예제 #1
0
 public static void LhUninstallAllHooks()
 {
     if (Is64Bit)
     {
         NativeAPI_x64.LhUninstallAllHooks();
     }
     else
     {
         NativeAPI_x86.LhUninstallAllHooks();
     }
 }
예제 #2
0
 public static void DbgAttachDebugger()
 {
     if (Is64Bit)
     {
         Force(NativeAPI_x64.DbgAttachDebugger());
     }
     else
     {
         Force(NativeAPI_x86.DbgAttachDebugger());
     }
 }
예제 #3
0
 public static Boolean RhIsX64System()
 {
     if (Is64Bit)
     {
         return(NativeAPI_x64.RhIsX64System());
     }
     else
     {
         return(NativeAPI_x86.RhIsX64System());
     }
 }
예제 #4
0
 public static void RhGetProcessToken(Int32 InProcessId, out IntPtr OutToken)
 {
     if (Is64Bit)
     {
         Force(NativeAPI_x64.RhGetProcessToken(InProcessId, out OutToken));
     }
     else
     {
         Force(NativeAPI_x86.RhGetProcessToken(InProcessId, out OutToken));
     }
 }
예제 #5
0
 public static void LhGetHookBypassAddress(IntPtr handle, out IntPtr address)
 {
     if (Is64Bit)
     {
         Force(NativeAPI_x64.LhGetHookBypassAddress(handle, out address));
     }
     else
     {
         Force(NativeAPI_x86.LhGetHookBypassAddress(handle, out address));
     }
 }
예제 #6
0
 public static void LhUninstallHook(IntPtr RefHandle)
 {
     if (Is64Bit)
     {
         Force(NativeAPI_x64.LhUninstallHook(RefHandle));
     }
     else
     {
         Force(NativeAPI_x86.LhUninstallHook(RefHandle));
     }
 }
예제 #7
0
 public static String RtlGetLastErrorString()
 {
     if (Is64Bit)
     {
         return(NativeAPI_x64.RtlGetLastErrorStringCopy());
     }
     else
     {
         return(NativeAPI_x86.RtlGetLastErrorStringCopy());
     }
 }
예제 #8
0
 public static void LhBarrierGetAddressOfReturnAddress(out IntPtr OutValue)
 {
     if (Is64Bit)
     {
         Force(NativeAPI_x64.LhBarrierGetAddressOfReturnAddress(out OutValue));
     }
     else
     {
         Force(NativeAPI_x86.LhBarrierGetAddressOfReturnAddress(out OutValue));
     }
 }
예제 #9
0
 public static void LhBarrierEndStackTrace(IntPtr OutBackup)
 {
     if (Is64Bit)
     {
         Force(NativeAPI_x64.LhBarrierEndStackTrace(OutBackup));
     }
     else
     {
         Force(NativeAPI_x86.LhBarrierEndStackTrace(OutBackup));
     }
 }
예제 #10
0
 public static void RhWakeUpProcess()
 {
     if (Is64Bit)
     {
         Force(NativeAPI_x64.RhWakeUpProcess());
     }
     else
     {
         Force(NativeAPI_x86.RhWakeUpProcess());
     }
 }
예제 #11
0
 public static void LhBarrierGetCallback(out IntPtr OutValue)
 {
     if (Is64Bit)
     {
         Force(NativeAPI_x64.LhBarrierGetCallback(out OutValue));
     }
     else
     {
         Force(NativeAPI_x86.LhBarrierGetCallback(out OutValue));
     }
 }
예제 #12
0
 public static void RhInstallSupportDriver()
 {
     if (Is64Bit)
     {
         Force(NativeAPI_x64.RhInstallSupportDriver());
     }
     else
     {
         Force(NativeAPI_x86.RhInstallSupportDriver());
     }
 }
예제 #13
0
 public static void LhWaitForPendingRemovals()
 {
     if (Is64Bit)
     {
         Force(NativeAPI_x64.LhWaitForPendingRemovals());
     }
     else
     {
         Force(NativeAPI_x86.LhWaitForPendingRemovals());
     }
 }
예제 #14
0
 public static Boolean RhIsAdministrator()
 {
     if (Is64Bit)
     {
         return(NativeAPI_x64.RhIsAdministrator());
     }
     else
     {
         return(NativeAPI_x86.RhIsAdministrator());
     }
 }
예제 #15
0
 public static Int32 RtlGetLastError()
 {
     if (Is64Bit)
     {
         return(NativeAPI_x64.RtlGetLastError());
     }
     else
     {
         return(NativeAPI_x86.RtlGetLastError());
     }
 }
예제 #16
0
 public static void DbgGetThreadIdByHandle(
     IntPtr InThreadHandle,
     out Int32 OutThreadId)
 {
     if (Is64Bit)
     {
         Force(NativeAPI_x64.DbgGetThreadIdByHandle(InThreadHandle, out OutThreadId));
     }
     else
     {
         Force(NativeAPI_x86.DbgGetThreadIdByHandle(InThreadHandle, out OutThreadId));
     }
 }
예제 #17
0
 public static void LhSetGlobalExclusiveACL(
     Int32[] InThreadIdList,
     Int32 InThreadCount)
 {
     if (Is64Bit)
     {
         Force(NativeAPI_x64.LhSetGlobalExclusiveACL(InThreadIdList, InThreadCount));
     }
     else
     {
         Force(NativeAPI_x86.LhSetGlobalExclusiveACL(InThreadIdList, InThreadCount));
     }
 }
예제 #18
0
 public static void DbgGetProcessIdByHandle(
     IntPtr InProcessHandle,
     out Int32 OutProcessId)
 {
     if (Is64Bit)
     {
         Force(NativeAPI_x64.DbgGetProcessIdByHandle(InProcessHandle, out OutProcessId));
     }
     else
     {
         Force(NativeAPI_x86.DbgGetProcessIdByHandle(InProcessHandle, out OutProcessId));
     }
 }
예제 #19
0
 public static void RhIsX64Process(
     Int32 InProcessId,
     out Boolean OutResult)
 {
     if (Is64Bit)
     {
         Force(NativeAPI_x64.RhIsX64Process(InProcessId, out OutResult));
     }
     else
     {
         Force(NativeAPI_x86.RhIsX64Process(InProcessId, out OutResult));
     }
 }
예제 #20
0
 public static void RhInstallDriver(
     String InDriverPath,
     String InDriverName)
 {
     if (Is64Bit)
     {
         Force(NativeAPI_x64.RhInstallDriver(InDriverPath, InDriverName));
     }
     else
     {
         Force(NativeAPI_x86.RhInstallDriver(InDriverPath, InDriverName));
     }
 }
예제 #21
0
 public static void LhIsThreadIntercepted(
     IntPtr InHandle,
     Int32 InThreadID,
     out Boolean OutResult)
 {
     if (Is64Bit)
     {
         Force(NativeAPI_x64.LhIsThreadIntercepted(InHandle, InThreadID, out OutResult));
     }
     else
     {
         Force(NativeAPI_x86.LhIsThreadIntercepted(InHandle, InThreadID, out OutResult));
     }
 }
예제 #22
0
 public static void RtlInstallService(
     String InServiceName,
     String InExePath,
     String InChannelName)
 {
     if (Is64Bit)
     {
         Force(NativeAPI_x64.RtlInstallService(InServiceName, InExePath, InChannelName));
     }
     else
     {
         Force(NativeAPI_x86.RtlInstallService(InServiceName, InExePath, InChannelName));
     }
 }
예제 #23
0
 public static void LhSetExclusiveACL(
     Int32[] InThreadIdList,
     Int32 InThreadCount,
     IntPtr InHandle)
 {
     if (Is64Bit)
     {
         Force(NativeAPI_x64.LhSetExclusiveACL(InThreadIdList, InThreadCount, InHandle));
     }
     else
     {
         Force(NativeAPI_x86.LhSetExclusiveACL(InThreadIdList, InThreadCount, InHandle));
     }
 }
예제 #24
0
 public static void LhInstallHook(
     IntPtr InEntryPoint,
     IntPtr InHookProc,
     IntPtr InCallback,
     IntPtr OutHandle)
 {
     if (Is64Bit)
     {
         Force(NativeAPI_x64.LhInstallHook(InEntryPoint, InHookProc, InCallback, OutHandle));
     }
     else
     {
         Force(NativeAPI_x86.LhInstallHook(InEntryPoint, InHookProc, InCallback, OutHandle));
     }
 }
예제 #25
0
 public static void DbgHandleToObjectName(
     IntPtr InNamedHandle,
     IntPtr OutNameBuffer,
     Int32 InBufferSize,
     out Int32 OutRequiredSize)
 {
     if (Is64Bit)
     {
         Force(NativeAPI_x64.DbgHandleToObjectName(InNamedHandle, OutNameBuffer, InBufferSize, out OutRequiredSize));
     }
     else
     {
         Force(NativeAPI_x86.DbgHandleToObjectName(InNamedHandle, OutNameBuffer, InBufferSize, out OutRequiredSize));
     }
 }
예제 #26
0
 public static void RtlCreateSuspendedProcess(
     String InEXEPath,
     String InCommandLine,
     Int32 InProcessCreationFlags,
     out Int32 OutProcessId,
     out Int32 OutThreadId)
 {
     if (Is64Bit)
     {
         Force(NativeAPI_x64.RtlCreateSuspendedProcess(InEXEPath, InCommandLine, InProcessCreationFlags,
                                                       out OutProcessId, out OutThreadId));
     }
     else
     {
         Force(NativeAPI_x86.RtlCreateSuspendedProcess(InEXEPath, InCommandLine, InProcessCreationFlags,
                                                       out OutProcessId, out OutThreadId));
     }
 }
예제 #27
0
 public static void RhInjectLibrary(
     Int32 InTargetPID,
     Int32 InWakeUpTID,
     Int32 InInjectionOptions,
     String InLibraryPath_x86,
     String InLibraryPath_x64,
     IntPtr InPassThruBuffer,
     Int32 InPassThruSize)
 {
     if (Is64Bit)
     {
         Force(NativeAPI_x64.RhInjectLibrary(InTargetPID, InWakeUpTID, InInjectionOptions,
                                             InLibraryPath_x86, InLibraryPath_x64, InPassThruBuffer, InPassThruSize));
     }
     else
     {
         Force(NativeAPI_x86.RhInjectLibrary(InTargetPID, InWakeUpTID, InInjectionOptions,
                                             InLibraryPath_x86, InLibraryPath_x64, InPassThruBuffer, InPassThruSize));
     }
 }