Пример #1
0
 public static IntPtr CreateRemoteThread(
     Process p,
     IntPtr address,
     IntPtr param,
     CreateThreadFlags flags)
 {
     return(Kernel32.CreateRemoteThread(p.Id, address, param, flags));
 }
Пример #2
0
        public static IntPtr CreateRemoteThread(
            int pid,
            IntPtr address,
            IntPtr param,
            CreateThreadFlags flags)
        {
            IntPtr processHandle = Kernel32.GetProcessHandle(new IntPtr(pid), ProcessAccessFlags.CreateThread | ProcessAccessFlags.VMOperation | ProcessAccessFlags.VMRead | ProcessAccessFlags.VMWrite | ProcessAccessFlags.QueryInformation);
            IntPtr remoteThread  = Kernel32.CreateRemoteThread(processHandle, IntPtr.Zero, 0U, address, param, (uint)flags, IntPtr.Zero);

            if (remoteThread == IntPtr.Zero)
            {
                throw new Win32Exception(Marshal.GetLastWin32Error());
            }
            Kernel32.CloseProcessHandle(processHandle);
            return(remoteThread);
        }
Пример #3
0
        public static bool CallRemoteFunction(int pid, string module, string function, IntPtr param)
        {
            IntPtr hModule     = Kernel32.LoadLibraryEx(module, LoadLibraryFlags.LoadAsDataFile);
            IntPtr procAddress = Kernel32.GetProcAddress(hModule, function);

            if (hModule == IntPtr.Zero || procAddress == IntPtr.Zero)
            {
                return(false);
            }
            IntPtr remoteThread = Kernel32.CreateRemoteThread(pid, procAddress, param, CreateThreadFlags.RunImmediately);

            if (remoteThread != IntPtr.Zero)
            {
                int num = (int)Kernel32.WaitForSingleObject(remoteThread, uint.MaxValue);
            }
            return(remoteThread != IntPtr.Zero);
        }