C# (CSharp) ProcessNativeMethods.UNICODE_STRING_32 Exemples

Langage de programmation: C# (CSharp)

Class/Type: ProcessNativeMethods.UNICODE_STRING_32

Exemples au hotexamples.com: 2

C# (CSharp) ProcessNativeMethods.UNICODE_STRING_32 - 2 exemples trouvés. Ce sont les exemples réels les mieux notés de ProcessNativeMethods.UNICODE_STRING_32 extraits de projets open source. Vous pouvez noter les exemples pour nous aider à en améliorer la qualité.

Associées

Familia_Producto

PrefixElement

SqlEntityExpression

MovableBehaviour

ConvLocalDisplayTimes

InterfacePropertyInterceptor

D3D9Image

Room

RuleSetXRule

ProjectExtentsResult

Related in langs

WxJsSign (PHP)

clienttranslate (PHP)

JNI_GET_ENV (C++)

calVelocity (C++)

IPacket (Go)

Application (Go)

System (Java)

IntegrationRegistry.INSTANCE (Java)

CourseRepo (Python)

c_info (Python)

Exemple #1

0

Afficher le fichier

Fichier : ProcessExtensions.cs Projet : yut148/kudu

private static string GetCommandLineCore(IntPtr hProcess) { int targetProcessBitness = GetProcessBitness(hProcess); if (targetProcessBitness == 64 && !System.Environment.Is64BitProcess) { throw new Win32Exception( "The current process should run in 64 bit mode to be able to get the environment of another 64 bit process."); } var pPeb = targetProcessBitness == 64 ? GetPeb64(hProcess) : GetPeb32(hProcess); //dt -r ntdll!PEB for offset values of the PEB var offset = targetProcessBitness == 64 ? 0x20 : 0x10; var unicodeStringOffset = targetProcessBitness == 64 ? 0x70 : 0x40; IntPtr ptr; if (!TryReadIntPtr(hProcess, pPeb + offset, out ptr)) { throw new Win32Exception("Unable to read PEB."); } int commandLineLength; IntPtr commandLineBuffer; if ((targetProcessBitness == 64 && System.Environment.Is64BitProcess) || (targetProcessBitness == 32 && !System.Environment.Is64BitProcess)) { //we running same bitness as the target process, use native UNICODE_STRING var unicodeString = new ProcessNativeMethods.UNICODE_STRING(); if (!ProcessNativeMethods.ReadProcessMemory(hProcess, ptr + unicodeStringOffset, ref unicodeString, new IntPtr(Marshal.SizeOf(unicodeString)), IntPtr.Zero)) { throw new Win32Exception(String.Format("Unable to read command line, win32 error {0}", Marshal.GetLastWin32Error())); } commandLineLength = unicodeString.Length; commandLineBuffer = unicodeString.Buffer; } else { //we are running 64 but target process is 32, use UNICODE_STRING_32 var unicodeString = new ProcessNativeMethods.UNICODE_STRING_32(); if (!ProcessNativeMethods.ReadProcessMemory(hProcess, ptr + unicodeStringOffset, ref unicodeString, new IntPtr(Marshal.SizeOf(unicodeString)), IntPtr.Zero)) { throw new Win32Exception(String.Format("Unable to read command line, win32 error {0}", Marshal.GetLastWin32Error())); } commandLineLength = unicodeString.Length; commandLineBuffer = new IntPtr(unicodeString.Buffer); } var bytes = new byte[commandLineLength]; if (!ProcessNativeMethods.ReadProcessMemory(hProcess, commandLineBuffer, bytes, new IntPtr(commandLineLength), IntPtr.Zero)) { throw new Win32Exception(String.Format("Unable to read command line, win32 error {0}", Marshal.GetLastWin32Error())); } return(Encoding.Unicode.GetString(bytes)); }

Exemple #2

0

Afficher le fichier

Fichier : ProcessExtensions.cs Projet : HenrikFrystykNielsen/kudu

private static string GetCommandLineCore(IntPtr hProcess) { int targetProcessBitness = GetProcessBitness(hProcess); if (targetProcessBitness == 64 && !System.Environment.Is64BitProcess) { throw new Win32Exception( "The current process should run in 64 bit mode to be able to get the environment of another 64 bit process."); } var pPeb = targetProcessBitness == 64 ? GetPeb64(hProcess) : GetPeb32(hProcess); //dt -r ntdll!PEB for offset values of the PEB var offset = targetProcessBitness == 64 ? 0x20 : 0x10; var unicodeStringOffset = targetProcessBitness == 64 ? 0x70 : 0x40; IntPtr ptr; if (!TryReadIntPtr(hProcess, pPeb + offset, out ptr)) { throw new Win32Exception("Unable to read PEB."); } int commandLineLength; IntPtr commandLineBuffer; if ((targetProcessBitness == 64 && System.Environment.Is64BitProcess) || (targetProcessBitness == 32 && !System.Environment.Is64BitProcess)) { //we running same bitness as the target process, use native UNICODE_STRING var unicodeString = new ProcessNativeMethods.UNICODE_STRING(); if (!ProcessNativeMethods.ReadProcessMemory(hProcess, ptr + unicodeStringOffset, ref unicodeString, new IntPtr(Marshal.SizeOf(unicodeString)), IntPtr.Zero)) { throw new Win32Exception(String.Format("Unable to read command line, win32 error {0}", Marshal.GetLastWin32Error())); } commandLineLength = unicodeString.Length; commandLineBuffer = unicodeString.Buffer; } else { //we are running 64 but target process is 32, use UNICODE_STRING_32 var unicodeString = new ProcessNativeMethods.UNICODE_STRING_32(); if (!ProcessNativeMethods.ReadProcessMemory(hProcess, ptr + unicodeStringOffset, ref unicodeString, new IntPtr(Marshal.SizeOf(unicodeString)), IntPtr.Zero)) { throw new Win32Exception(String.Format("Unable to read command line, win32 error {0}", Marshal.GetLastWin32Error())); } commandLineLength = unicodeString.Length; commandLineBuffer = new IntPtr(unicodeString.Buffer); } var bytes = new byte[commandLineLength]; if (!ProcessNativeMethods.ReadProcessMemory(hProcess, commandLineBuffer, bytes, new IntPtr(commandLineLength), IntPtr.Zero)) { throw new Win32Exception(String.Format("Unable to read command line, win32 error {0}", Marshal.GetLastWin32Error())); } return Encoding.Unicode.GetString(bytes); }