrieved
ProcessThread nativeThread;
do
{
nativeThread = MemorySharp.Threads.NativeThreads.FirstOrDefault(t => t.Id == ret.ThreadId);
} while (nativeThread == null);
// Wrap the native thread in an object of the library
var result = new RemoteThread(MemorySharp, nativeThread);
// If the thread must be started
if (isStarted)
{
result.Resume();
}
return(result);
}
/// <summary>
/// Creates a thread that runs in the remote process.
/// </summary>
/// <param name="address">
/// A pointer to the application-defined function to be executed by the thread and represents
/// the starting address of the thread in the remote process.
/// </param>
/// <param name="parameter">A variable to be passed to the thread function.</param>
/// <param name="isStarted">Sets if the thread must be started just after being created.</param>
/// <returns>A new instance of the <see cref="RemoteThread"/> class.</returns>
public RemoteThread Create(IntPtr address, dynamic parameter, bool isStarted = true)
{
// Marshal the parameter
var marshalledParameter = MarshalValue.Marshal(MemorySharp, parameter);
//Create the thread
var ret = ThreadCore.NtQueryInformationThread(
ThreadCore.CreateRemoteThread(MemorySharp.Handle, address, marshalledParameter.Reference, ThreadCreationFlags.Suspended));
// Get the native thread previously created
// Loop until the native thread is retrieved
ProcessThread nativeThread;
do
{
nativeThread = MemorySharp.Threads.NativeThreads.FirstOrDefault(t => t.Id == ret.ThreadId);
} while (nativeThread == null);
// Find the managed object corresponding to this thread
var result = new RemoteThread(MemorySharp, nativeThread, marshalledParameter);
// If the thread must be started
if (isStarted)
{
result.Resume();
}
return(result);
}
/// <summary>
/// Creates a thread that runs in the remote process.
/// </summary>
/// <param name="address">
/// A pointer to the application-defined function to be executed by the thread and represents
/// the starting address of the thread in the remote process.
/// </param>
/// <param name="isStarted">Sets if the thread must be started just after being created.</param>
/// <returns>A new instance of the <see cref="RemoteThread"/> class.</returns>
public RemoteThread Create(IntPtr address, bool isStarted = true)
{
//Create the thread
var ret = ThreadCore.NtQueryInformationThread(
ThreadCore.CreateRemoteThread(MemorySharp.Handle, address, IntPtr.Zero, ThreadCreationFlags.Suspended));
// Find the managed object corresponding to this thread
var result = new RemoteThread(MemorySharp, MemorySharp.Threads.NativeThreads.First(t => t.Id == ret.ThreadId));
// If the thread must be started
if (isStarted)
{
result.Resume();
}
return(result);
}
/// <summary>
/// Creates a thread that runs in the remote process.
/// </summary>
/// <param name="address">
/// A pointer to the application-defined function to be executed by the thread and represents
/// the starting address of the thread in the remote process.
/// </param>
/// <param name="parameter">A variable to be passed to the thread function.</param>
/// <param name="isStarted">Sets if the thread must be started just after being created.</param>
/// <returns>A new instance of the <see cref="RemoteThread"/> class.</returns>
public RemoteThread Create(IntPtr address, dynamic parameter, bool isStarted = true)
{
// Marshal the parameter
var marshalledParameter = MarshalValue.Marshal(MemorySharp, parameter);
//Create the thread
var ret = ThreadCore.NtQueryInformationThread(
ThreadCore.CreateRemoteThread(MemorySharp.Handle, address, marshalledParameter.Reference, ThreadCreationFlags.Suspended));
// Find the managed object corresponding to this thread
var result = new RemoteThread(MemorySharp, MemorySharp.Threads.NativeThreads.First(t => t.Id == ret.ThreadId), marshalledParameter);
// If the thread must be started
if (isStarted)
{
result.Resume();
}
return(result);
}