public Memory(int parentProcessId)
{
ParentProcessId = parentProcessId;
ParentProcessHandle = WinApi.OpenProcess(WinApi.ProcessAccessFlags.All, false, parentProcessId);
}
public void ResumeProcess()
{
WinApi.NtResumeProcess(_handle);
}
public RedirectedThread(IntPtr processHandle, int threadId)
{
_processHandle = processHandle;
_threadToRedirect = WinApi.OpenThread(WinApi.ThreadAccessFlags.SET_CONTEXT | WinApi.ThreadAccessFlags.GET_CONTEXT | WinApi.ThreadAccessFlags.SUSPEND_RESUME, false, (uint)threadId);
_shellcodeMemory = WinApi.VirtualAllocEx(_processHandle, IntPtr.Zero, 1024, WinApi.AllocationType.Commit, WinApi.MemoryProtection.ExecuteReadWrite);
}