public static extern NtStatus NtAlpcOpenSenderThread(
     out SafeKernelObjectHandle ThreadHandle,
     SafeKernelObjectHandle PortHandle,
     AlpcPortMessage PortMessage,
     AlpcOpenSenderThreadFlags Flags,
     ThreadAccessRights DesiredAccess,
     ObjectAttributes ObjectAttributes
     );
Пример #2
0
 public static extern NtStatus NtGetNextThread(
     SafeKernelObjectHandle ProcessHandle,
     SafeKernelObjectHandle ThreadHandle,
     ThreadAccessRights DesiredAccess,
     AttributeFlags HandleAttributes,
     int Flags,
     out SafeKernelObjectHandle NewThreadHandle
     );
 public static extern NtStatus NtCreateThread(
     out SafeKernelObjectHandle ThreadHandle,
     ThreadAccessRights DesiredAccess,
     [In] ObjectAttributes ObjectAttributes,
     SafeKernelObjectHandle ProcessHandle,
     out ClientIdStruct ClientId,
     IntPtr ThreadContext,
     IntPtr InitialTeb,
     bool CreateSuspended
     );
Пример #4
0
 /// <summary>
 /// Constructor
 /// </summary>
 public CreateUserProcess()
 {
     DesktopInfo          = @"WinSta0\Default";
     ShellInfo            = "";
     RuntimeData          = "";
     WindowTitle          = "";
     AdditionalAttributes = new List <ProcessAttribute>();
     ProcessDesiredAccess = ProcessAccessRights.MaximumAllowed;
     ThreadDesiredAccess  = ThreadAccessRights.MaximumAllowed;
 }
Пример #5
0
        public static SafeNativeHandle OpenThread(ThreadAccessRights access, bool inherit, int tid)
        {
            var handle = NativeOpenThread(access, inherit, tid);

            if (handle.IsInvalid)
            {
                throw new Win32Exception();
            }

            return(handle);
        }
        /// <summary>
        /// Get accessible threads for a process.
        /// </summary>
        /// <param name="desired_access">The desired access for the threads</param>
        /// <returns>The list of threads</returns>
        public IEnumerable <NtThread> GetThreads(ThreadAccessRights desired_access)
        {
            List <NtThread>        handles        = new List <NtThread>();
            SafeKernelObjectHandle current_handle = new SafeKernelObjectHandle(IntPtr.Zero, false);
            NtStatus status = NtSystemCalls.NtGetNextThread(Handle, current_handle, desired_access, AttributeFlags.None, 0, out current_handle);

            while (status == NtStatus.STATUS_SUCCESS)
            {
                handles.Add(new NtThread(current_handle));
                status = NtSystemCalls.NtGetNextThread(Handle, current_handle, desired_access, AttributeFlags.None, 0, out current_handle);
            }
            return(handles);
        }
 public static extern NtStatus NtCreateUserProcess(
     out SafeKernelObjectHandle ProcessHandle,
     out SafeKernelObjectHandle ThreadHandle,
     ProcessAccessRights ProcessDesiredAccess,
     ThreadAccessRights ThreadDesiredAccess,
     ObjectAttributes ProcessObjectAttributes,
     ObjectAttributes ThreadObjectAttributes,
     ProcessCreateFlags ProcessFlags,
     ThreadCreateFlags ThreadFlags,
     IntPtr ProcessParameters,
     [In, Out] ProcessCreateInfo CreateInfo,
     [In, Out] ProcessAttributeList AttributeList
     );
 public static extern NtStatus NtCreateThreadEx(
     out SafeKernelObjectHandle ThreadHandle,
     ThreadAccessRights DesiredAccess,
     [In] ObjectAttributes ObjectAttributes,
     SafeKernelObjectHandle ProcessHandle,
     IntPtr StartRoutine,
     IntPtr Argument,
     ThreadCreateFlags CreateFlags,
     IntPtr ZeroBits,
     IntPtr StackSize,
     IntPtr MaximumStackSize,
     ProcessAttributeList AttributeList
     );
Пример #9
0
        private static NtThread GetCurrentThread(ThreadAccessRights access, bool pseudo_handle)
        {
            if (pseudo_handle)
            {
                return(NtThread.Current);
            }
            else if ((access & ThreadAccessRights.MaximumAllowed) == ThreadAccessRights.MaximumAllowed)
            {
                return(NtThread.Current.Duplicate());
            }

            return(NtThread.Current.Duplicate(access));
        }
Пример #10
0
        static SafeFileHandle Open(this ProcessThread thread, ThreadAccessRights access)
        {
            if (thread == null)
            {
                throw new ArgumentNullException("thread");
            }

            IntPtr handle = OpenThread(access, false, thread.Id);

            if (handle == IntPtr.Zero)
            {
                throw new Win32Exception();
            }

            return(new SafeFileHandle(handle, true));
        }
Пример #11
0
 public static extern NtStatus NtOpenThread(out SafeKernelObjectHandle ThreadHandle,
                                            ThreadAccessRights DesiredAccess, ObjectAttributes ObjectAttributes, ClientId ClientId);
Пример #12
0
 public static extern IntPtr OpenThread(ThreadAccessRights dwDesiredAccess, bool bInheritHandle, uint dwThreadId);
Пример #13
0
 public static extern IntPtr OpenThread(ThreadAccessRights accessMask, bool inheritHandle, int tid);
 /// <summary>
 /// Constructor.
 /// </summary>
 public GetNtThreadCmdlet()
 {
     Access = ThreadAccessRights.MaximumAllowed;
     ThreadId = -1;
     ProcessId = -1;
 }
Пример #15
0
 private static extern SafeNativeHandle NativeOpenThread(
     ThreadAccessRights dwDesiredAccess,
     bool bInheritHandle,
     int dwThreadId
     );
Пример #16
0
 static extern IntPtr OpenThread(ThreadAccessRights access, bool inheritHandle, int threadID);
Пример #17
0
 public void AddAuditRule(IdentityReference identityReference, ThreadAccessRights accessMask, AuditFlags flags)
 {
     AddAuditRule(new ThreadAuditRule(identityReference, accessMask, flags));
 }
Пример #18
0
 /// <summary>
 /// Constructor.
 /// </summary>
 public GetNtThreadCmdlet()
 {
     Access    = ThreadAccessRights.MaximumAllowed;
     ThreadId  = -1;
     ProcessId = -1;
 }
Пример #19
0
 public void AddAuditRule(IdentityReference identityReference, ThreadAccessRights accessMask, AuditFlags flags)
 {
     AddAuditRule(new ThreadAuditRule(identityReference, accessMask, flags));
 }
Пример #20
0
 internal static extern IntPtr OpenThread(
     [In] ThreadAccessRights dwDesiredAccess,
     [In, MarshalAs(UnmanagedType.Bool)] bool bInheritHandle,
     [In] int dwProcessId);
Пример #21
0
 public ThreadAuditRule(IdentityReference identity, ThreadAccessRights accessRights, AuditFlags type)
     : base(identity, (int)accessRights, false, InheritanceFlags.None, PropagationFlags.None, type)
 {
 }
Пример #22
0
 public void AddAccessRule(IdentityReference identityReference, ThreadAccessRights accessMask, AccessControlType type)
 {
     AddAccessRule(new ThreadAccessRule(identityReference, accessMask, type));
 }
Пример #23
0
 public void AddAccessRule(IdentityReference identityReference, ThreadAccessRights accessMask, AccessControlType type)
 {
     AddAccessRule(new ThreadAccessRule(identityReference, accessMask, type));
 }
Пример #24
0
 public ThreadAuditRule(IdentityReference identity, ThreadAccessRights accessRights, AuditFlags type)
     : base(identity, (int)accessRights, false, InheritanceFlags.None, PropagationFlags.None, type)
 {
 }