public static Data.Native.NTSTATUS NtCreateThreadEx(
ref IntPtr threadHandle,
Data.Win32.WinNT.ACCESS_MASK desiredAccess,
IntPtr objectAttributes,
IntPtr processHandle,
IntPtr startAddress,
IntPtr parameter,
bool createSuspended,
int stackZeroBits,
int sizeOfStack,
int maximumStackSize,
IntPtr attributeList)
{
// Craft an array for the arguments
object[] funcargs =
{
threadHandle, desiredAccess, objectAttributes, processHandle, startAddress, parameter, createSuspended, stackZeroBits,
sizeOfStack, maximumStackSize, attributeList
};
Data.Native.NTSTATUS retValue = (Data.Native.NTSTATUS)Generic.DynamicAPIInvoke(@"ntdll.dll", @"NtCreateThreadEx",
typeof(DELEGATES.NtCreateThreadEx), ref funcargs);
// Update the modified variables
threadHandle = (IntPtr)funcargs[0];
return(retValue);
}
public static Data.Native.NTSTATUS NtOpenKey(
ref IntPtr keyHandle,
Data.Win32.WinNT.ACCESS_MASK desiredAccess,
ref Data.Win32.WinNT.OBJECT_ATTRIBUTES objectAttributes)
{
object[] funcargs =
{
keyHandle, desiredAccess, objectAttributes
};
Data.Native.NTSTATUS retvalue = (Data.Native.NTSTATUS)Generic.DynamicAPIInvoke(@"ntdll.dll", @"NtOpenKey", typeof(DELEGATES.NtOpenKey), ref funcargs);
keyHandle = (IntPtr)funcargs[0];
return(retvalue);
}
public static Data.Native.NTSTATUS NtCreateProcess(
ref IntPtr processHandle,
Data.Win32.WinNT.ACCESS_MASK desiredAccess,
IntPtr objectAttributes,
IntPtr parentProcess,
bool InheritObjectTable,
IntPtr sectionHandle,
IntPtr debugPort,
IntPtr ExceptionPort
)
{
// Craft an array for the arguments
object[] funcargs =
{
processHandle, desiredAccess, objectAttributes, parentProcess, InheritObjectTable, sectionHandle,
debugPort, ExceptionPort
};
Data.Native.NTSTATUS retvalue = (Data.Native.NTSTATUS)Generic.DynamicAPIInvoke(@"ntdll.dll", @"NtCreateProcess", typeof(DELEGATES.NTCreateProcess), ref funcargs);
processHandle = (IntPtr)funcargs[0];
return(retvalue);
}
