Exemplos de NtOpenProcessDelegate em C# (CSharp)

Linguagem de programação: C# (CSharp)

Exemplos em hotexamples.com: 2

NtOpenProcessDelegate em C# (CSharp) - 2 exemplos encontrados. Esses são os exemplos do mundo real mais bem avaliados de NtOpenProcessDelegate em C# (CSharp) extraídos de projetos de código aberto. Você pode avaliar os exemplos para nos ajudar a melhorar a qualidade deles.

Relacionados

DlgSettings

DecisionTreeSet

Color32

QuestsController.Answer

IAppServiceOrders

UrlParamType

DrArchie

ServiceClient

SetPlayerGenre

TodoTo

Related in langs

ComposerAutoloaderInit321d8fc7dbf535a9f5b3e950561ab7d0 (PHP)

news_make_category (PHP)

CopyMediaType (C++)

UpdateListEntries (C++)

g_interface_info_get_n_constants (Go)

VolumeCreateRequest (Go)

Cone (Java)

BeanFactory (Java)

move_cursor_down (Python)

CodeGen (Python)

Exemplo n.º 1

0

Exibir arquivo

Arquivo: MiniDumpToMem.cs Projeto: srccrow/MirrorDump

internal static void InitHookEngine(IntPtr contextHandle, uint dumpSizeLimit, int lsassPid, IntPtr lsassHandle) { hookEngine = new HookEngine(); dumpContexts[contextHandle] = new DumpContext(dumpSizeLimit); MiniDumpToMem.lsassPid = lsassPid; MiniDumpToMem.lsassHandle = lsassHandle; SetFilePointer_detour = new SetFilePointerDelegate(SetFilePointer); GetFileSize_detour = new GetFileSizeDelegate(GetFileSize); WriteFile_detour = new WriteFileDelegate(WriteFile); NtOpenProcess_detour = new NtOpenProcessDelegate(NtOpenProcess); NtOpenProcess_orig = hookEngine.CreateHook("ntdll.dll", "NtOpenProcess", NtOpenProcess_detour); SetFilePointer_orig = hookEngine.CreateHook("kernelbase.dll", "SetFilePointer", SetFilePointer_detour); GetFileSize_orig = hookEngine.CreateHook("kernelbase.dll", "GetFileSize", GetFileSize_detour); WriteFile_orig = hookEngine.CreateHook("kernelbase.dll", "WriteFile", WriteFile_detour); hookEngine.EnableHooks(); }

Exemplo n.º 2

0

Exibir arquivo

static Syscall() { var windowsVersion = OsChecker.GetWindowsVersion(); if (windowsVersion == OsChecker.EWindowsVersion.Unknown || !Syscalls.ContainsKey(windowsVersion)) { throw new Exception("Unsupported operating system !"); } fNtOpenProcess = GetDelegateForSyscall <NtOpenProcessDelegate>(Syscalls[windowsVersion].NtOpenProcess); fNtReadVirtualMemory = GetDelegateForSyscall <NtReadVirtualMemoryDelegate>(Syscalls[windowsVersion].NtReadVirtualMemory); fNtWriteVirtualMemory = GetDelegateForSyscall <NtWriteVirtualMemoryDelegate>(Syscalls[windowsVersion].NtWriteVirtualMemory); fNtAllocateVirtualMemory = GetDelegateForSyscall <NtAllocateVirtualMemoryDelegate>(Syscalls[windowsVersion].NtAllocateVirtualMemory); fNtProtectVirtualMemory = GetDelegateForSyscall <NtProtectVirtualMemorDelegate>(Syscalls[windowsVersion].NtProtectVirtualMemory); fNtFreeVirtualMemory = GetDelegateForSyscall <NtFreeVirtualMemoryDelegate>(Syscalls[windowsVersion].NtFreeVirtualMemory); fNtClose = GetDelegateForSyscall <NtCloseDelegate>(Syscalls[windowsVersion].NtClose); fNtQueryInformationProcess = GetDelegateForSyscall <NtQueryInformationProcessDelegate>(Syscalls[windowsVersion].NtQueryInformationProcess); fNtOpenThread = GetDelegateForSyscall <NtOpenThreadDelegate>(Syscalls[windowsVersion].NtOpenThread); fNtSuspendThread = GetDelegateForSyscall <NtSuspendThreadDelegate>(Syscalls[windowsVersion].NtSuspendThread); fNtResumeThread = GetDelegateForSyscall <NtResumeThreadDelegate>(Syscalls[windowsVersion].NtResumeThread); }