public RemoteThread Create(IntPtr address, bool isStarted = true)
{
ThreadHelper.CreateRemoteThread(m_Process.Handle, address, IntPtr.Zero, out var threadId, ThreadCreationFlags.Suspended);
ProcessThread nativeThread;
do
{
nativeThread = m_Process.Threads.NativeThreads.FirstOrDefault(t => t.Id == threadId);
} while (nativeThread == null);
var result = new RemoteThread(m_Process, nativeThread);
if (isStarted)
{
result.Resume();
}
return(result);
}
public RemoteThread Create(IntPtr address, dynamic parameter, bool isStarted = true)
{
var marshalledParameter = MarshalValue.Marshal(m_Process, parameter);
ThreadHelper.CreateRemoteThread(m_Process.Handle, address, marshalledParameter.Reference, out int threadId, ThreadCreationFlags.Suspended);
ProcessThread nativeThread;
do
{
nativeThread = m_Process.Threads.NativeThreads.FirstOrDefault(t => t.Id == threadId);
} while (nativeThread == null);
var result = new RemoteThread(m_Process, nativeThread, marshalledParameter);
if (isStarted)
{
result.Resume();
}
return(result);
}
public RemoteThread Create(IntPtr address, bool isStarted = true)
{
var tbi = NtQueryInformationThread(
CreateRemoteThread(m_Process.Handle, address, IntPtr.Zero, ThreadCreationFlags.Suspended)
);
ProcessThread nativeThread;
do
{
nativeThread = m_Process.Threads.NativeThreads.FirstOrDefault(t => t.Id == tbi.ThreadId.ToInt32());
} while (nativeThread == null);
var result = new RemoteThread(m_Process, nativeThread);
if (isStarted)
{
result.Resume();
}
return(result);
}