public static IntPtr NtOpenThread(int TID, Data.Win32.Kernel32.ThreadAccess DesiredAccess)
{
// Create OBJECT_ATTRIBUTES & CLIENT_ID ref's
IntPtr ThreadHandle = IntPtr.Zero;
Data.Native.OBJECT_ATTRIBUTES oa = new Data.Native.OBJECT_ATTRIBUTES();
Data.Native.CLIENT_ID ci = new Data.Native.CLIENT_ID();
ci.UniqueThread = (IntPtr)TID;
// Craft an array for the arguments
object[] funcargs =
{
ThreadHandle, DesiredAccess, oa, ci
};
Data.Native.NTSTATUS retValue = (Data.Native.NTSTATUS)Generic.DynamicAPIInvoke(@"ntdll.dll", @"NtOpenThread", typeof(DELEGATES.NtOpenProcess), ref funcargs);
if (retValue != Data.Native.NTSTATUS.Success && retValue == Data.Native.NTSTATUS.InvalidCid)
{
throw new InvalidOperationException("An invalid client ID was specified.");
}
if (retValue != Data.Native.NTSTATUS.Success)
{
throw new UnauthorizedAccessException("Access is denied.");
}
// Update the modified variables
ThreadHandle = (IntPtr)funcargs[0];
return(ThreadHandle);
}
public static IntPtr NtOpenFile(ref IntPtr FileHandle, Data.Win32.Kernel32.FileAccessFlags DesiredAccess, ref Data.Native.OBJECT_ATTRIBUTES ObjAttr, ref Data.Native.IO_STATUS_BLOCK IoStatusBlock, Data.Win32.Kernel32.FileShareFlags ShareAccess, Data.Win32.Kernel32.FileOpenFlags OpenOptions)
{
// Craft an array for the arguments
object[] funcargs =
{
FileHandle, DesiredAccess, ObjAttr, IoStatusBlock, ShareAccess, OpenOptions
};
Data.Native.NTSTATUS retValue = (Data.Native.NTSTATUS)Generic.DynamicAPIInvoke(@"ntdll.dll", @"NtOpenFile", typeof(DELEGATES.NtOpenFile), ref funcargs);
if (retValue != Data.Native.NTSTATUS.Success)
{
throw new InvalidOperationException("Failed to open file, " + retValue);
}
FileHandle = (IntPtr)funcargs[0];
return(FileHandle);
}
